Update metadata query (#4350)

* Update adobe-component-login.yaml

* Update cold-fusion-cfcache-map.yaml

* Update unpatched-coldfusion.yaml

* Update coldfusion-debug-xss.yaml

* Update CVE-2020-11978.yaml

* Update CVE-2020-13927.yaml

* Update CVE-2021-38540.yaml

* Update CVE-2021-44451.yaml

* Update CVE-2022-24288.yaml

* Update airflow-debug.yaml

* Update airflow-detect.yaml

* Update CVE-2010-0219.yaml

* Update apache-axis-detect.yaml

* Update CVE-2020-11991.yaml

* Update apache-cocoon-detect.yaml

* Update CVE-2021-21402.yaml

* Update jellyfin-detect.yaml

* Update CVE-2021-21402.yaml

* Update CVE-2021-21402.yaml

* Update ecology-arbitrary-file-upload.yaml

* Update ecology-v8-sqli.yaml

* Update ecology-syncuserinfo-sqli.yaml

* Update ecology-filedownload-directory-traversal.yaml

* Update CNVD-2021-15822.yaml

* Update dedecms-carbuyaction-fileinclude.yaml

* Update dedecms-openredirect.yaml

* Update tamronos-rce.yaml

* Update natshell-path-traversal.yaml
patch-1
Ritik Chaddha 2022-05-12 19:48:36 +05:30 committed by GitHub
parent f24abcdb51
commit 27a039a70c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
26 changed files with 67 additions and 2 deletions

View File

@ -6,6 +6,10 @@ info:
severity: high
reference:
- https://mp.weixin.qq.com/s/69cDWCDoVXRhehqaHPgYog
metadata:
verified: true
shodan-query: title:"ShopXO企业级B2C电商系统提供商"
fofa-query: app="ShopXO企业级B2C电商系统提供商"
tags: shopxo,lfi,cnvd,cnvd2021
requests:

View File

@ -10,6 +10,8 @@ info:
- https://knowledge.broadcom.com/external/article/13994/vulnerability-axis2-default-administrato.html
classification:
cve-id: CVE-2010-0219
metadata:
shodan-query: http.html:"Apache Axis"
tags: cve,cve2010,axis,apache,default-login,axis2
requests:

View File

@ -16,6 +16,9 @@ info:
cvss-score: 8.8
cve-id: CVE-2020-11978
cwe-id: CWE-77
metadata:
verified: true
shodan-query: http.html:"Apache Airflow" || title:"Airflow - DAGs"
tags: cve,cve2020,apache,airflow,rce
requests:

View File

@ -15,6 +15,8 @@ info:
cve-id: CVE-2020-11991
cwe-id: CWE-611
remediation: Upgrade to Apache Cocoon 2.1.13 or later.
metadata:
shodan-query: http.html:"Apache Cocoon"
tags: cve,cve2020,apache,xml,cocoon,xxe
requests:

View File

@ -14,6 +14,9 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2020-13927
metadata:
verified: true
shodan-query: title:"Airflow - DAGs" || http.html:"Apache Airflow"
tags: cve,cve2020,apache,airflow,unauth
requests:

View File

@ -15,6 +15,10 @@ info:
cvss-score: 6.5
cve-id: CVE-2021-21402
cwe-id: CWE-22
metadata:
verified: true
shodan-query: http.html:"Jellyfin"
fofa-query: title="Jellyfin" || body="http://jellyfin.media"
tags: cve,cve2021,jellyfin,lfi
requests:

View File

@ -14,6 +14,7 @@ info:
cve-id: CVE-2021-38540
cwe-id: CWE-306
metadata:
verified: true
shodan-query: title:"Sign In - Airflow"
tags: cve,cve2021,apache,airflow,rce

View File

@ -11,6 +11,9 @@ info:
classification:
cve-id: CVE-2021-44451
remediation: Users should upgrade to Apache Superset 1.4.0 or higher.
metadata:
verified: true
shodan-query: title:"Superset"
tags: cve,cve2021,apache,superset,default-login
requests:

View File

@ -15,7 +15,8 @@ info:
cve-id: CVE-2022-24288
cwe-id: CWE-78
metadata:
shodan-query: title:"Airflow - DAGs"
verified: true
shodan-query: title:"Airflow - DAGs" || http.html:"Apache Airflow"
tags: cve,cve2022,airflow,rce
requests:

View File

@ -9,6 +9,8 @@ info:
- https://www.exploit-db.com/ghdb/6846
classification:
cwe-id: CWE-200
metadata:
shodan-query: http.component:"Adobe ColdFusion"
tags: panel,adobe,coldfusion
requests:

View File

@ -6,6 +6,8 @@ info:
severity: low
reference:
- https://securiteam.com/windowsntfocus/5bp081f0ac/
metadata:
shodan-query: http.component:"Adobe ColdFusion"
tags: exposure,coldfusion,adobe
requests:

View File

@ -7,6 +7,8 @@ info:
reference:
- https://helpx.adobe.com/security/products/coldfusion/apsb21-16.html
- https://twitter.com/Daviey/status/1374070630283415558
metadata:
shodan-query: http.component:"Adobe ColdFusion"
tags: rce,adobe,misc,coldfusion
requests:

View File

@ -4,6 +4,9 @@ info:
name: Airflow Debug Trace
author: pdteam
severity: low
metadata:
verified: true
shodan-query: title:"Airflow - DAGs"
tags: apache,airflow,fpd
requests:

View File

@ -4,6 +4,9 @@ info:
name: Apache Airflow
author: pdteam
severity: info
metadata:
verified: true
shodan-query: http.html:"Apache Airflow"
tags: tech,apache,airflow
requests:

View File

@ -5,6 +5,9 @@ info:
author: dogasantos
severity: info
description: Axis and Axis2 detection
metadata:
verified: true
shodan-query: http.html:"Apache Axis"
tags: tech,axis2,middleware,apache
requests:

View File

@ -5,6 +5,8 @@ info:
author: ffffffff0x
severity: info
metadata:
verified: true
shodan-query: http.html:"Apache Cocoon"
fofa-query: app="APACHE-Cocoon"
tags: apache,cocoon,tech

View File

@ -4,6 +4,9 @@ info:
name: Jellyfin detected
author: dwisiswant0
severity: info
metadata:
verified: true
shodan-query: http.html:"Jellyfin"
tags: tech,jellyfin
requests:

View File

@ -6,6 +6,8 @@ info:
severity: medium
reference:
- https://mp.weixin.qq.com/s/wH5luLISE_G381W2ssv93g
metadata:
fofa-query: app="泛微-协同办公OA"
tags: ecology,upload,fileupload,intrusive
requests:

View File

@ -7,6 +7,8 @@ info:
description: The remote Adobe ColdFusion debug page has been left open to unauthenticated users, this could allow remote attackers to trigger a reflected cross site scripting against the visitors of the site.
reference:
- https://github.com/jaeles-project/jaeles-signatures/blob/master/common/coldfusion-debug-xss.yaml
metadata:
shodan-query: http.component:"Adobe ColdFusion"
tags: adobe,coldfusion,xss
requests:

View File

@ -7,6 +7,9 @@ info:
description: A vulnerability in DedeCMS's 'carbuyaction.php' endpoint allows remote attackers to return the content of locally stored files via a vulnerability in the 'code' parameter.
reference:
- https://www.cnblogs.com/milantgh/p/3615986.html
metadata:
verified: true
shodan-query: http.html:"power by dedecms" || title:"dedecms"
tags: dedecms
requests:

View File

@ -6,6 +6,9 @@ info:
severity: low
reference:
- https://blog.csdn.net/ystyaoshengting/article/details/82734888
metadata:
verified: true
shodan-query: http.html:"power by dedecms" || title:"dedecms"
tags: dedecms,redirect
requests:

View File

@ -4,6 +4,8 @@ info:
name: Ecology Directory Traversal
author: princechaddha
severity: medium
metadata:
fofa-query: app="泛微-协同办公OA"
tags: ecology,lfi
requests:

View File

@ -6,6 +6,8 @@ info:
severity: high
reference:
- https://www.weaver.com.cn/
metadata:
fofa-query: app="泛微-协同办公OA"
tags: ecology,sqli
requests:

View File

@ -6,6 +6,8 @@ info:
severity: high
reference:
- http://wiki.peiqi.tech/PeiQi_Wiki/OA%E4%BA%A7%E5%93%81%E6%BC%8F%E6%B4%9E/%E6%B3%9B%E5%BE%AEOA/%E6%B3%9B%E5%BE%AEOA%20V8%20SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.html
metadata:
fofa-query: app="泛微-协同办公OA"
tags: ecology,sqli
requests:

View File

@ -6,6 +6,8 @@ info:
severity: high
reference:
- https://mp.weixin.qq.com/s/g4YNI6UBqIQcKL0TRkKWlw
metadata:
fofa-query: title="蓝海卓越计费管理系统"
tags: natshell,lfi
requests:

View File

@ -6,6 +6,10 @@ info:
severity: critical
reference:
- https://twitter.com/sec715/status/1405336456923471874
metadata:
verified: true
shodan-query: title:"TamronOS IPTV系统"
fofa-query: title="TamronOS IPTV系统"
tags: tamronos,rce
requests: