diff --git a/.github/workflows/cache-purge.yml b/.github/workflows/cache-purge.yml deleted file mode 100644 index 1432e0b73f..0000000000 --- a/.github/workflows/cache-purge.yml +++ /dev/null @@ -1,22 +0,0 @@ -name: 🗑️ Cache Purge - -on: - push: - tags: - - '*' - workflow_dispatch: - -jobs: - deploy: - runs-on: ubuntu-latest - if: github.repository == 'projectdiscovery/nuclei-templates' - steps: - # Wait for 5 minutes - - name: Wait for 2 minutes - run: sleep 120 - - - name: Purge cache - uses: jakejarvis/cloudflare-purge-action@master - env: - CLOUDFLARE_ZONE: ${{ secrets.CLOUDFLARE_ZONE }} - CLOUDFLARE_TOKEN: ${{ secrets.CLOUDFLARE_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/syntax-checking.yml b/.github/workflows/syntax-checking.yml index 96947c547c..e538a4a805 100644 --- a/.github/workflows/syntax-checking.yml +++ b/.github/workflows/syntax-checking.yml @@ -9,6 +9,7 @@ on: jobs: build: runs-on: ubuntu-latest + if: github.repository == 'projectdiscovery/nuclei-templates' steps: - uses: actions/checkout@v4 - name: Yamllint diff --git a/.github/workflows/template-sign.yml b/.github/workflows/template-sign.yml index e61b2d7f09..3e2daae036 100644 --- a/.github/workflows/template-sign.yml +++ b/.github/workflows/template-sign.yml @@ -11,6 +11,7 @@ on: jobs: build: runs-on: ubuntu-latest + if: github.repository == 'projectdiscovery/nuclei-templates' steps: - uses: actions/checkout@v4 with: diff --git a/.github/workflows/template-validate.yml b/.github/workflows/template-validate.yml index 0df4a5ea3c..13a64741d8 100644 --- a/.github/workflows/template-validate.yml +++ b/.github/workflows/template-validate.yml @@ -9,6 +9,7 @@ on: jobs: build: runs-on: ubuntu-latest + if: github.repository == 'projectdiscovery/nuclei-templates' steps: - uses: actions/checkout@v4 with: diff --git a/.github/workflows/templates-stats.yml b/.github/workflows/templates-stats.yml index 897666522d..6f25ab5bff 100644 --- a/.github/workflows/templates-stats.yml +++ b/.github/workflows/templates-stats.yml @@ -9,6 +9,7 @@ on: jobs: build: runs-on: ubuntu-latest + if: github.repository == 'projectdiscovery/nuclei-templates' steps: - uses: actions/checkout@v4 with: diff --git a/.github/workflows/templates-sync.yml b/.github/workflows/templates-sync.yml index f5db5acabc..396d848f79 100644 --- a/.github/workflows/templates-sync.yml +++ b/.github/workflows/templates-sync.yml @@ -9,6 +9,7 @@ on: - 'http/cves/2023/CVE-2023-42344.yaml' - 'http/cves/2023/CVE-2023-45671.yaml' - 'http/cves/2023/CVE-2023-48777.yaml' + - 'http/cves/2023/CVE-2023-6895.yaml' - 'http/cves/2024/CVE-2024-0305.yaml' - 'http/cves/2024/CVE-2024-0713.yaml' - 'http/cves/2024/CVE-2024-1021.yaml' @@ -25,7 +26,9 @@ on: - 'http/default-logins/ibm/ibm-dcec-default-login.yaml' - 'http/default-logins/ibm/ibm-dsc-default-login.yaml' - 'http/default-logins/ibm/ibm-hmc-default-login.yaml' + - 'http/default-logins/ibm/imm-default-login.yaml' - 'http/exposed-panels/c2/meduza-stealer.yaml' + - 'http/exposed-panels/cisco-unity-panel.yaml' - 'http/exposed-panels/connectwise-panel.yaml' - 'http/exposed-panels/fortinet/fortiauthenticator-detect.yaml' - 'http/exposed-panels/ibm/ibm-dcec-panel.yaml' @@ -38,6 +41,7 @@ on: - 'http/exposed-panels/opinio-panel.yaml' - 'http/exposed-panels/rocketchat-panel.yaml' - 'http/exposures/configs/sphinxsearch-config.yaml' + - 'http/misconfiguration/cloudflare-rocketloader-htmli.yaml' - 'http/misconfiguration/installer/connectwise-setup.yaml' - 'http/technologies/ibm/ibm-decision-runner.yaml' - 'http/technologies/ibm/ibm-decision-server-runtime.yaml' @@ -49,6 +53,7 @@ on: workflow_dispatch: jobs: triggerRemoteWorkflow: + if: github.repository == 'projectdiscovery/nuclei-templates' runs-on: ubuntu-latest steps: - name: Trigger Remote Workflow with curl diff --git a/.github/workflows/wordpress-plugins-update.yml b/.github/workflows/wordpress-plugins-update.yml index ac59e51074..649e928454 100644 --- a/.github/workflows/wordpress-plugins-update.yml +++ b/.github/workflows/wordpress-plugins-update.yml @@ -6,6 +6,7 @@ on: jobs: Update: runs-on: ubuntu-latest + if: github.repository == 'projectdiscovery/nuclei-templates' steps: - name: Check out repository code uses: actions/checkout@v4 diff --git a/.new-additions b/.new-additions index 48466dad65..867ea6a73d 100644 --- a/.new-additions +++ b/.new-additions @@ -4,6 +4,7 @@ http/cves/2023/CVE-2023-38203.yaml http/cves/2023/CVE-2023-42344.yaml http/cves/2023/CVE-2023-45671.yaml http/cves/2023/CVE-2023-48777.yaml +http/cves/2023/CVE-2023-6895.yaml http/cves/2024/CVE-2024-0305.yaml http/cves/2024/CVE-2024-0713.yaml http/cves/2024/CVE-2024-1021.yaml @@ -20,7 +21,9 @@ http/default-logins/ibm/ibm-dcbc-default-login.yaml http/default-logins/ibm/ibm-dcec-default-login.yaml http/default-logins/ibm/ibm-dsc-default-login.yaml http/default-logins/ibm/ibm-hmc-default-login.yaml +http/default-logins/ibm/imm-default-login.yaml http/exposed-panels/c2/meduza-stealer.yaml +http/exposed-panels/cisco-unity-panel.yaml http/exposed-panels/connectwise-panel.yaml http/exposed-panels/fortinet/fortiauthenticator-detect.yaml http/exposed-panels/ibm/ibm-dcec-panel.yaml @@ -33,6 +36,7 @@ http/exposed-panels/openvas-panel.yaml http/exposed-panels/opinio-panel.yaml http/exposed-panels/rocketchat-panel.yaml http/exposures/configs/sphinxsearch-config.yaml +http/misconfiguration/cloudflare-rocketloader-htmli.yaml http/misconfiguration/installer/connectwise-setup.yaml http/technologies/ibm/ibm-decision-runner.yaml http/technologies/ibm/ibm-decision-server-runtime.yaml diff --git a/.nuclei-ignore b/.nuclei-ignore index ddaae06f78..65c1838471 100644 --- a/.nuclei-ignore +++ b/.nuclei-ignore @@ -32,3 +32,6 @@ files: - http/cves/2020/CVE-2020-28351.yaml - http/vulnerabilities/oracle/oracle-ebs-xss.yaml - http/cves/2021/CVE-2021-28164.yaml + - http/fuzzing/wordpress-themes-detect.yaml + - http/fuzzing/mdb-database-file.yaml + - http/fuzzing/iis-shortname.yaml \ No newline at end of file diff --git a/code/cves/2019/CVE-2019-14287.yaml b/code/cves/2019/CVE-2019-14287.yaml index 7383293454..2a8c21ffbb 100644 --- a/code/cves/2019/CVE-2019-14287.yaml +++ b/code/cves/2019/CVE-2019-14287.yaml @@ -9,11 +9,22 @@ info: reference: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14287 - https://www.exploit-db.com/exploits/47502 + - http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00042.html + - http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00047.html + - http://packetstormsecurity.com/files/154853/Slackware-Security-Advisory-sudo-Updates.html + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-score: 8.8 + cve-id: CVE-2019-14287 + cwe-id: CWE-755 + epss-score: 0.34299 + epss-percentile: 0.96958 + cpe: cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:* metadata: verified: true max-request: 2 - vendor: canonical - product: ubuntu_linux + vendor: sudo_project + product: sudo tags: cve,cve2019,sudo,code,linux,privesc,local,canonical self-contained: true @@ -36,4 +47,4 @@ code: - '!contains(code_1_response, "root")' - 'contains(code_2_response, "root")' condition: and -# digest: 4b0a00483046022100f4f8e722b5f42a0123c6f1f8f54ac645f9d05fcd3cfef40c38b610291978a5e00221009d44ff15e4eea65e3fcb18aeece52355879b009f9a7246c145abdaf23807e2ea:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402205d953c6f0c1352f39f1035d518dc38cffe2165dfb1f4ddd270434e7dbb790c1102200423935d03c0eafff4702b083c0d5da821affb591901209cd6d087644114abdf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/cves/2021/CVE-2021-3156.yaml b/code/cves/2021/CVE-2021-3156.yaml index 3004515a10..ff8dab6fe8 100644 --- a/code/cves/2021/CVE-2021-3156.yaml +++ b/code/cves/2021/CVE-2021-3156.yaml @@ -10,8 +10,20 @@ info: - https://medium.com/mii-cybersec/privilege-escalation-cve-2021-3156-new-sudo-vulnerability-4f9e84a9f435 - https://blog.qualys.com/vulnerabilities-threat-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit - https://infosecwriteups.com/baron-samedit-cve-2021-3156-tryhackme-76d7dedc3cff + - http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html + - http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html + classification: + cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-score: 7.8 + cve-id: CVE-2021-3156 + cwe-id: CWE-193 + epss-score: 0.97085 + epss-percentile: 0.99752 + cpe: cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:* metadata: verified: true + vendor: sudo_project + product: sudo tags: cve,cve2021,sudo,code,linux,privesc,local,kev self-contained: true @@ -28,4 +40,4 @@ code: - "malloc(): memory corruption" - "Aborted (core dumped)" condition: and -# digest: 490a00463044022074b8ca1a10aca438432f3b6e55023b9c80357eb5a6f2ac795774b7d44e85188e02201a3af75f86a975548121afe1ab1faf6ade2d1e89d05200b4e6990e97af56af36:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220494a1c88897c9697f8d55a15b5ba0990a64225974efa03ca485ae5ebe4c2bcf0022019eb5fcd9dd61429f3964b64b263aec23e0193b30d695284d275818b9c38812d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/cves/2023/CVE-2023-2640.yaml b/code/cves/2023/CVE-2023-2640.yaml index 8554bd8a9d..ea23ad4579 100644 --- a/code/cves/2023/CVE-2023-2640.yaml +++ b/code/cves/2023/CVE-2023-2640.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.8 cve-id: CVE-2023-2640 cwe-id: CWE-863 - epss-score: 0.00047 - epss-percentile: 0.14754 + epss-score: 0.00174 + epss-percentile: 0.53697 cpe: cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:*:*:*:* metadata: verified: true @@ -54,4 +54,4 @@ code: - '!contains(code_1_response, "(root)")' - 'contains(code_2_response, "(root)")' condition: and -# digest: 4a0a00473045022100a20c4d30517d6bd96f1a97d3fca9e29bd1f686eeb9192a3f503a5bddffeda9fe022020188e4f25e79706197eab61598d64679c02828a0aedf7f496b5fbe14707ec90:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100b7d65ed4d77da164c62392e9367361cd521cd12c1746e27d4865c7913b4250910220243bd991082f86b48587a9ec336c51a545db1464e12ebbbfc0ee5128bc2cb27f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/cves/2023/CVE-2023-4911.yaml b/code/cves/2023/CVE-2023-4911.yaml index 130d2597cb..d96f5b0e87 100644 --- a/code/cves/2023/CVE-2023-4911.yaml +++ b/code/cves/2023/CVE-2023-4911.yaml @@ -10,16 +10,21 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-4911 - https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt - https://www.youtube.com/watch?v=1iV-CD9Apn8 + - http://www.openwall.com/lists/oss-security/2023/10/05/1 + - http://www.openwall.com/lists/oss-security/2023/10/13/11 classification: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.8 cve-id: CVE-2023-4911 - cwe-id: CWE-787 - cpe: cpe:2.3:a:gnu:glibc:-:*:*:*:*:*:*:* + cwe-id: CWE-787,CWE-122 + epss-score: 0.0171 + epss-percentile: 0.87439 + cpe: cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: glibc - tags: cve,cve2023,code,glibc,looneytunables,linux,privesc,local + vendor: gnu + product: glibc + tags: cve,cve2023,code,glibc,looneytunables,linux,privesc,local,kev self-contained: true code: @@ -34,4 +39,4 @@ code: - type: word words: - "139" # Segmentation Fault Exit Code -# digest: 4a0a004730450220420ab1d35c89225b917a344669e743fa83b79698910c4f87a5124f2dfaae54cd022100d122ece9eaba7f9bfc32d229e79d56b127da02ce4e5cf4034ecebfd9da56a9a2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f0ab74cd6ae5323c4a571e6c858cbbb8ced3b3b2b8dbb8d8c65b380a03a28f8302203aced1de4878bced98bb7d6bd296b9187a2d4795325e1f62debb338f363295f5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/cves/2023/CVE-2023-6246.yaml b/code/cves/2023/CVE-2023-6246.yaml index d4dc164656..25c06d08fb 100644 --- a/code/cves/2023/CVE-2023-6246.yaml +++ b/code/cves/2023/CVE-2023-6246.yaml @@ -9,15 +9,21 @@ info: reference: - https://nvd.nist.gov/vuln/detail/CVE-2023-6246 - https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt + - https://access.redhat.com/security/cve/CVE-2023-6246 + - https://bugzilla.redhat.com/show_bug.cgi?id=2249053 + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/ classification: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.8 cve-id: CVE-2023-6246 - cwe-id: CWE-787 + cwe-id: CWE-787,CWE-122 + epss-score: 0.00383 + epss-percentile: 0.72435 cpe: cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: glibc + vendor: gnu + product: glibc tags: cve,cve2023,code,glibc,linux,privesc,local self-contained: true @@ -33,4 +39,4 @@ code: - type: word words: - "127" # Segmentation Fault Exit Code -# digest: 4a0a00473045022100fec914f6ee85b53ab611e26476cba7da42e11cdcb33c935a2d003c74c7312b1302207b65c84f8435932f1aa050019f6aaf899442187cf9630df934cf9086bd94a2f6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100816db78414b7bafd0437ce9725201733ffd4c96f285f1cdbe48e08e348e67372022040042ed5d64ab0b2bc48789dd519af760226f155f1764ee76b460937ee89a839:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/privilege-escalation/linux/binary/privesc-choom.yaml b/code/privilege-escalation/linux/binary/privesc-choom.yaml index e1ace50aba..fa9675d582 100644 --- a/code/privilege-escalation/linux/binary/privesc-choom.yaml +++ b/code/privilege-escalation/linux/binary/privesc-choom.yaml @@ -9,8 +9,8 @@ info: reference: - https://gtfobins.github.io/gtfobins/choom/ metadata: - max-request: 3 verified: true + max-request: 3 tags: code,linux,choom,privesc,local self-contained: true @@ -46,4 +46,4 @@ code: - 'contains(code_2_response, "root")' - 'contains(code_3_response, "root")' condition: or -# digest: 4a0a0047304502203b1238ca7d9be64f51e9162022deaf76b02898053cbb3511377e76228d3d79ef0221008b6aa349a17b0a16a0d0949f1797c8e111d2498185b88fe99c326c60c59167c9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100cd0a7dc9b51ef8f3f850d3fde75e025e13c61b464ac044825ac70107c66db1de0220290c09bd78a4e25f5cabc659f9441a3c168a1ca2c226f0ddf9316de01eb30461:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/privilege-escalation/linux/binary/privesc-find.yaml b/code/privilege-escalation/linux/binary/privesc-find.yaml index 83be694188..ed1fd52b51 100644 --- a/code/privilege-escalation/linux/binary/privesc-find.yaml +++ b/code/privilege-escalation/linux/binary/privesc-find.yaml @@ -9,8 +9,8 @@ info: reference: - https://gtfobins.github.io/gtfobins/find/ metadata: - max-request: 3 verified: true + max-request: 3 tags: code,linux,find,privesc,local self-contained: true @@ -46,4 +46,4 @@ code: - 'contains(code_2_response, "root")' - 'contains(code_3_response, "root")' condition: or -# digest: 4b0a0048304602210093227e768a659e1747e4dd5d82e25ade3f152549f159b967327082c90677fc5e022100ba7d7a12344d88ac9ec3c0832b25af9d1ef25fe4470e6963b2f3ae814c844e89:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207f55b1ac220ad114cf5cd2341a388a3860f134489b662ff708d8553b7156207a02201bddad6e9a46aa5b077f01de8b269b2797007741d8c6f38b9ddc7724462497e5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/privilege-escalation/linux/binary/privesc-lua.yaml b/code/privilege-escalation/linux/binary/privesc-lua.yaml index c5d43374de..341fbb7fa5 100644 --- a/code/privilege-escalation/linux/binary/privesc-lua.yaml +++ b/code/privilege-escalation/linux/binary/privesc-lua.yaml @@ -9,8 +9,8 @@ info: reference: - https://gtfobins.github.io/gtfobins/lua/ metadata: - max-request: 3 verified: true + max-request: 3 tags: code,linux,lua,privesc,local self-contained: true @@ -46,4 +46,4 @@ code: - 'contains(code_2_response, "root")' - 'contains(code_3_response, "root")' condition: or -# digest: 4a0a00473045022033fd3387c3085b4f8e3a7ced68a4e324ba82f7e683a8c29e5ab32c1975a8fe4b02210097eb732caf95609123a361436265388bba8c2c95fcba6ddaf6504d3a5b19c19f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202ed356f302529ce69de66a24987b78693c5d679a4340425ad29a76fa63db81ab022100a1157d5ab30c98ef4366d8cba600703686a43211b15ce7d17e4fc07a79db5a8f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/privilege-escalation/linux/binary/privesc-mysql.yaml b/code/privilege-escalation/linux/binary/privesc-mysql.yaml index 6865f91dbf..50a454b6d9 100644 --- a/code/privilege-escalation/linux/binary/privesc-mysql.yaml +++ b/code/privilege-escalation/linux/binary/privesc-mysql.yaml @@ -9,8 +9,8 @@ info: reference: - https://gtfobins.github.io/gtfobins/mysql/ metadata: - max-request: 3 verified: true + max-request: 3 tags: code,linux,mysql,privesc,local self-contained: true @@ -46,4 +46,4 @@ code: - 'contains(code_2_response, "root")' - 'contains(code_3_response, "root")' condition: or -# digest: 4b0a00483046022100fa6772f8e48a5c9ac87ddba3ecc262a59d16d9cba527623da8f5cdf9509e44880221008cff1c5a77c27a1f59d943884498c8d1499da98e6ecf7e1d63851de4ae9fa76c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502205cfddd58041ea672c83a850b34e77b9b635e71f934118d2a1ab9ab3ca660e13b022100eec2e1232af1d0b4686fc284278197db41fa3a289488abb2936a1186b85e3e26:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/privilege-escalation/linux/binary/privesc-node.yaml b/code/privilege-escalation/linux/binary/privesc-node.yaml index ebb32c926c..26c6458229 100644 --- a/code/privilege-escalation/linux/binary/privesc-node.yaml +++ b/code/privilege-escalation/linux/binary/privesc-node.yaml @@ -9,8 +9,8 @@ info: reference: - https://gtfobins.github.io/gtfobins/node/ metadata: - max-request: 4 verified: true + max-request: 4 tags: code,linux,node,privesc,local self-contained: true @@ -53,4 +53,4 @@ code: - 'contains(code_3_response, "root")' - 'contains(code_4_response, "root")' condition: or -# digest: 4b0a00483046022100e32f25ba4a83d9d265aa187532f0090ba2fdf1beb89235113b4caeed36413ac30221008ecd529618da3ad2ed65e939b4233529614a005b87fd760bbeeb95de2e78746f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c2fb7e0f1c8874aa30b7cbf614269bbd607e7679a738d4e4b6e6d5cafdf8faa1022100af88ace2a97d251334aeefafdfbd07471443304b4505d49f1edf432f53b5e43a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/privilege-escalation/linux/binary/privesc-rc.yaml b/code/privilege-escalation/linux/binary/privesc-rc.yaml index 8136f4c0bf..8062db6e4f 100644 --- a/code/privilege-escalation/linux/binary/privesc-rc.yaml +++ b/code/privilege-escalation/linux/binary/privesc-rc.yaml @@ -9,8 +9,8 @@ info: reference: - https://gtfobins.github.io/gtfobins/rc/ metadata: - max-request: 3 verified: true + max-request: 3 tags: code,linux,rc,privesc,local self-contained: true @@ -46,4 +46,4 @@ code: - 'contains(code_2_response, "root")' - 'contains(code_3_response, "root")' condition: or -# digest: 4a0a004730450220665e08a8d241b76abc6c9f908b6c953eeebccc153af1c165958c388f1a57c3eb02210091d8e2364f4c48b2fd9d8b64222760ce398677386e5d185fc86425ea5ed10527:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202a315bdc26f4d35efa4a6f698d5324b05e6f7d849772f27996dd0e04ac0edd5b022100cb3566b03c81b4ced70cb1bf221db42da3f9262c3ce4790664bc215a0b623abf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/privilege-escalation/linux/binary/privesc-run-parts.yaml b/code/privilege-escalation/linux/binary/privesc-run-parts.yaml index 31b208a6d7..4cf9ce7a08 100644 --- a/code/privilege-escalation/linux/binary/privesc-run-parts.yaml +++ b/code/privilege-escalation/linux/binary/privesc-run-parts.yaml @@ -8,8 +8,8 @@ info: The run-parts command in Linux is used to run all the executable files in a directory. It is commonly used for running scripts or commands located in a specific directory, such as system maintenance scripts in /etc/cron.daily. The run-parts command provides a convenient way to execute multiple scripts or commands in a batch manner. reference: https://gtfobins.github.io/gtfobins/run-parts/ metadata: - max-request: 3 verified: true + max-request: 3 tags: code,linux,run-parts,privesc,local self-contained: true @@ -45,4 +45,4 @@ code: - 'contains(code_2_response, "root")' - 'contains(code_3_response, "root")' condition: or -# digest: 490a00463044022055bdbe38258f303b3247dcaaec655d2aca77ff0d5e3d83a8e763840384618a7c02204591a5abce03bc68b647b84a4a4fd59da6d3713256d3494aadc43cf2076778dd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022058411677d700beae571edc83b5da8ff31eaa193dac73ba1515a220842ccabc8d0220151cca60c8ad28b2934984be7d6a187d3dd02ee9cac9a5cc3cd0af97273c6bca:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/privilege-escalation/linux/binary/privesc-strace.yaml b/code/privilege-escalation/linux/binary/privesc-strace.yaml index e5a895596b..8f316ba816 100644 --- a/code/privilege-escalation/linux/binary/privesc-strace.yaml +++ b/code/privilege-escalation/linux/binary/privesc-strace.yaml @@ -9,8 +9,8 @@ info: reference: - https://gtfobins.github.io/gtfobins/strace/ metadata: - max-request: 3 verified: true + max-request: 3 tags: code,linux,strace,privesc,local self-contained: true @@ -46,4 +46,4 @@ code: - 'contains(code_2_response, "root")' - 'contains(code_3_response, "root")' condition: or -# digest: 4a0a004730450221008a56962d3e0bfec8153fae52f4693ee5b8065098d3b7c5e16b5c2f481dcaaeb8022077e7fc1be8079fde76cbf09b10718038a4e013725c9955a91d5b024d02bdd27f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202b121064fdd29dfb40970b3956fcfb830cc7150f895b56913870f21c1f2f5e85022100fd214757ef5ac44a07cfc6fcdcf6da1fe59cd2b44f98829f01fc6af0c58045d8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/privilege-escalation/linux/binary/privesc-torify.yaml b/code/privilege-escalation/linux/binary/privesc-torify.yaml index 51eb949675..93ce6aa580 100644 --- a/code/privilege-escalation/linux/binary/privesc-torify.yaml +++ b/code/privilege-escalation/linux/binary/privesc-torify.yaml @@ -9,8 +9,8 @@ info: reference: - https://gtfobins.github.io/gtfobins/torify/ metadata: - max-request: 3 verified: true + max-request: 3 tags: code,linux,torify,privesc,local self-contained: true @@ -46,4 +46,4 @@ code: - 'contains(code_2_response, "root")' - 'contains(code_3_response, "root")' condition: or -# digest: 4a0a00473045022100fe967badaa42178c43d6c5f965ebd2205cd5636ddceeece364aedd793b317d1902207ad0bc797b16421928d1ec9016ba53809758b9f7603effab908a27decbc3cc74:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221008ca7aa24f7f8fa13b8d43c96981d8fd78a382752f6e2c69dfab164443972b747022100d307d8b9c2054d4731db696fc13198afed46d5b1215a6899b56533661240fc91:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/privilege-escalation/linux/binary/privesc-view.yaml b/code/privilege-escalation/linux/binary/privesc-view.yaml index 67551216c4..5accdeea7e 100644 --- a/code/privilege-escalation/linux/binary/privesc-view.yaml +++ b/code/privilege-escalation/linux/binary/privesc-view.yaml @@ -9,8 +9,8 @@ info: reference: - https://gtfobins.github.io/gtfobins/view/ metadata: - max-request: 3 verified: true + max-request: 3 tags: code,linux,view,privesc,local self-contained: true @@ -46,4 +46,4 @@ code: - 'contains(code_2_response, "root")' - 'contains(code_3_response, "root")' condition: or -# digest: 490a0046304402207dc9a1ca06fcde2705d1a72ee2f792eff2f81f5d00def77fa54eec5d7717c19e02200c984a4f0d0cf94baa16c355ab52265f3dd281cac5bdd92f8ef9242efc087166:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ed64ed48009962a92006b2ce803d0c5189e91ced727a841bc8c31e5d98d1a9b5022009f19b7df531fecde9b1303555d1ec29ba63a49ca1c439b6f48f46552d2d4bb4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/privilege-escalation/linux/binary/privesc-xargs.yaml b/code/privilege-escalation/linux/binary/privesc-xargs.yaml index 23db34f78b..2ed01bb5a3 100644 --- a/code/privilege-escalation/linux/binary/privesc-xargs.yaml +++ b/code/privilege-escalation/linux/binary/privesc-xargs.yaml @@ -9,8 +9,8 @@ info: reference: - https://gtfobins.github.io/gtfobins/xargs/ metadata: - max-request: 3 verified: true + max-request: 3 tags: code,linux,xargs,privesc,local self-contained: true @@ -46,4 +46,4 @@ code: - 'contains(code_2_response, "root")' - 'contains(code_3_response, "root")' condition: or -# digest: 490a0046304402205fac35cdd5142e3afd382d38b77be0b7105cfc23884e7ac5cbba8aa91cfc2bb002202b6c7ebae29c5c300052a85a39f3e30b71788d590bc40b797c1ee96c1f00f267:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022052f887093022e061b40da1eae5a8b4aa8a5f267dfd5f22db005a9076db73cc9a02210093f126e5d0229cf686f3c547dc3466e89afb2a7bf57bbeb790acf65376fcd047:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/privilege-escalation/linux/rw-shadow.yaml b/code/privilege-escalation/linux/rw-shadow.yaml index 0fee852708..0a004a3a05 100644 --- a/code/privilege-escalation/linux/rw-shadow.yaml +++ b/code/privilege-escalation/linux/rw-shadow.yaml @@ -7,8 +7,8 @@ info: reference: - https://book.hacktricks.xyz/linux-hardening/privilege-escalation#writable-etc-shadow metadata: - max-request: 2 verified: true + max-request: 2 tags: code,linux,privesc,local self-contained: true @@ -42,4 +42,4 @@ code: words: - "Not readable and not writable" negative: true -# digest: 490a004630440220516036fa8622068621421ac043a6fb20b6551a6ca3d7851726474cfff7e4d9f902205a1a9ce09b5827f39e2311e6716793a917e29383f5e4d4a4b9a56925afa68e61:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402206152b0b3fe7a164b5583cb921d799f47fdcf9f30da2c32cbbb7248aa7068a13102200b3f49d97a93659dc9f1b56c518921e7e3597478d55eddb1cfc6a76dd45cb968:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cves.json b/cves.json index f9d5082a95..58062848e9 100644 --- a/cves.json +++ b/cves.json @@ -265,6 +265,7 @@ {"ID":"CVE-2015-1427","Info":{"Name":"ElasticSearch - Remote Code Execution","Severity":"high","Description":"ElasticSearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script to the Groovy scripting engine.","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2015/CVE-2015-1427.yaml"} {"ID":"CVE-2015-1503","Info":{"Name":"IceWarp Mail Server \u003c11.1.1 - Directory Traversal","Severity":"high","Description":"IceWarp Mail Server versions prior to 11.1.1 suffer from a directory traversal vulnerability.","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2015/CVE-2015-1503.yaml"} {"ID":"CVE-2015-1579","Info":{"Name":"WordPress Slider Revolution - Local File Disclosure","Severity":"medium","Description":"Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php. NOTE: this vulnerability may be a duplicate of CVE-2014-9734.\n","Classification":{"CVSSScore":"5"}},"file_path":"http/cves/2015/CVE-2015-1579.yaml"} +{"ID":"CVE-2015-1635","Info":{"Name":"Microsoft Windows 'HTTP.sys' - Remote Code Execution","Severity":"critical","Description":"HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka \"HTTP.sys Remote Code Execution Vulnerability.\"\n","Classification":{"CVSSScore":"10.0"}},"file_path":"http/cves/2015/CVE-2015-1635.yaml"} {"ID":"CVE-2015-1880","Info":{"Name":"Fortinet FortiOS \u003c=5.2.3 - Cross-Site Scripting","Severity":"medium","Description":"Fortinet FortiOS 5.2.x before 5.2.3 contains a cross-site scripting vulnerability in the SSL VPN login page which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.","Classification":{"CVSSScore":"4.3"}},"file_path":"http/cves/2015/CVE-2015-1880.yaml"} {"ID":"CVE-2015-20067","Info":{"Name":"WP Attachment Export \u003c 0.2.4 - Unrestricted File Download","Severity":"high","Description":"The plugin does not have proper access controls, allowing unauthenticated users to download the XML data that holds all the details of attachments/posts on a Wordpress\npowered site. This includes details of even privately published posts and password protected posts with their passwords revealed in plain text.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2015/CVE-2015-20067.yaml"} {"ID":"CVE-2015-2067","Info":{"Name":"Magento Server MAGMI - Directory Traversal","Severity":"medium","Description":"Magento Server MAGMI (aka Magento Mass Importer) contains a directory traversal vulnerability in web/ajax_pluginconf.php. that allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.","Classification":{"CVSSScore":"5"}},"file_path":"http/cves/2015/CVE-2015-2067.yaml"} @@ -2170,6 +2171,7 @@ {"ID":"CVE-2023-37728","Info":{"Name":"IceWarp Webmail Server v10.2.1 - Cross Site Scripting","Severity":"medium","Description":"Icewarp Icearp v10.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the color parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-37728.yaml"} {"ID":"CVE-2023-37979","Info":{"Name":"Ninja Forms \u003c 3.6.26 - Cross-Site Scripting","Severity":"medium","Description":"The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-37979.yaml"} {"ID":"CVE-2023-38035","Info":{"Name":"Ivanti Sentry - Authentication Bypass","Severity":"critical","Description":"A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-38035.yaml"} +{"ID":"CVE-2023-38203","Info":{"Name":"Adobe ColdFusion Deserialization of Untrusted Data","Severity":"critical","Description":"Adobe ColdFusion versions 2018u17 (and earlier), 2021u7 (and earlier) and 2023u1 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-38203.yaml"} {"ID":"CVE-2023-38205","Info":{"Name":"Adobe ColdFusion - Access Control Bypass","Severity":"high","Description":"There is an access control bypass vulnerability in Adobe ColdFusion versions 2023 Update 2 and below, 2021 Update 8 and below and 2018 update 18 and below, which allows a remote attacker to bypass the ColdFusion mechanisms that restrict unauthenticated external access to ColdFusion's Administrator.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-38205.yaml"} {"ID":"CVE-2023-3836","Info":{"Name":"Dahua Smart Park Management - Arbitrary File Upload","Severity":"critical","Description":"Dahua wisdom park integrated management platform is a comprehensive management platform, a park operations,resource allocation, and intelligence services,and other functions, including/emap/devicePoint_addImgIco?.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-3836.yaml"} {"ID":"CVE-2023-3843","Info":{"Name":"mooDating 1.2 - Cross-site scripting","Severity":"medium","Description":"A vulnerability was found in mooSocial mooDating 1.2. It has been classified as problematic. Affected is an unknown function of the file /matchmakings/question of the component URL Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. VDB-235194 is the identifier assigned to this vulnerability. NOTE: We tried to contact the vendor early about the disclosure but the official mail address was not working properly.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-3843.yaml"} @@ -2279,14 +2281,17 @@ {"ID":"CVE-2023-6634","Info":{"Name":"LearnPress \u003c 4.2.5.8 - Remote Code Execution","Severity":"critical","Description":"The LearnPress plugin for WordPress is vulnerable to Command Injection in all versions up to, and including, 4.2.5.7 via the get_content function. This is due to the plugin making use of the call_user_func function with user input. This makes it possible for unauthenticated attackers to execute any public function with one parameter, which could result in remote code execution.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-6634.yaml"} {"ID":"CVE-2023-6831","Info":{"Name":"mlflow - Path Traversal","Severity":"high","Description":"Path Traversal: '\\..\\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.\n","Classification":{"CVSSScore":"8.1"}},"file_path":"http/cves/2023/CVE-2023-6831.yaml"} {"ID":"CVE-2023-6875","Info":{"Name":"WordPress POST SMTP Mailer \u003c= 2.8.7 - Authorization Bypass","Severity":"critical","Description":"The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, and including, 2.8.7.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-6875.yaml"} +{"ID":"CVE-2023-6895","Info":{"Name":"Hikvision Intercom Broadcasting System - Command Execution","Severity":"critical","Description":"Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE (HIK) version has an operating system command injection vulnerability. The vulnerability originates from the parameter jsondata[ip] in the file /php/ping.php, which can cause operating system command injection.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-6895.yaml"} {"ID":"CVE-2023-6909","Info":{"Name":"Mlflow \u003c2.9.2 - Path Traversal","Severity":"critical","Description":"Path Traversal: '\\..\\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.\n","Classification":{"CVSSScore":"9.3"}},"file_path":"http/cves/2023/CVE-2023-6909.yaml"} {"ID":"CVE-2023-6977","Info":{"Name":"Mlflow \u003c2.8.0 - Local File Inclusion","Severity":"high","Description":"Mlflow before 2.8.0 is susceptible to local file inclusion due to path traversal in GitHub repository mlflow/mlflow. An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-6977.yaml"} {"ID":"CVE-2023-7028","Info":{"Name":"GitLab - Account Takeover via Password Reset","Severity":"critical","Description":"An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address.\n","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2023/CVE-2023-7028.yaml"} {"ID":"CVE-2024-0204","Info":{"Name":"Fortra GoAnywhere MFT - Authentication Bypass","Severity":"critical","Description":"Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-0204.yaml"} +{"ID":"CVE-2024-0305","Info":{"Name":"Ncast busiFacade - Remote Command Execution","Severity":"high","Description":"The Ncast Yingshi high-definition intelligent recording and playback system is a newly developed audio and video recording and playback system. The system has RCE vulnerabilities in versions 2017 and earlier.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-0305.yaml"} {"ID":"CVE-2024-0352","Info":{"Name":"Likeshop \u003c 2.5.7.20210311 - Arbitrary File Upload","Severity":"critical","Description":"A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This vulnerability affects the function FileServer::userFormImage of the file server/application/api/controller/File.php of the component HTTP POST Request Handler. The manipulation of the argument file with an unknown input leads to a unrestricted upload vulnerability. The CWE definition for the vulnerability is CWE-434\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-0352.yaml"} {"ID":"CVE-2024-0713","Info":{"Name":"Monitorr Services Configuration - Arbitrary File Upload","Severity":"high","Description":"A vulnerability was found in Monitorr 1.7.6m. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /assets/php/upload.php of the component Services Configuration. The manipulation of the argument fileToUpload leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251539. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2024/CVE-2024-0713.yaml"} {"ID":"CVE-2024-1021","Info":{"Name":"Rebuild \u003c= 3.5.5 - Server-Side Request Forgery","Severity":"medium","Description":"There is a security vulnerability in Rebuild 3.5.5, which is due to a server-side request forgery vulnerability in the URL parameter of the readRawText function of the HTTP Request Handler component.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-1021.yaml"} {"ID":"CVE-2024-1061","Info":{"Name":"WordPress HTML5 Video Player - SQL Injection","Severity":"high","Description":"WordPress HTML5 Video Player plugin is vulnerable to SQL injection. An unauthenticated attacker can exploit this vulnerability to perform SQL injection attacks.\n","Classification":{"CVSSScore":"8.6"}},"file_path":"http/cves/2024/CVE-2024-1061.yaml"} +{"ID":"CVE-2024-1071","Info":{"Name":"WordPress Ultimate Member 2.1.3 - 2.8.2 – SQL Injection","Severity":"critical","Description":"The Ultimate Member - User Profile, Registration, Login, Member Directory, Content Restriction \u0026 Membership Plugin plugin for WordPress is vulnerable to SQL Injection via the ‘sorting’ parameter in versions 2.1.3 to 2.8.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-1071.yaml"} {"ID":"CVE-2024-1208","Info":{"Name":"LearnDash LMS \u003c 4.10.3 - Sensitive Information Exposure","Severity":"medium","Description":"The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.2 via API. This makes it possible for unauthenticated attackers to obtain access to quiz questions.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-1208.yaml"} {"ID":"CVE-2024-1209","Info":{"Name":"LearnDash LMS \u003c 4.10.2 - Sensitive Information Exposure via assignments","Severity":"medium","Description":"The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via direct file access due to insufficient protection of uploaded assignments. This makes it possible for unauthenticated attackers to obtain those uploads.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-1209.yaml"} {"ID":"CVE-2024-1210","Info":{"Name":"LearnDash LMS \u003c 4.10.2 - Sensitive Information Exposure","Severity":"medium","Description":"The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via API. This makes it possible for unauthenticated attackers to obtain access to quizzes.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-1210.yaml"} @@ -2298,6 +2303,7 @@ {"ID":"CVE-2024-22024","Info":{"Name":"Ivanti Connect Secure - XXE","Severity":"high","Description":"Ivanti Connect Secure is vulnerable to XXE (XML External Entity) injection.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-22024.yaml"} {"ID":"CVE-2024-22319","Info":{"Name":"IBM Operational Decision Manager - JNDI Injection","Severity":"critical","Description":"IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. IBM X-Force ID: 279145.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-22319.yaml"} {"ID":"CVE-2024-22320","Info":{"Name":"IBM Operational Decision Manager - Java Deserialization","Severity":"high","Description":"IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code in the context of SYSTEM. IBM X-Force ID: 279146.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2024/CVE-2024-22320.yaml"} +{"ID":"CVE-2024-23334","Info":{"Name":"aiohttp - Directory Traversal","Severity":"high","Description":"aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'follow_symlinks' can be used to determine whether to follow symbolic links outside the static root directory. When 'follow_symlinks' is set to True, there is no validation to check if reading a file is within the root directory. This can lead to directory traversal vulnerabilities, resulting in unauthorized access to arbitrary files on the system, even when symlinks are not present. Disabling follow_symlinks and using a reverse proxy are encouraged mitigations. Version 3.9.2 fixes this issue.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-23334.yaml"} {"ID":"CVE-2024-25600","Info":{"Name":"Unauthenticated Remote Code Execution – Bricks \u003c= 1.9.6","Severity":"critical","Description":"Bricks Builder is a popular WordPress development theme with approximately 25,000 active installations. It provides an intuitive drag-and-drop interface for designing and building WordPress websites. Bricks \u003c= 1.9.6 is vulnerable to unauthenticated remote code execution (RCE) which means that anybody can run arbitrary commands and take over the site/server. This can lead to various malicious activities\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-25600.yaml"} {"ID":"CVE-2024-25669","Info":{"Name":"CaseAware a360inc - Cross-Site Scripting","Severity":"medium","Description":"a360inc CaseAware contains a reflected cross-site scripting vulnerability via the user parameter transmitted in the login.php query string. This is a bypass of the fix reported in CVE-2017-\u003e\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2024/CVE-2024-25669.yaml"} {"ID":"CVE-2024-25735","Info":{"Name":"WyreStorm Apollo VX20 - Information Disclosure","Severity":"high","Description":"An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext credentials for the SoftAP (access point) Router /device/config using an HTTP GET request.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-25735.yaml"} diff --git a/cves.json-checksum.txt b/cves.json-checksum.txt index beda5a2a2c..f16efa320f 100644 --- a/cves.json-checksum.txt +++ b/cves.json-checksum.txt @@ -1 +1 @@ -eb2a2554dd005ef35adf0ff115ae4913 +d1c0809e63305403ca431401cfcebe07 diff --git a/dns/dns-rebinding.yaml b/dns/dns-rebinding.yaml index 0ffb8778b6..5c463ba2f4 100644 --- a/dns/dns-rebinding.yaml +++ b/dns/dns-rebinding.yaml @@ -1,5 +1,4 @@ id: dns-rebinding - info: name: DNS Rebinding Attack author: ricardomaia @@ -10,6 +9,8 @@ info: - https://capec.mitre.org/data/definitions/275.html - https://payatu.com/blog/dns-rebinding/ - https://heimdalsecurity.com/blog/dns-rebinding/ + metadata: + max-request: 2 tags: redirect,dns,network dns: @@ -20,7 +21,7 @@ dns: - type: regex part: answer regex: - - 'IN.*A.(\s)*(127\.0\.0\.1|10\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.(1[6-9]|2\d|3[0-1])\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3})(127\.0\.0\.1|\b10\.\d{1,3}\.\d{1,3}\.\d{1,3}\b|172\.(1[6-9]|2\d|3[0-1])\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3})$' + - 'IN\s+A\s+(127\.0\.0\.1|10\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.(1[6-9]|2\d|3[0-1])\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3})$' extractors: - type: regex @@ -28,35 +29,22 @@ dns: name: IPv4 group: 1 regex: - - 'IN.*A.(\s)*(127\.0\.0\.1|10\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.(1[6-9]|2\d|3[0-1])\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3})(127\.0\.0\.1|\b10\.\d{1,3}\.\d{1,3}\.\d{1,3}\b|172\.(1[6-9]|2\d|3[0-1])\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3})' + - 'IN\s+A\s+(127\.0\.0\.1|10\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.(1[6-9]|2\d|3[0-1])\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3})' - name: "{{FQDN}}" type: AAAA matchers: - # IPv6 Compressed + # IPv6 Compressed and Full - type: regex part: answer regex: - - "IN.+A.+(fd([0-9a-fA-F]{2}):([0-9a-fA-F]{0,4}:){0,5}(:[0-9a-fA-F]{0,4}){1,2}(:)?)$" - - # IPv6 - - type: regex - part: answer - regex: - - "IN.+A.+(fd([0-9a-fA-F]{2}):([0-9a-fA-F]{1,4}:){0,5}([0-9a-fA-F]{1,4}:){1,2}[0-9a-fA-F]{1,4})$" + - "IN\\s+AAAA\\s+(fd[0-9a-fA-F]{2}(:[0-9a-fA-F]{0,4}){0,7})" extractors: - type: regex part: answer - name: IPv6_Compressed + name: IPv6_ULA group: 1 regex: - - "IN.+A.+(fd([0-9a-fA-F]{2}):([0-9a-fA-F]{0,4}:){0,5}(:[0-9a-fA-F]{0,4}){1,2}(:)?)$" - - - type: regex - part: answer - name: IPv6 - group: 1 - regex: - - "IN.+A.+(fd([0-9a-fA-F]{2}):([0-9a-fA-F]{1,4}:){0,5}([0-9a-fA-F]{1,4}:){1,2}[0-9a-fA-F]{1,4})$" -# digest: 4a0a004730450221009a895344f0f4bf8d0444566a7a2392d2074708d88d29a0922ebb71935290785702200a338fe1517c225d45750b08f80f3a903cd5925a32c542b5559f0202173732be:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + - "IN\\s+AAAA\\s+(fd[0-9a-fA-F]{2}(:[0-9a-fA-F]{0,4}){0,7})" +# digest: 4b0a00483046022100f31fd9369022bcafe6da846b246069391f1c22137b8024bb71905634ffa56673022100ea3679256b9518c8853b42432e216d4da6ff3e88ebee349b67e8e8ba7d8a13e1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/linkedin-id.yaml b/file/keys/linkedin-id.yaml index be1cbef9c3..18fde1c52f 100644 --- a/file/keys/linkedin-id.yaml +++ b/file/keys/linkedin-id.yaml @@ -1,4 +1,4 @@ -id: linkedin-client-id +id: linkedin-id info: name: Linkedin Client ID @@ -13,4 +13,4 @@ file: - type: regex regex: - "(?i)linkedin(.{0,20})?(?-i)[0-9a-z]{12}" -# digest: 4a0a004730450220331335d5d455d18c7d9c53325bd405f4c3af22856d39f387f303fc93bbea1047022100e773cfaf03d6e40a9c7bed4c68de155acaa563c01f97dab67d1d89641bf8ec4e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220331335d5d455d18c7d9c53325bd405f4c3af22856d39f387f303fc93bbea1047022100e773cfaf03d6e40a9c7bed4c68de155acaa563c01f97dab67d1d89641bf8ec4e:922c64590222798bb761d5b6d8e72950 diff --git a/headless/cves/2018/CVE-2018-25031.yaml b/headless/cves/2018/CVE-2018-25031.yaml index a495c1a753..a6ed7a6ba6 100644 --- a/headless/cves/2018/CVE-2018-25031.yaml +++ b/headless/cves/2018/CVE-2018-25031.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2018-25031 cwe-id: CWE-20 epss-score: 0.00265 - epss-percentile: 0.64105 + epss-percentile: 0.65414 cpe: cpe:2.3:a:smartbear:swagger_ui:*:*:*:*:*:*:*:* metadata: verified: true @@ -30,7 +30,6 @@ info: shodan-query: http.component:"Swagger" fofa-query: icon_hash="-1180440057" tags: headless,cve,cve2018,swagger,xss,smartbear - headless: - steps: - args: @@ -71,4 +70,4 @@ headless: words: - "swagger" case-insensitive: true -# digest: 4a0a00473045022013f081ac9ee7ec2705ebf232439f9b18c17b162f4e3bfc4485638f324af817df022100e3e262210320011237b59f2a16f32a64e4ad8aba204a3c0f23a4ecda48368644:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220276c4920b8b15fde2802ab2d829106243bfa1d1b5eec02e3ea13925bb1a2367f022012c9b9cb6e5b2906f68da10c6d0aa5c7462f847f906fc82ae576ac26db37fbbb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-6271.yaml b/http/cves/2014/CVE-2014-6271.yaml index 2d3350da55..3285c6d48f 100644 --- a/http/cves/2014/CVE-2014-6271.yaml +++ b/http/cves/2014/CVE-2014-6271.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2014-6271 cwe-id: CWE-78 - epss-score: 0.97564 - epss-percentile: 0.99999 + epss-score: 0.97559 + epss-percentile: 0.99997 cpe: cpe:2.3:a:gnu:bash:1.14.0:*:*:*:*:*:*:* metadata: max-request: 8 @@ -58,4 +58,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502203c32ed699b5b5784b8f6eddd60a3c06b1a1c8dbefd3024f425307f8f793e0f64022100e4987775a712348ab69dbb368677664e21d2d753a3ba22ab15c2dcd0d426cf49:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022022d9c0adae74cdc979a9807c7b6c229b34bbaf77fdf9fb5edbd4263a3e3d939d022100bff54d932fc7f8bc11b979b2289b87a588833b45578f1945d5e8dc9a7021354b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-8799.yaml b/http/cves/2014/CVE-2014-8799.yaml index 93400a28c3..cf44785af5 100644 --- a/http/cves/2014/CVE-2014-8799.yaml +++ b/http/cves/2014/CVE-2014-8799.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-8799 cwe-id: CWE-22 epss-score: 0.17844 - epss-percentile: 0.95686 + epss-percentile: 0.96002 cpe: cpe:2.3:a:dukapress:dukapress:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 @@ -50,4 +50,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502206a7436cc97bf8ecebcb667d7af15dcf23669c6fe4558d8041af31eb305bc605e022100f724c31ae974833f30f077f071146f044c59dd077af802bcc254aaa7e7f82ee2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c44ca338e0e27aef8473eed734aaf201ffdbd8635955e4b8e4cbfb37f596bd5802202fa69ab04ca34891ed8896145cbd8e1af1443228c1e766e1cc8f6591c0e74f45:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-17431.yaml b/http/cves/2018/CVE-2018-17431.yaml index 1c899630fc..2aa77891ff 100644 --- a/http/cves/2018/CVE-2018-17431.yaml +++ b/http/cves/2018/CVE-2018-17431.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-17431 cwe-id: CWE-287 - epss-score: 0.11315 - epss-percentile: 0.94677 + epss-score: 0.11416 + epss-percentile: 0.95073 cpe: cpe:2.3:a:comodo:unified_threat_management_firewall:*:*:*:*:*:*:*:* metadata: max-request: 2 @@ -50,4 +50,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502206e56a0d536dfc8d4ed10ae0505f2d2548b6c986854d0813c6e8185acc66756d9022100e74e57bbb9b04d2860f174d0f9effbef03a265a0ada954ea317f3fffa89a12ca:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100b58e1f2764198a04cdc831884ce49a67189b6a1988fcf7e27f9d82ed83cd2a3402206c36044d3ad9e30032c1e67d471ee256bb7602b09812ffc7830995d5808c7ff1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-20463.yaml b/http/cves/2018/CVE-2018-20463.yaml index e4dd013391..a49889b5ff 100644 --- a/http/cves/2018/CVE-2018-20463.yaml +++ b/http/cves/2018/CVE-2018-20463.yaml @@ -15,13 +15,14 @@ info: - https://wordpress.org/plugins/jsmol2wp/ - https://github.com/sullo/advisory-archives/blob/master/wordpress-jsmol2wp-CVE-2018-20463-CVE-2018-20462.txt - https://nvd.nist.gov/vuln/detail/CVE-2018-20463 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-20463 cwe-id: CWE-22 epss-score: 0.01939 - epss-percentile: 0.87393 + epss-percentile: 0.88289 cpe: cpe:2.3:a:jsmol2wp_project:jsmol2wp:1.07:*:*:*:*:wordpress:*:* metadata: verified: true @@ -53,4 +54,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502205f9aeadd874f5fdf363e87acc0ec34f995e53677d28cbc33b27cf113d9de2b03022100c5b000d74f0180cb372d2dd355622f03e7cb2b5180ac3cb0e6f0660049f49dba:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221008b0f6a4e144ec0a4f5fb0f772930b5da535472e941723be6c675589ac426a8b5022100bef4cc125a636184009e644aeb5fa64c4a868c49d7c081e63409ed228515e3ed:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2020/CVE-2020-24223.yaml b/http/cves/2020/CVE-2020-24223.yaml index 3d1b6e45c8..6fa05cc94d 100644 --- a/http/cves/2020/CVE-2020-24223.yaml +++ b/http/cves/2020/CVE-2020-24223.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2020-24223 cwe-id: CWE-79 - epss-score: 0.00976 - epss-percentile: 0.81758 + epss-score: 0.0069 + epss-percentile: 0.79602 cpe: cpe:2.3:a:mara_cms_project:mara_cms:7.5:*:*:*:*:*:*:* metadata: max-request: 1 @@ -49,4 +49,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100c973b82339421ec3089eac4ceee54851fb8db56c023e4110994b8c16b279307f022100ba5f5c61a9f8acb6755ba89ca34bb684ee60ac4e1e7c96f40f0688789b22e49a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502203465eb756d9c1c2a642192e678566a419006885438b5721b7a8b54470650a994022100a3b09f8d55baad75a18b6eb7fab36fd7cf976201304457c717358dd7b6fa2862:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2021/CVE-2021-21805.yaml b/http/cves/2021/CVE-2021-21805.yaml index 39d420c0ea..3ed6b9fc39 100644 --- a/http/cves/2021/CVE-2021-21805.yaml +++ b/http/cves/2021/CVE-2021-21805.yaml @@ -14,13 +14,15 @@ info: - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1274 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21805 - https://nvd.nist.gov/vuln/detail/CVE-2021-21805 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-21805 cwe-id: CWE-78 epss-score: 0.97374 - epss-percentile: 0.99892 + epss-percentile: 0.99895 cpe: cpe:2.3:a:advantech:r-seenet:2.4.12:*:*:*:*:*:*:* metadata: verified: true @@ -52,4 +54,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100f2a3e97b98df27aafb1f8001f577c595d1cbb4fed075db594314502fbf283bd602204b4e9e0d429dacbd3c7672f6fd16118bbc7e73d54077c27d333a19e89ac0f5db:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220239da739e577f078def3474254759fb447a0e1c7ae5e5c894fc15f3748b3752b022039afb1da09e145478b68a7981ab742ece2729a5f473a12d97e7c259b4bddafb6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2021/CVE-2021-22873.yaml b/http/cves/2021/CVE-2021-22873.yaml index 65ab692f39..66bb1175d3 100644 --- a/http/cves/2021/CVE-2021-22873.yaml +++ b/http/cves/2021/CVE-2021-22873.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-22873 cwe-id: CWE-601 epss-score: 0.00922 - epss-percentile: 0.81209 + epss-percentile: 0.82474 cpe: cpe:2.3:a:revive-adserver:revive_adserver:*:*:*:*:*:*:*:* metadata: verified: true @@ -49,4 +49,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 -# digest: 490a0046304402206825e5ab8251fc139a7b9f7ac5b06687ca56ae1e65ed767ca11c20c7930c7e1f02205a2f6d3c6d66a885a07cd69568accc9951b72dc883ed9cc1f62f561083da2e0c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201f562b389b6a5f97abaafe839123249c8bfc49d20d8cc12c06a61ee23b840795022100e4d6049c15f40c1564d2e55b52873ca91a7030a85feb7605ebf54ce291e513d5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2021/CVE-2021-24849.yaml b/http/cves/2021/CVE-2021-24849.yaml index a396d3d507..9d11f20664 100644 --- a/http/cves/2021/CVE-2021-24849.yaml +++ b/http/cves/2021/CVE-2021-24849.yaml @@ -6,26 +6,26 @@ info: severity: critical description: | The wcfm_ajax_controller AJAX action of the WCFM Marketplace WordPress plugin before 3.4.12, available to unauthenticated and authenticated user, does not properly sanitise multiple parameters before using them in SQL statements, leading to SQL injections. - remediation: Fixed in 3.4.12 reference: - https://wpscan.com/vulnerability/763c08a0-4b2b-4487-b91c-be6cc2b9322e/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24849 - https://wordpress.org/plugins/wc-multivendor-marketplace/ + remediation: Fixed in 3.4.12 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-24849 cwe-id: CWE-89 + cpe: cpe:2.3:a:wclovers:frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible:*:*:*:*:*:wordpress:*:* epss-score: 0.00199 epss-percentile: 0.56492 - cpe: cpe:2.3:a:wclovers:frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible:*:*:*:*:*:wordpress:*:* metadata: - verified: true - max-request: 1 - vendor: wclovers - product: frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible + product: "frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible" framework: wordpress publicwww-query: "/wp-content/plugins/wc-multivendor-marketplace" + verified: true + max-request: 3 + vendor: wclovers tags: wpscan,cve,cve2021,wp,wp-plugin,wordpress,wc-multivendor-marketplace,wpscan,sqli flow: http(1) && http(2) @@ -67,4 +67,4 @@ http: - 'contains(header, "application/json")' - 'contains(body, "success")' condition: and -# digest: 4a0a00473045022100ac9faa851954e06269fcb6c1d2c78475a2f575683ef8f476b96450a5671b359102205d7f4ea4de3b3c6db211c706adcd4be8f13de39a9098990f182b0f2008efc79a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ef54cd087054515b6ef2f1935d258ecea55b3abf384cd95798b8cd351a5f1fe90220070a59d1e5a3ab49e8fc248e2ddc238e33958d75f7b3cfc5700b5018b8116f82:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2021/CVE-2021-40651.yaml b/http/cves/2021/CVE-2021-40651.yaml index cac65b9dd7..2fda1838ae 100644 --- a/http/cves/2021/CVE-2021-40651.yaml +++ b/http/cves/2021/CVE-2021-40651.yaml @@ -18,8 +18,8 @@ info: cwe-id: CWE-22 cpe: cpe:2.3:a:os4ed:opensis:8.0:*:*:*:community:*:*:* metadata: - max-request: 1 - shodan-query: title:"openSIS" + shodan-query: "title:\"openSIS\"" + max-request: 2 tags: cve,cve2021,lfi,os4ed,opensis,authenticated http: @@ -42,4 +42,4 @@ http: - 'contains(body_1, "openSIS")' - "status_code == 200" condition: and -# digest: 490a004630440220206394b303ab92ce65590e2c61e6eb5e9914219a5a0651ae69009a3f224109ff02207e729d1c062d3bd2e445a39a036992cc281564407a764e7f7ced5f02879f1034:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100924b4c785059886c8131bde539e1106c1be30952a7fea88bd992cb9cc3e7aca202204c4c3c880b323df6c23378c766e00dd0222716aa49f384cbc8f4c37b7c9ab38f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2022/CVE-2022-0776.yaml b/http/cves/2022/CVE-2022-0776.yaml index f5d7062a48..03311a84eb 100644 --- a/http/cves/2022/CVE-2022-0776.yaml +++ b/http/cves/2022/CVE-2022-0776.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-0776 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40832 + epss-percentile: 0.40075 cpe: cpe:2.3:a:revealjs:reveal.js:*:*:*:*:*:node.js:*:* metadata: vendor: revealjs @@ -48,4 +48,4 @@ headless: part: extract words: - "true" -# digest: 4a0a00473045022015776ab1f8ee5f7cbd078059bc34167a0b8ca0a11a1bda34723f7ec03d31b6c302210098d1c6a54ecbafb3158390aea2498590fe70df9d78d3266d388274859a641533:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100822f5151d594a59ff99bde533919eb403ddd05ab8d041ea5963a1c88f81d84320221008c8e17c078665f80ff1f6815e2f071996a8d9e4712b43e3bf775f0c2db3e0e12:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2022/CVE-2022-26263.yaml b/http/cves/2022/CVE-2022-26263.yaml index 1897d2e5e5..eb357ee240 100644 --- a/http/cves/2022/CVE-2022-26263.yaml +++ b/http/cves/2022/CVE-2022-26263.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-26263 cwe-id: CWE-79 epss-score: 0.00147 - epss-percentile: 0.50638 + epss-percentile: 0.49633 cpe: cpe:2.3:a:yonyou:u8\+:13.0:*:*:*:*:*:*:* metadata: verified: true @@ -43,4 +43,4 @@ headless: - '' internal: true -# digest: 490a0046304402205dc4e3489b8db4f6e587d569813f9eec4372432d2ed1350de8d8bc00c7d01a8d02207363f5db9a634f3a0973e7e364948a39da565ec0b5ea0f3ac1276c0fc7027331:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100edda67cd80bdd516aa4f6241fa72a9e1d6c1e240eb1d40d35ae9c44143ff025902206f496f8d850ad284d589527d8abd90bf13aa0414c007dad56d79ba9c57d33c59:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6831.yaml b/http/cves/2023/CVE-2023-6831.yaml index 878750743b..bde88b3ab0 100644 --- a/http/cves/2023/CVE-2023-6831.yaml +++ b/http/cves/2023/CVE-2023-6831.yaml @@ -6,25 +6,26 @@ info: severity: high description: | Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. - remediation: | - Upgrade Mlflow to version 2.9.2 or later to mitigate the vulnerability. reference: - https://nvd.nist.gov/vuln/detail/CVE-2023-6831 - https://github.com/mlflow/mlflow/commit/1da75dfcecd4d169e34809ade55748384e8af6c1 - https://huntr.com/bounties/0acdd745-0167-4912-9d5c-02035fe5b314 + remediation: | + Upgrade Mlflow to version 2.9.2 or later to mitigate the vulnerability. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H cvss-score: 8.1 cve-id: CVE-2023-6831 cwe-id: CWE-22 - epss-score: 0.000460000 - epss-percentile: 0.126930000 cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* + epss-score: 0.00046 + epss-percentile: 0.12693 metadata: - verified: true vendor: lfprojects product: mlflow - shodan-query: http.title:"mlflow" + shodan-query: "http.title:\"mlflow\"" + max-request: 2 + verified: true tags: cve,cve2023,mlflow,pathtraversal,lfprojects http: @@ -58,4 +59,4 @@ http: - type: status status: - 500 -# digest: 490a0046304402202e05b1ca433f0cc3ad8178fa3db634d613c180a5d76bd1907daf5a29b102f02f0220546c974febbb5121e3697cfc1e76620c450e31cee055c94cd0b25375648e38ba:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022032f829866528954cdb8ce1c5298787430b08b1d4550ab556b77f078e362da3e102207691a8b5b4639a9faf128176e590b98fc0841775bb6df00b97a7253772fe498a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6895.yaml b/http/cves/2023/CVE-2023-6895.yaml new file mode 100644 index 0000000000..b1fdac14f0 --- /dev/null +++ b/http/cves/2023/CVE-2023-6895.yaml @@ -0,0 +1,56 @@ +id: CVE-2023-6895 + +info: + name: Hikvision Intercom Broadcasting System - Command Execution + author: archer + severity: critical + description: | + Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE (HIK) version has an operating system command injection vulnerability. The vulnerability originates from the parameter jsondata[ip] in the file /php/ping.php, which can cause operating system command injection. + reference: + - https://github.com/FuBoLuSec/CVE-2023-6895/blob/main/CVE-2023-6895.py + - https://vuldb.com/?ctiid.248254 + - https://vuldb.com/?id.248254 + - https://github.com/Marco-zcl/POC + - https://github.com/d4n-sec/d4n-sec.github.io + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2023-6895 + cwe-id: CWE-78 + epss-score: 0.0008 + epss-percentile: 0.32716 + cpe: cpe:2.3:o:hikvision:intercom_broadcast_system:*:*:*:*:*:*:*:* + metadata: + verified: true + max-request: 1 + vendor: hikvision + product: intercom_broadcast_system + fofa-query: icon_hash="-1830859634" + tags: cve,cve2023,rce,hikvision + +http: + - raw: + - | + POST /php/ping.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + X-Requested-With: XMLHttpRequest + + jsondata%5Btype%5D=99&jsondata%5Bip%5D=ping%20{{interactsh-url}} + + matchers-condition: and + matchers: + - type: word + part: interactsh_protocol + words: + - "dns" + + - type: word + part: body + words: + - "TTL=" + + - type: status + status: + - 200 +# digest: 490a00463044022046e9673fbb222a36f6113e7f32e176bc2d800d2a0f8fb0824bc84dd30705c4fa022051992f8ba2020e9c09b574c69ecbca8b48a5d98fda9f790dd46ba0313ebb08bb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6909.yaml b/http/cves/2023/CVE-2023-6909.yaml index 577dcf9783..8b4b4a2736 100644 --- a/http/cves/2023/CVE-2023-6909.yaml +++ b/http/cves/2023/CVE-2023-6909.yaml @@ -6,24 +6,25 @@ info: severity: critical description: | Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. - impact: | - Successful exploitation could be lead to disclose of sensitive information such as SSH Keys or Internal configurations. - remediation: | - To fix this vulnerability, it is important to update the mlflow package to the latest version 2.10.0. reference: - https://huntr.com/bounties/11209efb-0f84-482f-add0-587ea6b7e850/ - https://nvd.nist.gov/vuln/detail/CVE-2023-6909 - https://github.com/mlflow/mlflow/commit/1da75dfcecd4d169e34809ade55748384e8af6c1 + impact: | + Successful exploitation could be lead to disclose of sensitive information such as SSH Keys or Internal configurations. + remediation: | + To fix this vulnerability, it is important to update the mlflow package to the latest version 2.10.0. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N cvss-score: 9.3 cve-id: CVE-2023-6909 cwe-id: CWE-29 metadata: + max-request: 5 verified: true vendor: lfprojects product: mlflow - shodan-query: http.title:"mlflow" + shodan-query: "http.title:\"mlflow\"" tags: cve,cve2023,mlflow,lfi http: @@ -90,4 +91,4 @@ http: json: - '.run.info.run_id' internal: true -# digest: 4a0a00473045022057cab29fe3d00006c6db44ac420a34cecdad60ef71ae6159d9d1870d61d97420022100cd6d7114a977b54c1190e1a9a7002626d05b41874dccf1e9e5d38cacc7082c6d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100dc4c33652fcf1a1d0dc29690ac81838de82d0c439cc405cb3b0296d4e10cb855022100b3a49f754395ee217ea12cc561be556cc6c3a8da3facee851d5f37fdbab72d61:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-0713.yaml b/http/cves/2024/CVE-2024-0713.yaml index 74459c114b..d52bd7843a 100644 --- a/http/cves/2024/CVE-2024-0713.yaml +++ b/http/cves/2024/CVE-2024-0713.yaml @@ -15,14 +15,15 @@ info: cvss-score: 8.8 cve-id: CVE-2024-0713 cwe-id: CWE-434 + cpe: cpe:2.3:a:monitorr:monitorr:1.7.6m:*:*:*:*:*:*:* epss-score: 0.00061 epss-percentile: 0.2356 - cpe: cpe:2.3:a:monitorr:monitorr:1.7.6m:*:*:*:*:*:*:* metadata: vendor: monitorr product: monitorr verified: true - fofa-query: icon_hash="-211006074" + fofa-query: "icon_hash=\"-211006074\"" + max-request: 2 tags: cve,cve2024,file-upload,intrusive,monitorr variables: @@ -66,4 +67,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502200e99cf7ecbba3a0c88653fc454cb5715d7085e0678ab470e4b7cfbf4dd198e8d022100e47a621b93eaabb8881e48cae80b9cc8c0596a437fc9b8ac0921a63beee74506:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402201b9bb4536c3d56e915516c2b0156629ce6f3689a312eddd8d0694b86aa144e1902203d8dccbcbba044b30e6fff72ceb7f66bf40a9bf6f3130c3f3b11b0ec3c30a863:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-1021.yaml b/http/cves/2024/CVE-2024-1021.yaml index 6276be41a5..bdda7021da 100644 --- a/http/cves/2024/CVE-2024-1021.yaml +++ b/http/cves/2024/CVE-2024-1021.yaml @@ -6,17 +6,17 @@ info: severity: medium description: | There is a security vulnerability in Rebuild 3.5.5, which is due to a server-side request forgery vulnerability in the URL parameter of the readRawText function of the HTTP Request Handler component. + reference: + - https://github.com/getrebuild/rebuild + - https://nvd.nist.gov/vuln/detail/CVE-2024-1021 impact: | Successful exploitation of this vulnerability can result in unauthorized access to sensitive internal resources. remediation: | Apply the latest security patches or updates provided by Rebuild to fix this vulnerability. - reference: - - https://github.com/getrebuild/rebuild - - https://nvd.nist.gov/vuln/detail/CVE-2024-1021 metadata: - max-request: 1 + max-request: 2 verified: true - fofa-query: icon_hash="871154672" + fofa-query: "icon_hash=\"871154672\"" tags: cve2024,cve,rebuild,ssrf http: @@ -32,4 +32,4 @@ http: - '!contains(body_1, "

Interactsh Server

")' - 'status_code_2 == 200' condition: and -# digest: 4a0a004730450220098225bea96b8668687e7dfe13e7567202130b05bf6e23cffcc70cb83386d700022100f078d24ac95ac54515557e84e1bc60404c9d6d59cfa0604f82e5d03baaf841e6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220491492872c6924a820f6183de45c341dbc8838eec5bd79f241a7a8e007817a4d022100bcf486a787a7ac18c43f5a856e8edf8c68546b59012e7c096bbc48085b3ce175:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-1061.yaml b/http/cves/2024/CVE-2024-1061.yaml index 242eaa8b61..4b0b41b083 100644 --- a/http/cves/2024/CVE-2024-1061.yaml +++ b/http/cves/2024/CVE-2024-1061.yaml @@ -6,14 +6,14 @@ info: severity: high description: | WordPress HTML5 Video Player plugin is vulnerable to SQL injection. An unauthenticated attacker can exploit this vulnerability to perform SQL injection attacks. - impact: | - Successful exploitation of this vulnerability could allow an attacker to perform SQL injection attacks, potentially leading to unauthorized access, data leakage, or further compromise of the WordPress site. - remediation: | - Vendor did not acknowledge vulnerability but the issue seems to have been fixed in version 2.5.25. reference: - https://www.tenable.com/security/research/tra-2024-02 - https://wordpress.org/plugins/html5-video-player - https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-1061 + impact: | + Successful exploitation of this vulnerability could allow an attacker to perform SQL injection attacks, potentially leading to unauthorized access, data leakage, or further compromise of the WordPress site. + remediation: | + Vendor did not acknowledge vulnerability but the issue seems to have been fixed in version 2.5.25. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N cvss-score: 8.6 @@ -21,7 +21,8 @@ info: cwe-id: CWE-89 metadata: verified: true - fofa-query: '"wordpress" && body="html5-video-player"' + fofa-query: "\"wordpress\" && body=\"html5-video-player\"" + max-request: 1 tags: cve,cve2024,wp,wordpress,wp-plugin,sqli,html5-video-player http: @@ -36,4 +37,4 @@ http: - 'contains(header, "application/json")' - 'contains_all(body, "created_at", "video_id")' condition: and -# digest: 4b0a0048304602210082f5c18e0ac8422e532f5581f775dfd9a57d7c059cf6f41622d7a00306bfa3c6022100d0500ab738261efc3de306be7f8149c4a2f98b4c1560c26fe3617520ce9dd6e9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100fa33c5d3e6fdd93832d18b7feaeceaab7dc13294ca6117b62c0cf322a734e7d3022100bec7347a690ebaf2785ae5b325485392dbdb16005fd15b862aca9a8930646034:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-21645.yaml b/http/cves/2024/CVE-2024-21645.yaml index 443f7c8633..96994c68e5 100644 --- a/http/cves/2024/CVE-2024-21645.yaml +++ b/http/cves/2024/CVE-2024-21645.yaml @@ -6,25 +6,26 @@ info: severity: medium description: | A log injection vulnerability was identified in pyload. This vulnerability allows any unauthenticated actor to inject arbitrary messages into the logs gathered by pyload. - impact: | - Forged or otherwise, corrupted log files can be used to cover an attacker's tracks or even to implicate another party in the commission of a malicious act. reference: - https://github.com/advisories/GHSA-ghmw-rwh8-6qmr - https://nvd.nist.gov/vuln/detail/CVE-2024-21645 - https://github.com/fkie-cad/nvd-json-data-feeds + impact: | + Forged or otherwise, corrupted log files can be used to cover an attacker's tracks or even to implicate another party in the commission of a malicious act. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N cvss-score: 5.3 cve-id: CVE-2024-21645 cwe-id: CWE-74 + cpe: cpe:2.3:a:pyload:pyload:*:*:*:*:*:*:*:* epss-score: 0.00046 epss-percentile: 0.13723 - cpe: cpe:2.3:a:pyload:pyload:*:*:*:*:*:*:*:* metadata: verified: true vendor: pyload product: pyload - shodan-query: title:"pyload" + shodan-query: "title:\"pyload\"" + max-request: 2 tags: cve,cve2024,pyload,authenticated,injection variables: @@ -59,4 +60,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100e4681bad6b75b2295f0256953d1d293a42d79e61b3607a307caf6cc5b040ccbb02201912657be888fe3a799ada24aaa1de05d3667731e84900bedb0e556a187f2dfc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402203cbf3ae7a02a2a68165345f0bd855eb6ab923669c8d2aa78f2922e0baee747f702201104ac76e942d9f3bff9d59b6e4227e4d59ff27e41aeca67e1138508b572d5b9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-21893.yaml b/http/cves/2024/CVE-2024-21893.yaml index 3f0ce48f53..d771bde4f9 100644 --- a/http/cves/2024/CVE-2024-21893.yaml +++ b/http/cves/2024/CVE-2024-21893.yaml @@ -18,8 +18,9 @@ info: cpe: cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:* metadata: vendor: ivanti - product: connect_secure + product: "connect_secure" shodan-query: "html:\"welcome.cgi?p=logo\"" + max-request: 1 tags: cve,cve2024,kev,ssrf,ivanti http: @@ -43,4 +44,4 @@ http: - '/dana-na/' - 'WriteCSS' condition: and -# digest: 4a0a00473045022100fefc6637185b28b4af8b503bdb7b89401fc591c34cb6082b20322ac0f1ad67c8022027e634cbc733ad699766de6d8eb8f22b6368d0b663cd28cbd957eaaf37f51838:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022031bba2e0349c9af3102196e00e85678ddbb51ba287e5d624558a50a3bbaa6be20221008a362ec4ef64ece7ab22636b902c72df49e1f72c519731e5c2eb22dec2db5c76:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/default-logins/ibm/ibm-dcbc-default-login.yaml b/http/default-logins/ibm/ibm-dcbc-default-login.yaml index 75e2653c94..4772caa9fd 100644 --- a/http/default-logins/ibm/ibm-dcbc-default-login.yaml +++ b/http/default-logins/ibm/ibm-dcbc-default-login.yaml @@ -8,7 +8,8 @@ info: - https://www.ibm.com/docs/en/odm/8.0.1?topic=users-tutorial-getting-started-decision-center-business-console metadata: verified: true - shodan-query: title="Decision Center | Business Console" + shodan-query: "title=\"Decision Center | Business Console\"" + max-request: 1 tags: ibm,default-login,decision-center http: @@ -42,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502205523a863445a05acb27e5d7ae6cb824465b467afcd5bf3f7f916c78ff4853b54022100f6e82a4f9f222831b97dcb7bf5d0a3410048123eface5f0840f9571b5c31ac2d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022016a80ca652cc1c45b3f6d4c92fce061f9fc9d9cb8d9cfe96626d34be23038086022100bc041f5982bff0cd5c6c76e96a375e3be9dcfdd433a205870a938cc378c23418:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/default-logins/ibm/ibm-dcec-default-login.yaml b/http/default-logins/ibm/ibm-dcec-default-login.yaml index 3bcddb1f7a..94ebd7002e 100644 --- a/http/default-logins/ibm/ibm-dcec-default-login.yaml +++ b/http/default-logins/ibm/ibm-dcec-default-login.yaml @@ -8,7 +8,8 @@ info: - https://www.ibm.com/docs/en/odm/8.5.1?topic=console-tutorial-getting-started-decision-center-enterprise metadata: verified: true - shodan-query: html="Decision Center Enterprise console" + shodan-query: "html=\"Decision Center Enterprise console\"" + max-request: 1 tags: ibm,default-login,decision-center http: @@ -42,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100f49bccdf778836b24be61c1c569daa47361ed0b8f9f3b1832055b5bc2a007f1502206ce043ef3f1813f97d2ff4376fadf94112238eed01bfb77c3d404179a8b760b4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100eda449ebab75e6434f62e1e6ad214e7a3a4cbc01f47209e6f2367427fc73892f02202b8e060110bc0d3aed5fc0e773daa6416705f332e863b1f851a004b1364615be:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/default-logins/ibm/ibm-dsc-default-login.yaml b/http/default-logins/ibm/ibm-dsc-default-login.yaml index 95d0867fa7..0a6aeea4fc 100644 --- a/http/default-logins/ibm/ibm-dsc-default-login.yaml +++ b/http/default-logins/ibm/ibm-dsc-default-login.yaml @@ -8,7 +8,8 @@ info: - https://www.ibm.com/docs/en/odm/8.8.0?topic=center-overview-decision metadata: verified: true - shodan-query: title:"Rule Execution Server" + shodan-query: "title:\"Rule Execution Server\"" + max-request: 1 tags: ibm,default-login,decision-server http: @@ -43,4 +44,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100e2da7214e13a57c4441de262e1f4377d8decac405644528c512f6298514f47ac022100f1ac476ef1244aed60da4511ef21547cb5d7cbd6238124f45f040fadc6796b39:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220196e8fb1a9ddef98855c38f2719f3c5405d7c51e90772f82c6d35c0d7596cc06022100cc5faf04711e248eb7c4c8b2fd597c8346977de7602568861691790ec7a56b1b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/default-logins/ibm/imm-default-login.yaml b/http/default-logins/ibm/imm-default-login.yaml new file mode 100644 index 0000000000..5f9faee282 --- /dev/null +++ b/http/default-logins/ibm/imm-default-login.yaml @@ -0,0 +1,44 @@ +id: imm-default-login + +info: + name: Integrated Management Module - Default Login + author: jpg0mez + severity: high + description: | + Integrated Management Module default login credentials were discovered. + reference: + - https://pubs.lenovo.com/x3650-m4/t_logging_web_interface + - https://www.ibm.com/docs/en/tcs-service?topic=oip-logging-imm-web-interface + classification: + cwe-id: CWE-798 + metadata: + verified: true + max-request: 1 + fofa-query: "integrated management module" + shodan-query: html:"ibmdojo" + tags: imm,ibm,default-login + +http: + - method: POST + path: + - "{{BaseURL}}/data/login" + body: "user=USERID&password=PASSW0RD" + + redirects: true + matchers-condition: and + matchers: + - type: word + words: + - "0" + - 'authResult":"0' + condition: or + + - type: word + words: + - "index-console.php" + - "home.php" + condition: and + + - type: status + status: + - 200 diff --git a/http/default-logins/webmethod/webmethod-integration-default-login.yaml b/http/default-logins/webmethod/webmethod-integration-default-login.yaml index d6acd84eb3..91c1a340d0 100644 --- a/http/default-logins/webmethod/webmethod-integration-default-login.yaml +++ b/http/default-logins/webmethod/webmethod-integration-default-login.yaml @@ -7,8 +7,9 @@ info: reference: - https://documentation.softwareag.com/ metadata: + shodan-query: "http.favicon.hash:-234335289" + max-request: 5 verified: true - shodan-query: http.favicon.hash:-234335289 tags: default-login,webmethod flow: http(1) && http(2) @@ -63,4 +64,4 @@ http: - Invalid credentials negative: true condition: and -# digest: 4a0a00473045022100c2ff9832495b567326f60a3290cab01226778deef5fb3b3cc77288024507dce7022035ca48f6387403fbaccecdec948c4473ce0e90f135fc8b17cc5c3c28c8d54d70:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220115d89c488b0862bb1273fe0b0298087afa5b74b011991ae1cebba5921795590022100a3bbc39dba847eadccd27ed89d597a41e3a4508393fae04c9c017f35f0b9db36:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cisco-unity-panel.yaml b/http/exposed-panels/cisco-unity-panel.yaml new file mode 100644 index 0000000000..807681556c --- /dev/null +++ b/http/exposed-panels/cisco-unity-panel.yaml @@ -0,0 +1,37 @@ +id: cisco-unity-panel + +info: + name: Cisco Unity Connection Panel - Detect + author: HeeresS + severity: info + description: | + A Cisco Unity Connection instance was detected. + metadata: + shodan-query: "html:\"Cisco Unity Connection\"" + max-request: 2 + verified: true + tags: panel,cisco,unity,login,detect + +http: + - method: GET + path: + - "{{BaseURL}}/cuadmin/home.do" + - "{{BaseURL}}" + + stop-at-first-match: true + + host-redirects: true + max-redirects: 2 + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Cisco Unity Connection Administration" + - ">Cisco Unity Connection" + condition: or + - type: status + status: + - 200 +# digest: 490a00463044022022e561912a02fb0baa91f246eebc3a05855972f2bab1224383889c1dfc20e20b02201a6bfd866f1ed3a945fb0c8a615a7b41244c13f0286921c37b72d89b08e95e70:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/dockge-panel.yaml b/http/exposed-panels/dockge-panel.yaml index eb76452443..145e912c1f 100644 --- a/http/exposed-panels/dockge-panel.yaml +++ b/http/exposed-panels/dockge-panel.yaml @@ -1,20 +1,19 @@ id: dockge-panel -info: - name: Dockge Panel - Detect - author: rxerium - severity: info - description: | - A fancy, easy-to-use and reactive self-hosted docker compose.yaml stack-oriented manager - reference: - - https://github.com/louislam/dockge - - https://dockge.kuma.pet/ - metadata: - verified: true - max-request: 2 - shodan-query: title:"Dockge" - tags: panel,dockge,login - +info: + name: Dockge Panel - Detect + author: rxerium + severity: info + description: | + A fancy, easy-to-use and reactive self-hosted docker compose.yaml stack-oriented manager + reference: + - https://github.com/louislam/dockge + - https://dockge.kuma.pet/ + metadata: + verified: true + max-request: 1 + shodan-query: "title:\"Dockge\"" + tags: panel,dockge,login http: - method: GET path: @@ -32,4 +31,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402207b4b31e89b41d54ec47a046fbbfcff3b303e68aff67845ca51b890588d9c2f180220712c5d5677eb71010f6ec9f123f1f4a074bc531998dba39a0c8a287a7e5cf40d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502204b3172c4c1a24716f7a36595e882653be64ea2699acebc7150c9bb87487c4b7302210091e20d9ea7ba962951c9bd8836bb065e490b7c99eda7f2b34b8209c155ebd94b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/easyjob-panel.yaml b/http/exposed-panels/easyjob-panel.yaml index f9fad5ddc6..57e745f496 100644 --- a/http/exposed-panels/easyjob-panel.yaml +++ b/http/exposed-panels/easyjob-panel.yaml @@ -5,12 +5,13 @@ info: author: righettod severity: info description: | - EasyJOB login panel was detected. + EasyJOB login panel was detected. reference: - https://www.en.because-software.com/software/easyjob/ metadata: verified: true - shodan-query: http.title:"Log in - easyJOB" + shodan-query: "http.title:\"Log in - easyJOB\"" + max-request: 1 tags: panel,easyjob,login http: @@ -31,4 +32,4 @@ http: group: 1 regex: - 'easyJOB\s+([0-9.]+)' -# digest: 4a0a004730450220411982e48718601305b05a93c91be6a680ce993e5e110400b0dabbff753fe0bb02210091af5cbecc2fd766de347dad93c4a3e105a0d3f5a4a8f7a002bdb838c3bc2fad:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f82e7fbb4c360cb536e24b99b8f65c91e8d46ebbc0f45a156d6074c154e202a402203334ffeaa0ca0e92f85d5ddcfd516f44ec9fbc55655b5351d2e193726e2b2248:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/goanywhere-mft-login.yaml b/http/exposed-panels/goanywhere-mft-login.yaml index 561ddc30c7..3ec6ceca5d 100644 --- a/http/exposed-panels/goanywhere-mft-login.yaml +++ b/http/exposed-panels/goanywhere-mft-login.yaml @@ -7,12 +7,11 @@ info: description: GoAnywhere Managed File Transfer login panel was detected. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 cwe-id: CWE-200 metadata: + shodan-query: "http.html:\"GoAnywhere Managed File Transfer\"" verified: true - max-request: 1 - shodan-query: http.html:"GoAnywhere Managed File Transfer" + max-request: 2 tags: panel,goanywhere,login,filetransfer http: @@ -35,4 +34,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100947f00fcac2bdcc793453ed15706359afde89947675258107183adb0f5b622f7022100e9295654f6ab5e2e2c8f63f28b7e99923b92cca82532de2b9314927aecaf52c6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502206418902cc87923995e4a87a3036d1a138bae03cb012fde34e44df55ce4504dac022100cac92b3dee719aff4f1d10544579c719236bf9dca63006ef5e0e0741aee209b2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/gotify-panel.yaml b/http/exposed-panels/gotify-panel.yaml index c8d924b523..b07624127c 100644 --- a/http/exposed-panels/gotify-panel.yaml +++ b/http/exposed-panels/gotify-panel.yaml @@ -11,7 +11,8 @@ info: vendor: gotify product: server verified: true - shodan-query: http.title:"Gotify" + shodan-query: "http.title:\"Gotify\"" + max-request: 1 tags: panel,gotify,login,detect http: @@ -32,4 +33,4 @@ http: group: 1 regex: - '"version":"([0-9.]+)"' -# digest: 4b0a00483046022100c306600c5a3f75ebdbc6d89aeb4a9042c616f870d869819424686889a568b7880221008c14b6498f5d7f935e09fe01a8f4bda2c761f2692a59202766cb798135336ae9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402204ed0fc61c5fdaec5869843788c59849c687bfe8b39891df7eab06b029e516749022055341de709d14d202015b389e25139b06ed1398ab952f6a2a39cd2ecf6a343de:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/grails-database-admin-console.yaml b/http/exposed-panels/grails-database-admin-console.yaml index 65e4953802..904cacd7e0 100644 --- a/http/exposed-panels/grails-database-admin-console.yaml +++ b/http/exposed-panels/grails-database-admin-console.yaml @@ -13,9 +13,9 @@ info: cvss-score: 5.3 cwe-id: CWE-200 metadata: + max-request: 2 vendor: grails product: grails - max-request: 2 tags: grails,panel http: @@ -34,4 +34,4 @@ http: words: - "Sorry, remote connections ('webAllowOthers') are disabled on this server" negative: true -# digest: 4a0a0047304502204ea638d90bf728298450d4bf071d113ae80087d4e5001d971617212faf1e375c022100dac85d19d2f65956875f904ce9e025a55c229cae307af3e03fa7708c190b8ef6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f7857a61a4ccdef275c890a466396f0aef331e21c33e1ab4e86f6cd2c4f3c4a4022025d9b94b715dc2b8c625ba3a8111008a7f2039dd829d7b2bef2414ba73e51ced:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/haivision-gateway-panel.yaml b/http/exposed-panels/haivision-gateway-panel.yaml index 4041d39a75..37bdc78d5b 100644 --- a/http/exposed-panels/haivision-gateway-panel.yaml +++ b/http/exposed-panels/haivision-gateway-panel.yaml @@ -9,7 +9,8 @@ info: - https://www.haivision.com/ metadata: verified: true - shodan-query: http.title:"Haivision Gateway" + shodan-query: "http.title:\"Haivision Gateway\"" + max-request: 1 tags: panel,haivision,login,detect http: @@ -23,4 +24,4 @@ http: - 'status_code == 200' - 'contains_any(body, "Haivision Gateway", "content=\"Haivision Gateway")' condition: and -# digest: 4b0a0048304602210086238eba9398bb797b00f86ef36db758f4962c0d8247070cf8b2554bdbc4b649022100c49ebd06f35893af713c00909b8f98abbae0f3ab6230d799ad0acf6147196e68:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402200b774f9123ccefe48635e129de64e264ee5b5b5882a63118c8e59935903bd895022057bd039a93248ba6b03b8c1078549b1e74b89f06fef7cc311d719dc909801370:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/haivision-media-platform-panel.yaml b/http/exposed-panels/haivision-media-platform-panel.yaml index 5b6bcfb7fa..762477dbfb 100644 --- a/http/exposed-panels/haivision-media-platform-panel.yaml +++ b/http/exposed-panels/haivision-media-platform-panel.yaml @@ -1,17 +1,17 @@ id: haivision-media-platform-panel -info: - name: Haivision Media Platform Login Panel - Detect - author: righettod - severity: info - description: Haivision Media Platform login panel was detected. - reference: - - https://www.haivision.com/ - metadata: - verified: true - shodan-query: http.title:"Haivision Media Platform" - tags: panel,haivision,login,detect - +info: + name: Haivision Media Platform Login Panel - Detect + author: righettod + severity: info + description: Haivision Media Platform login panel was detected. + reference: + - https://www.haivision.com/ + metadata: + verified: true + shodan-query: "http.title:\"Haivision Media Platform\"" + max-request: 1 + tags: panel,haivision,login,detect http: - method: GET path: @@ -23,4 +23,4 @@ http: - 'status_code == 200' - 'contains_any(body, "<title>Haivision Media Platform", "content=\"Haivision Network Video")' condition: and -# digest: 4a0a00473045022100852a82de658ce3156eed4bb9e4faf88dd4e709f258d2f188cd2aaa6f07d6e85a022079da3770440c2b448ce933600e28d1644f9a9747c3008c9e3b7f2d1f978f9e98:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402205b887d409f93bb8c6bca75ccede4fb4ede2c9c827e9b47af66ef16486efe5bed022013582e7154224d6596931d51c61ce2b4c11d03fc9682a4b29f4731c8cd797b21:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/ibm/ibm-dcec-panel.yaml b/http/exposed-panels/ibm/ibm-dcec-panel.yaml index fa503a0749..261a8a9e6f 100644 --- a/http/exposed-panels/ibm/ibm-dcec-panel.yaml +++ b/http/exposed-panels/ibm/ibm-dcec-panel.yaml @@ -10,7 +10,8 @@ info: - https://www.ibm.com/docs/en/odm/8.5.1?topic=console-tutorial-getting-started-decision-center-enterprise metadata: verified: true - shodan-query: html:"Decision Center Enterprise console" + shodan-query: "html:\"Decision Center Enterprise console\"" + max-request: 1 tags: panel,ibm,login,detect,decision-center http: @@ -30,4 +31,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100c1586e66a4f5b442e8b98fc0197d38db06f862c0aa724aad823686560f8af3150220651109acecc6891e0802e326f21c5261822dbc69bee767c5e4eb04cd73c0026e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008667c30c6129e740f22587180d65bef7ea8c9bc5e42073143338ea019a73840d022004dfe32d460d9554f364fc00d8db42df22960b4dbfde97ec9101a158366ad22e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/ibm/ibm-decision-server-console.yaml b/http/exposed-panels/ibm/ibm-decision-server-console.yaml index bf8f8d54b2..1a0b1d065f 100644 --- a/http/exposed-panels/ibm/ibm-decision-server-console.yaml +++ b/http/exposed-panels/ibm/ibm-decision-server-console.yaml @@ -10,7 +10,8 @@ info: - https://www.ibm.com/docs/en/odm/8.12.0?topic=overview-introducing-rule-execution-server metadata: verified: true - shodan-query: title:"Rule Execution Server" + shodan-query: "title:\"Rule Execution Server\"" + max-request: 1 tags: panel,ibm,login,detect,decision-server http: @@ -30,4 +31,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502204d00e79a36864310511d3945c877939d641c2eacd7d408a2786aa413851bacd0022100f12605169ab70c9beb895a8691d7cb6f2ca099f3c6bdc7ffe6c2f7b818010135:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f8a6779c2c863e990a8f3761c1fbc8d9a2aac9c60e69c8feb80a9b48a5660cf102207f75f60642c2257b39595c992440af15edf913738771b226230ebd0d27350410:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/ibm/ibm-odm-panel.yaml b/http/exposed-panels/ibm/ibm-odm-panel.yaml index 68c16b638b..b60c598c01 100644 --- a/http/exposed-panels/ibm/ibm-odm-panel.yaml +++ b/http/exposed-panels/ibm/ibm-odm-panel.yaml @@ -10,7 +10,8 @@ info: - https://www.ibm.com/docs/en/odm/8.12.0 metadata: verified: true - fofa-query: title="Decision Center | Business Console" + fofa-query: "title=\"Decision Center | Business Console\"" + max-request: 1 tags: panel,ibm,login,detect,decision-center http: @@ -28,4 +29,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100d52dbff62d09aa1893a69601b6ebddcee476872b7bb74d935c4e313e8d76578e0220590a89cfb7fc87044c7c7dd5e7def60b1c02374a7671d2affc6a164a3045e4a8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b3e217aca2f0e7f4749d018a3aa54ce7d31b691b0feace4be2ea8945691b24a002210092adc4f4e4095474a2915ebe62b11db7981f79fe08a1ce086adc6ddfd2c7811a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/ivanti-connect-secure-panel.yaml b/http/exposed-panels/ivanti-connect-secure-panel.yaml index 5b750d8d3e..8d52e50256 100644 --- a/http/exposed-panels/ivanti-connect-secure-panel.yaml +++ b/http/exposed-panels/ivanti-connect-secure-panel.yaml @@ -10,10 +10,10 @@ info: - https://www.ivanti.com/products/connect-secure-vpn metadata: vendor: ivanti - product: connect_secure + product: "connect_secure" verified: true - max-request: 1 - shodan-query: title:"Ivanti Connect Secure" + max-request: 2 + shodan-query: "title:\"Ivanti Connect Secure\"" tags: panel,connectsecure,login http: @@ -35,4 +35,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100d585f9e252400d8b89e35a904465bc72b1832386ab12f0554abcefd5a8be293e02202a923fe7c0fc9e7ee34ae5f72b28a5683ab136b9a664779fc942b61847b84a52:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c4feca263103f90d4e4077e98702f3dd3dbf5c455ecfb5ed45115b96ad11372c022100ba71de0184707063914de8dee85d4e4930735f2609448a0470e38c0198003b7a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/juniper-panel.yaml b/http/exposed-panels/juniper-panel.yaml index 36d31beb1b..ec676d5857 100644 --- a/http/exposed-panels/juniper-panel.yaml +++ b/http/exposed-panels/juniper-panel.yaml @@ -10,12 +10,11 @@ info: - https://www.juniper.net/documentation/us/en/software/jweb-ex/jweb-ex-application-package/topics/concept/ex-series-j-web-interface-overview.html classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 cwe-id: CWE-200 metadata: - max-request: 2 + max-request: 1 verified: true - shodan-query: http.title:"Juniper Web Device Manager" + shodan-query: "http.title:\"Juniper Web Device Manager\"" tags: panel,juniper,vpn,login http: @@ -43,4 +42,4 @@ http: group: 1 regex: - 'var modelphpStr = "(.*?)";' -# digest: 4b0a00483046022100fc6761f1e20dc648ed664ad95d12ebbf947321c37644528bc30edc2a7bc4918d0221009f32657ac7c105b55a5dbe72bb6f2d59f11c4f73563b60a96c5153f99d25b636:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502205ca23f303d8fa1ef26270300c55737695329a18b419a0eaa9c633ec3d476a6b902210089ea66b95ddb52fa15accc8bebc0824d44dc509c97674017cf72d1a0ba8c0997:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/kafka-topics-ui.yaml b/http/exposed-panels/kafka-topics-ui.yaml index 56ce71df34..d080d4d4d1 100644 --- a/http/exposed-panels/kafka-topics-ui.yaml +++ b/http/exposed-panels/kafka-topics-ui.yaml @@ -10,13 +10,12 @@ info: - https://github.com/provectus/kafka-ui classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 cwe-id: CWE-200 metadata: vendor: provectus product: ui platform: kafka - max-request: 1 + max-request: 2 tags: panel,kafka,apache,detect http: @@ -45,4 +44,4 @@ http: group: 1 regex: - '"v([0-9.]+)"' -# digest: 490a004630440220120fd70d830d5673b6694bc74d5d5cdd0f17420aba4ae2000532dbcb795c6584022001816294148c66bde9fe384d304fd6f1b4bbedafc160454c3f9e0b5183f4e601:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210091554843ef5d12adad3dd9e9d9ba5b82adc7a34ba448aaf4e12449bad284693e022034ed2d535005bac5972abee730948bb14439734f919d1b516f886b50ff402038:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/keycloak-admin-panel.yaml b/http/exposed-panels/keycloak-admin-panel.yaml index 5693d50557..a142a38f4e 100644 --- a/http/exposed-panels/keycloak-admin-panel.yaml +++ b/http/exposed-panels/keycloak-admin-panel.yaml @@ -37,9 +37,10 @@ http: - "alt=\"Keycloak" - "kc-form-buttons" - "/keycloak/img/favicon.ico" + - "/admin/keycloak/" condition: or - type: status status: - 200 -# digest: 4a0a00473045022100ce99a9168d9735401c84081a0b8c389cebe54d781b5616f4d42390b7b920373a02206394e01504f7c25820d9154260d135c341af22fd6e392b37412ecbd99b9403bd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100dd6221af8f8b9f571a28611b54d652f7568da86dce1654fa1a73962e720bf2cf022100ed7bd96937ba0a702f5889f0827638671d3ffbd3e98bba852bd274542e59ae0f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/kopano-webapp-panel.yaml b/http/exposed-panels/kopano-webapp-panel.yaml index e58a9bbe85..9246023f13 100644 --- a/http/exposed-panels/kopano-webapp-panel.yaml +++ b/http/exposed-panels/kopano-webapp-panel.yaml @@ -9,7 +9,8 @@ info: - https://kopano.com/ metadata: verified: true - shodan-query: http.title:"Kopano WebApp" + shodan-query: "http.title:\"Kopano WebApp\"" + max-request: 1 tags: panel,kopano,login,detect http: @@ -33,4 +34,4 @@ http: group: 1 regex: - '\?kv([0-9.]+)"' -# digest: 4a0a0047304502205ae240e238fffb87a0154ac0e19299328e5fd7f4e02f7cd8b5e0c74e304c8166022100ec2e323a3aa419e061a0504a4864efde49aa02f6272eb5b8c511960367a042e1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220499c97ef6976f50be4391e8eeb0ddfeb3fcbe37bec5a7fe24d71c473e6b3d673022070949daf15a245428269d09199e9f2377b400261229944d98137f800b4e0f3a8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/linshare-panel.yaml b/http/exposed-panels/linshare-panel.yaml index 3a3ab90ec3..841ffa3bf1 100644 --- a/http/exposed-panels/linshare-panel.yaml +++ b/http/exposed-panels/linshare-panel.yaml @@ -10,7 +10,8 @@ info: - https://github.com/linagora/linshare metadata: verified: true - shodan-query: http.title:"LinShare" + shodan-query: "http.title:\"LinShare\"" + max-request: 3 tags: panel,linshare,login,detect http: @@ -30,4 +31,4 @@ http: - 'status_code == 200' - 'contains_any(body, "<title>LinShare", "x-ng-app=\"linshareAdminApp")' condition: and -# digest: 4a0a0047304502207dcbdcd3215abf97fd2c12ef382bf488ddfa0f31ff0f717491fd3b0bf6bd9368022100b838aab3468abf4fe5755bfdb54b4a238263bda36c0ea794d661efa2b18880f8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ca5993c797cf75bbaa9653d71b58a8c69d527adaceac8589f0e96b9e49c8d38f02207eac6b0a379abc14b4907532c15a5ad9f9f62ef6b0852286904753a93af8019c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/odoo-panel.yaml b/http/exposed-panels/odoo-panel.yaml index 7e69aa248f..6ec8974b6a 100644 --- a/http/exposed-panels/odoo-panel.yaml +++ b/http/exposed-panels/odoo-panel.yaml @@ -2,20 +2,25 @@ id: odoo-panel info: name: Odoo - Panel Detect - author: DhiyaneshDK + author: DhiyaneshDK,righettod severity: info metadata: vendor: odoo product: odoo verified: true - max-request: 1 - shodan-query: title:"Odoo" + max-request: 2 + shodan-query: "title:\"Odoo\"" tags: login,panel,odoo http: - method: GET path: - "{{BaseURL}}/web/login" + - "{{BaseURL}}" + + stop-at-first-match: true + host-redirects: true + max-redirects: 2 matchers-condition: and matchers: @@ -23,8 +28,14 @@ http: part: body words: - '<title>Odoo' + - 'odoo.session_info' + - 'web.layout.odooscript' + condition: or + + - type: word + part: body + words: - 'Log in' - condition: and - type: word part: header @@ -34,4 +45,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100a4ee6283d4c0264ea8d9ac9e56e2c948d50afbb650ac84735d4978ada4bfcdf802207a1bf2401f730d11a14cc03bea4d3e2ac98aae9ad05856f7a41359be3b31eda1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202c94e6e7ce327a1d5e088428410c9e0bb977cfd163434b7a8e449af58b032a9c0221009dbebd38cac6453fb54b396854eae6bcef87f5f70980bf2b82610cfb98fdcb54:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/passbolt-panel.yaml b/http/exposed-panels/passbolt-panel.yaml index 642da8d5b3..71473077e0 100644 --- a/http/exposed-panels/passbolt-panel.yaml +++ b/http/exposed-panels/passbolt-panel.yaml @@ -1,18 +1,18 @@ id: passbolt-panel -info: - name: Passbolt Login Panel - author: righettod - severity: info - description: | - Passbolt login panel was detected. - reference: - - https://www.passbolt.com/ - metadata: - verified: true - shodan-query: http.title:"Passbolt | Open source password manager for teams" - tags: panel,passbolt,login - +info: + name: Passbolt Login Panel + author: righettod + severity: info + description: | + Passbolt login panel was detected. + reference: + - https://www.passbolt.com/ + metadata: + verified: true + shodan-query: "http.title:\"Passbolt | Open source password manager for teams\"" + max-request: 1 + tags: panel,passbolt,login http: - method: GET path: @@ -31,4 +31,4 @@ http: group: 1 regex: - '(?i)v=([0-9a-z.-]+)' -# digest: 4b0a00483046022100cd46bf88248b5f3ddfbaf30d8f17602a0168b6080418f686067b8482f9b37b570221008b497e1c5529c20f6202974940db3d83ca0be3737bab1799bd727c314e17a142:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207f1b9037354038919a4460781c2f126b5ca46c7d67c0af2aa6f9653d51573ce2022048ad39d72b06d3603428ca396cf315280273241fbf01fe026e55d2d9f9a4f964:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/phpmyadmin-panel.yaml b/http/exposed-panels/phpmyadmin-panel.yaml index 03199700ee..381c7e8208 100644 --- a/http/exposed-panels/phpmyadmin-panel.yaml +++ b/http/exposed-panels/phpmyadmin-panel.yaml @@ -7,13 +7,12 @@ info: description: phpMyAdmin panel was detected. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 cwe-id: CWE-200 metadata: + shodan-query: "http.title:phpMyAdmin" vendor: phpmyadmin product: phpmyadmin - max-request: 12 - shodan-query: http.title:phpMyAdmin + max-request: 13 tags: panel,phpmyadmin http: @@ -46,4 +45,4 @@ http: group: 1 regex: - 'v=([a-z0-9-._]+)' -# digest: 490a0046304402203073d075e05bc85ce417b3db20f3c9b6c7a32c22768f7ad39c75ffa91712bb4d022006c2a3c1552f7209c345f11c66087db13eef087aff98dead27a5c4a6f0fa4f54:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402205a7d1860670db2b7c7fe2c51ee5bca11729bf56ee88e3194b9f7cb90959a3ad10220664c394c6cca2ebeceb2166bc8a9d4c78b949ac13ebd420bc441fc7a22adc6af:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/proofpoint-protection-server-panel.yaml b/http/exposed-panels/proofpoint-protection-server-panel.yaml index 3fdfd45912..fa416b961a 100644 --- a/http/exposed-panels/proofpoint-protection-server-panel.yaml +++ b/http/exposed-panels/proofpoint-protection-server-panel.yaml @@ -7,14 +7,13 @@ info: description: Proofpoint Protection Server panel was detected. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 cwe-id: CWE-200 metadata: + product: "proofpoint protection server" + shodan-query: "http.favicon.hash:942678640" verified: true - max-request: 1 + max-request: 2 vendor: proofpoint - product: proofpoint protection server - shodan-query: http.favicon.hash:942678640 tags: panel,proofpoint,login,detect http: @@ -41,4 +40,4 @@ http: part: header words: - 'PPSAUTH=' -# digest: 4a0a00473045022100da651ce3e96c872c09b0efeb7f24ce435691efb6047687fa2f980969c7d32add02206cedee1a6d93fb48ac0d8c6a50883823566a3fdc0b0946e3a3d17921b76ed292:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a1b58b379feb7b3d65301bdfd4395652cad8294c5edae415ecc4d47669e3ad1a02207e32ff2739b36c0e05a467df6fbef59f1ef6c6383b4ec9a75dbc21729f14efae:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/pulse-secure-version.yaml b/http/exposed-panels/pulse-secure-version.yaml index 604edc5cc1..38a493da1b 100644 --- a/http/exposed-panels/pulse-secure-version.yaml +++ b/http/exposed-panels/pulse-secure-version.yaml @@ -5,9 +5,9 @@ info: author: dadevel severity: info metadata: + max-request: 2 vendor: pulsesecure product: pulse_connect_secure - max-request: 2 tags: pulse,panel http: @@ -40,4 +40,4 @@ http: part: body regex: - "(?i)([^<]+)" -# digest: 4a0a0047304502203aa1cb77ba86704bad2c198c7fbf07c028f96dfe80cb8d6860fbec949ba9b314022100dbe4fbc3fd5b5fb9a25b9f45063a4c986bbe786b109f9356b2da46be1eb8b4af:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f823e5c127aced792ff96e8e9214476b414af4e1353f299d1e59d51b537e6fd3022100b1c6a628c41e09ad48d649a5dca0b9f6051955009d9de2338a4237d51322544b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/rocketchat-panel.yaml b/http/exposed-panels/rocketchat-panel.yaml index fb8aff89e8..eacd042f61 100644 --- a/http/exposed-panels/rocketchat-panel.yaml +++ b/http/exposed-panels/rocketchat-panel.yaml @@ -9,7 +9,8 @@ info: - https://www.rocket.chat/ metadata: verified: true - shodan-query: http.title:"Rocket.Chat" + shodan-query: "http.title:\"Rocket.Chat\"" + max-request: 1 tags: panel,rocketchat,login,detect http: @@ -25,4 +26,4 @@ http: - 'status_code == 200' - 'contains_any(body, "Rocket.Chat", "content=\"Rocket.Chat")' condition: and -# digest: 490a00463044022012e5cbbf245707dd32c566958b4c6fa7a07f06f418139ec7a81026c1f90de09a0220096635ca065674713ac77f3b305157cbfba0635b3f6e7d7da94cf8ed3f1ac1e7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220213f92e33c7b93bd760a281dff3427b796dcb4eed73ed550941fb16abddd89180220080a30ead625b8491cb47333aff0f5d45158897773064a2aeb1baddffe94683a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/sentry-panel.yaml b/http/exposed-panels/sentry-panel.yaml index d61b76a3bf..07fc5838ec 100644 --- a/http/exposed-panels/sentry-panel.yaml +++ b/http/exposed-panels/sentry-panel.yaml @@ -5,14 +5,15 @@ info: author: righettod severity: info description: | - Sentry login panel was detected. + Sentry login panel was detected. reference: - https://sentry.io/ metadata: vendor: sentry product: sentry verified: true - shodan-query: http.title:"Login | Sentry" + shodan-query: "http.title:\"Login | Sentry\"" + max-request: 1 tags: panel,sentry,login http: @@ -36,4 +37,4 @@ http: group: 1 regex: - '(?i)"current":\s*"([0-9a-z.-]+)"' -# digest: 4b0a00483046022100bc11bbc2da0eeaaeb02cfdf576e886aaad2dbc0fbf346c43f5d8242aafd24ac102210087c344fb3a27ea65932c1a1adbd8ede83fcc91914d7c39027ae096ec8cd72ac0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100b04d058d31690931f321b078a2ac12a98dbfae03861caadbc878766143783e2902207291a26d57c10aaa7dfedba3b543e898aa150509733c646e144fcd58a5758175:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/truenas-scale-panel.yaml b/http/exposed-panels/truenas-scale-panel.yaml index 4a2b80f35a..a535b2d643 100644 --- a/http/exposed-panels/truenas-scale-panel.yaml +++ b/http/exposed-panels/truenas-scale-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://www.truenas.com metadata: - vendor: ixsystems - product: truenas verified: true max-request: 1 + vendor: ixsystems + product: truenas shodan-query: html:"TrueNAS" tags: login,panel,truenas @@ -33,4 +33,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100dd1d5fd20c54a80d0f7d2631323b4434a2da43d683ca143da2f976cf8ab372d702201c583fae3cb0276990d9ad033e8461d795c1c7eba84d733b30cb0b2a45e60d26:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ece185971ecd556127979d86bf7200c50f67dfaf61bb545570d1df063fd788a2022100ddaefbef6ccd73cfd9d33ba6612bfab01cd89d1c688769cc5159cfee1588d464:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/vistaweb-panel.yaml b/http/exposed-panels/vistaweb-panel.yaml index 5fd82c8ce0..be3adc1df3 100644 --- a/http/exposed-panels/vistaweb-panel.yaml +++ b/http/exposed-panels/vistaweb-panel.yaml @@ -5,11 +5,12 @@ info: author: righettod severity: info description: | - Vista Web login panel was detected. + Vista Web login panel was detected. reference: - https://resa.aero/solutions-operations-facturation/vista-web/ metadata: verified: true + max-request: 1 tags: panel,vistaweb,login http: @@ -30,4 +31,4 @@ http: group: 1 regex: - 'v=([0-9.]+)' -# digest: 4b0a004830460221009afbf2bd9a3f5bfffe7e6d92b5b3f4423102532bd1114541c5258759f24bc380022100e1677ad6b53c0e42ddb24ee59efd95a0682281006b56d46e0fb15a195598ffda:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e75b80b7677ce3d46ea55b865e0c89ab12384a99ff0b565ec6e4dd49f1090a3102207c7e6629206f24058e677de683d5e3a191e9b14095a37db1469d6bfe1d00ac7b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposures/apis/swagger-api.yaml b/http/exposures/apis/swagger-api.yaml index 8041c14666..433638d12d 100644 --- a/http/exposures/apis/swagger-api.yaml +++ b/http/exposures/apis/swagger-api.yaml @@ -10,9 +10,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + max-request: 59 + shodan-query: "http.title:\"swagger\"" verified: true - max-request: 57 - shodan-query: http.title:"swagger" tags: exposure,api,swagger http: @@ -105,4 +105,4 @@ http: group: 1 regex: - " @version (v[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3})" -# digest: 4a0a00473045022100d3639a8b44e797aa3fc7cca0bb5778f14f0d9d59ab15483940be419fa21321fa02204cbbcd636969871ac6d8cea4cb7aada40b6938b1f3314f3c235d4a80a1550bbd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220699b1c75442a856dcd0637850a4464835dd00335e1ec2f4345bebd359e25f9af022100e79a9981d9c1330730d4f4b9fe6a2785c38be6e2ee9ad19f1df3d38694a5f97d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposures/backups/zip-backup-files.yaml b/http/exposures/backups/zip-backup-files.yaml index 88ccda406c..6b334785e5 100644 --- a/http/exposures/backups/zip-backup-files.yaml +++ b/http/exposures/backups/zip-backup-files.yaml @@ -10,7 +10,7 @@ info: cvss-score: 5.3 cwe-id: CWE-200 metadata: - max-request: 1440 + max-request: 1305 tags: exposure,backup http: @@ -127,4 +127,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450221009e9e29e2bc6fa477a5ef35e682ed0677d6cd6457e0516add7ba7b3657dea242c0220573cc11dd5d3c17b8bb3226a23ac6bfa501b1c7f5e337c1fdfe79e581abadeb9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a51f2952c9c24769da7d9ad5fa3f8ad2c01a800385052b494e5cf8b8cd2b0b2002210086e92de1a4bcde1fb7758917220ed3470e42201e239106f349d60c0e28d6452b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposures/configs/awstats-script.yaml b/http/exposures/configs/awstats-script.yaml index d7bac55b85..61a0e466c5 100644 --- a/http/exposures/configs/awstats-script.yaml +++ b/http/exposures/configs/awstats-script.yaml @@ -8,10 +8,9 @@ info: reference: https://www.awstats.org/docs/awstats_setup.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 cwe-id: CWE-200 metadata: - max-request: 3 + max-request: 4 tags: config,exposure,awstats http: @@ -36,4 +35,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100a1d5304bdbe5718f9bb640888a5db388a5558f54e61dd1b5154393c62febb940022100a7d26343bf553aacbf42a7d583dc4bb2d4222a7fe0d08eae43078c91e82029f2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220627e9e39ded451b53e2044aebb66514409fa81010ab0676b9ac36403755c30110221009aeb142c34946a6588ea2a98ebfece9603c77169ee688104cc8e6408be7b3c0d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposures/logs/roundcube-log-disclosure.yaml b/http/exposures/logs/roundcube-log-disclosure.yaml index 55984b5e93..978e58b01d 100644 --- a/http/exposures/logs/roundcube-log-disclosure.yaml +++ b/http/exposures/logs/roundcube-log-disclosure.yaml @@ -8,7 +8,7 @@ info: reference: - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/roundcube-log-disclosure.json metadata: - max-request: 12 + max-request: 16 tags: exposure,logs http: @@ -57,4 +57,4 @@ http: - type: dsl dsl: - content_length -# digest: 4a0a0047304502210092febbf3f9906523788e68550f93dd10480ff15eb53ab20a8c452c482c7cd380022061f77b2b8a8ae9439fe60c5d02731b99246b700d7d38cac9608bced9885ba4a3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f29f0edc0fd1c21ddc672864cdd1b0e8f9b6bf2fd245e63e3a18e009f87dda4802210094fc7c7162920f3d1b9a810729c4ac860b27bb6b73a4fe837009758cf4ee4fae:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/fuzzing/wordpress-plugins-detect.yaml b/http/fuzzing/wordpress-plugins-detect.yaml index d1ec1d56e9..ac4f0ded77 100644 --- a/http/fuzzing/wordpress-plugins-detect.yaml +++ b/http/fuzzing/wordpress-plugins-detect.yaml @@ -5,7 +5,7 @@ info: author: 0xcrypto severity: info metadata: - max-request: 98135 + max-request: 100563 tags: fuzzing,bruteforce,wordpress http: @@ -35,4 +35,4 @@ http: regex: - "===\\s(.*)\\s===" # extract the plugin name - "(?m)Stable tag: ([0-9.]+)" # extract the plugin version -# digest: 4b0a00483046022100bc606e0746f263229a02d000cd84aafb581fcdf5d93f151e4de17e328f47291b022100a600a40ce1fbd7cab94ccc994cd355edf9dc15ed337d21d28b414705b5324161:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022011ffc9134eaa01b62eddcdbbc33af59e33613478dd206665d9f12d60ea4fe114022100a6845b777b51f0d3959d009a91f612b73b13c9a5dc6fe6d058bd37994d64fe6a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/misconfiguration/cloudflare-rocketloader-htmli.yaml b/http/misconfiguration/cloudflare-rocketloader-htmli.yaml new file mode 100644 index 0000000000..537db5402b --- /dev/null +++ b/http/misconfiguration/cloudflare-rocketloader-htmli.yaml @@ -0,0 +1,40 @@ +id: cloudflare-rocketloader-htmli + +info: + name: Cloudflare Rocket Loader - HTML Injection + author: j3ssie + severity: low + description: | + The Rocket Loader feature in Cloudflare allow attackers to inject arbitrary HTML into the website. This can be used to perform various attacks such as phishing, defacement, etc. + reference: + - https://developers.cloudflare.com/speed/optimization/content/rocket-loader/enable/ + metadata: + max-request: 1 + verified: true + tags: misconfig,cloudflare,htmli + +http: + - method: GET + path: + - "{{BaseURL}}/cdn-cgi/image/width=1000,format=auto/https://raw.githubusercontent.com/simple-icons/simple-icons/develop/icons/cloudflare.svg" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Cloudflare' + - '<svg' + - 'M16.5088 16.8447c.1475-.5068.0908-.9707-.1553-1.3154-.2246-.3164-.6045-.499-1.0615-.5205l-' + - '1475.5068-.0918.9707.1543 1.3164.2256.3164.6055.498' + condition: and + + - type: word + part: header + words: + - 'image/svg+xml' + + - type: status + status: + - 200 +# digest: 4a0a0047304502203f1f9450ea215136ca621ee9dbedce3ae4455abcc8dd73db23c5e0cdde586076022100f02e51d462db656b75f00a878d4608aed164f4cc5492a86cb73fd88a1665a085:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/technologies/google/chromecast-detect.yaml b/http/technologies/google/chromecast-detect.yaml index 2ae52c58c5..af7b1bcb74 100644 --- a/http/technologies/google/chromecast-detect.yaml +++ b/http/technologies/google/chromecast-detect.yaml @@ -10,8 +10,9 @@ info: - https://github.com/thewhiteh4t/killcast/blob/ee81cfa03c963d47d3335770fcea2ca48bddeabf/killcast.py#L100C25-L100C43 - https://rithvikvibhu.github.io/GHLocalApi/#section/Google-Home-Local-API/Authentication metadata: - shodan-query: "Chromecast" verified: true + max-request: 1 + shodan-query: Chromecast tags: google,chromecast,detect http: @@ -32,4 +33,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450221009d996dd528a6470315f3ef08c7de657ec6203185d235eb7877324aeb51c17c29022078f0723a1a04cc66cea30f0a15c736c5701e1062d0d40436d5f177e847865396:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502206c214513406d47d4e688761e11149e983c02c3e47bdfa1f4d01fab2aa15ff11d0221009b017586aea846fc0befea354637be19778ec8c58b0fb2c49e2f28e65855dc2a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/technologies/ibm/ibm-odm-detect.yaml b/http/technologies/ibm/ibm-odm-detect.yaml index 168fe828b4..7c4002fe2d 100644 --- a/http/technologies/ibm/ibm-odm-detect.yaml +++ b/http/technologies/ibm/ibm-odm-detect.yaml @@ -10,7 +10,8 @@ info: - https://www.ibm.com/products/operational-decision-manager metadata: verified: true - fofa-query: icon_hash="707491698" + fofa-query: "icon_hash=\"707491698\"" + max-request: 1 tags: ibm,decision-center,tech,detect http: @@ -28,4 +29,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100a59aa313dd5de76ccd37ff23f84ea70c006cf6902d856db566f35dd35a4091250221008aa670d5443398d03af2bd250cf3d43d379ff8c32783e9f9de3bb9c7af63ad0e:922c64590222798bb761d5b6d8e72950 +# digest: 490a004630440220145ded2786c1d6f03455e511dd78e011fec59080659837fcc214ab4d5fa13b930220173f1a21d9016bd6415376e6b6963b1964e29cc705c87c6b10ee14d6f0eeb176:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/technologies/lucee-detect.yaml b/http/technologies/lucee-detect.yaml index 85169c3cbb..773582565f 100644 --- a/http/technologies/lucee-detect.yaml +++ b/http/technologies/lucee-detect.yaml @@ -6,9 +6,9 @@ info: severity: info description: Lucee Server is a dynamic, Java based (JSR-223), tag and scripting language used for rapid web application development -- https://github.com/lucee/Lucee/ metadata: - max-request: 1 - shodan-query: html:"Lucee" - fofa-query: app="Lucee-Engine" + max-request: 2 + shodan-query: "html:\"Lucee\"" + fofa-query: "app=\"Lucee-Engine\"" tags: tech,lucee http: @@ -32,4 +32,4 @@ http: part: body words: - "Lucee Function Reference" -# digest: 4b0a004830460221009cbb7989d4159df62b80311c4b24621afd93f9f1c267f67d5d9992aa4f746d88022100eaf1f5b6e10de1cad3a3355357d159832bc74ca148707f7e1d870d9f584eaadf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022075f26792907c6d74be5f38bbe41be081199595519e306502ecd4bdfee409f2f7022100b02b3b2ac7b94271edb6835e15e0b302f6270605125e9312412d075effba137d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/vulnerabilities/dahua/dahua-bitmap-fileupload.yaml b/http/vulnerabilities/dahua/dahua-bitmap-fileupload.yaml index 8e5c9ac6cb..32866a2c68 100644 --- a/http/vulnerabilities/dahua/dahua-bitmap-fileupload.yaml +++ b/http/vulnerabilities/dahua/dahua-bitmap-fileupload.yaml @@ -7,9 +7,9 @@ info: reference: - https://github.com/wy876/POC/blob/main/%E5%A4%A7%E5%8D%8E%E6%99%BA%E6%85%A7%E5%9B%AD%E5%8C%BA%E7%BB%BC%E5%90%88%E7%AE%A1%E7%90%86%E5%B9%B3%E5%8F%B0bitmap%E6%8E%A5%E5%8F%A3%E5%AD%98%E5%9C%A8%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E.md metadata: - max-request: 1 - fofa-query: app="dahua-智慧园区综合管理平台" + fofa-query: "app=\"dahua-智慧园区综合管理平台\"" verified: true + max-request: 2 tags: dahua,file-upload,rce,intrusive variables: @@ -52,4 +52,4 @@ http: - type: word words: - '{{base64_decode(cmd)}}' -# digest: 4a0a00473045022009c46747d650cd806bef81cb8b51b52e3c3a94a7cbb6fbb72beade04a7678dec022100c4fcafe37da8546deda019b41760816d1192f34ff4d3360004be40b77df0ba92:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008c4101e68960b20bdad91dc8e4d8edf035a1ca8a553743675b01f8066845822302207ae43e513af6df97734ecf94b9d11bd42601908eab43645c75dc5a823a18fcee:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/vulnerabilities/generic/xss-fuzz.yaml b/http/vulnerabilities/generic/xss-fuzz.yaml index e7c4572f47..4e0291ab94 100644 --- a/http/vulnerabilities/generic/xss-fuzz.yaml +++ b/http/vulnerabilities/generic/xss-fuzz.yaml @@ -10,8 +10,8 @@ info: cvss-score: 7.2 cwe-id: CWE-79 metadata: - max-request: 3 - parameters: q,s,search,id,action,keyword,query,page,keywords,url,view,cat,name,key,p,month,page_id,password,terms,token,type,unsubscribe_token,api,api_key,begindate,callback,categoryid,csrf_token,email,emailto,enddate,immagine,item,jsonp,l,lang,list_type,year + max-request: 29 + parameters: "q,s,search,id,action,keyword,query,page,keywords,url,view,cat,name,key,p,month,page_id,password,terms,token,type,unsubscribe_token,api,api_key,begindate,callback,categoryid,csrf_token,email,emailto,enddate,immagine,item,jsonp,l,lang,list_type,year" tags: xss,generic,fuzz http: @@ -74,4 +74,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100a7b920830c1fe829ec26cb2a2c505a3b1b801f637d99d185f080fe0a9a17aa9502202ae7e3e6f0316b1ce7a02f6f61c51736d4ae6d6961922122207011be90b6f860:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220422fa88099c081d3188fb7d1e5615710b29e2f5ec74a4daccf72f1faa714fcda02210093290ee6f988d9ad886291b9c801bbdd358e83fdcdd779ecbf65413328fc6d0d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/vulnerabilities/other/bitrix-open-redirect.yaml b/http/vulnerabilities/other/bitrix-open-redirect.yaml index 1486d2483e..ec1661bd5f 100644 --- a/http/vulnerabilities/other/bitrix-open-redirect.yaml +++ b/http/vulnerabilities/other/bitrix-open-redirect.yaml @@ -12,8 +12,8 @@ info: cvss-score: 6.1 cwe-id: CWE-601 metadata: - max-request: 12 - shodan-query: html:"/bitrix/" + max-request: 14 + shodan-query: "html:\"/bitrix/\"" tags: redirect,bitrix,packetstorm http: @@ -48,4 +48,4 @@ http: status: - 302 - 301 -# digest: 4a0a00473045022100b42f4e5a0aa4dcf2c88baaf563fe737cade93b81d8cd40676c53d88fe290ff920220055f13878b2915fb27467e87af6dc8c0e3e0a317d100a8250fbdbe3d95a3020b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402205ce8e79a14884270f893e65babcab7e2383c15ba7a71e150408b0fe9150aed060220651eeb289954926626e24a265855d52be83bac39a8e0e3f080b6ea68d0f0b7e0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/vulnerabilities/vbulletin/vbulletin-backdoor.yaml b/http/vulnerabilities/vbulletin/vbulletin-backdoor.yaml index f2b7597135..471ee97181 100644 --- a/http/vulnerabilities/vbulletin/vbulletin-backdoor.yaml +++ b/http/vulnerabilities/vbulletin/vbulletin-backdoor.yaml @@ -8,7 +8,7 @@ info: - https://github.com/OWASP/vbscan - https://blog.sucuri.net/2017/01/vbulletin-malware-hackers-compete-backdoor-control.html metadata: - max-request: 31 + max-request: 21 tags: backdoor,php,vbulletin,rce flow: http(1) && http(2) @@ -56,4 +56,4 @@ http: - "contains(body, '{{md5(num)}}')" - "status_code == 200" condition: and -# digest: 490a004630440220140a0cd4a972dda1d19412bb1e411cb1c793fc888c041a14c388fb4f7427bea00220254b7d65fbccf04f5bb9c23aacbd313a19ae1075233dcbde2dea106657624abe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202fa822365b053aafd4cd03da9826f7140e6cfd857029a00d083dd3b45a2cce5c022100946ced87dca459a6de74ea9f7c130a746df5abd23ccef62da928695500a06423:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/javascript/cves/2016/CVE-2016-8706.yaml b/javascript/cves/2016/CVE-2016-8706.yaml index 03f4bfaed8..18a3a8018f 100644 --- a/javascript/cves/2016/CVE-2016-8706.yaml +++ b/javascript/cves/2016/CVE-2016-8706.yaml @@ -17,8 +17,8 @@ info: cvss-score: 8.1 cve-id: CVE-2016-8706 cwe-id: CWE-190 - epss-score: 0.91612 - epss-percentile: 0.98696 + epss-score: 0.89998 + epss-percentile: 0.987 cpe: cpe:2.3:a:memcached:memcached:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -54,4 +54,4 @@ javascript: words: - "Auth failure" negative: true -# digest: 4a0a00473045022046d7980adf7f0cd1a7b30987df5d99e9684f499fb16e24ec91423bd295ac5ba9022100b32f5023a8fb58b1384a6ba051a7b27cb6f526e58288f358f133de0857fc87c9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ead806801ba9165ccb0e8c1440393371cbca9faaeea96f241a7ec89d3652013b02201006c1461159048c722205018200456294e9cacd37034275fa1ffd2af42799ac:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/javascript/cves/2023/CVE-2023-34039.yaml b/javascript/cves/2023/CVE-2023-34039.yaml index a35db348bb..f71d6ad270 100644 --- a/javascript/cves/2023/CVE-2023-34039.yaml +++ b/javascript/cves/2023/CVE-2023-34039.yaml @@ -22,8 +22,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34039 cwe-id: CWE-327 - epss-score: 0.89263 - epss-percentile: 0.98515 + epss-score: 0.88996 + epss-percentile: 0.98637 cpe: cpe:2.3:a:vmware:aria_operations_for_networks:*:*:*:*:*:*:*:* metadata: verified: true @@ -64,4 +64,4 @@ javascript: - type: dsl dsl: - success && response -# digest: 490a00463044022065aa624a6e37b8571112ceebc6f3a441f12571038e6dccd90d0fda39faa3a1850220396eaab5c4bfe69631735062f31df56e252574709749cd831a339abc91b0b036:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221009feafd85e7304801a5d27779281ba1e404c8bf1c26f4d8e443ace45603abfd980221009be9e788b356d6cf16aae887e936303bd2c812545e058d765238b4d65fbac6b2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/javascript/cves/2023/CVE-2023-46604.yaml b/javascript/cves/2023/CVE-2023-46604.yaml index 49f906a3ee..40231ce6c3 100644 --- a/javascript/cves/2023/CVE-2023-46604.yaml +++ b/javascript/cves/2023/CVE-2023-46604.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-46604 cwe-id: CWE-502 - epss-score: 0.97147 - epss-percentile: 0.99762 + epss-score: 0.97273 + epss-percentile: 0.99837 cpe: cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:* metadata: verified: true @@ -61,4 +61,4 @@ javascript: - 'contains(interactsh_protocol, "dns")' - 'contains(interactsh_request, response)' condition: and -# digest: 4a0a00473045022100adcd60bc4f5dd02dbc0265523ab86f36329f510132a01879acdbea23e5a0a430022049da8d899344edca368b226d500ff74a3c18061aa758ab73cf475ea6459174d7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220072242f64d49392155c8bd39d873097b2d61c950543e6aed9e10de3504f6c99202210089c83d599670a33b43a312a55f6ef5dce55b3861aa538160fa40802c06d6a00f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/javascript/cves/2024/CVE-2024-23897.yaml b/javascript/cves/2024/CVE-2024-23897.yaml index b91967e368..1ce87d12b2 100644 --- a/javascript/cves/2024/CVE-2024-23897.yaml +++ b/javascript/cves/2024/CVE-2024-23897.yaml @@ -3,7 +3,7 @@ id: CVE-2024-23897 info: name: Jenkins < 2.441 - Arbitrary File Read author: iamnoooob,rootxharsh,pdresearch - severity: critical + severity: high description: | Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system. reference: @@ -12,6 +12,13 @@ info: - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/forsaken0127/CVE-2024-23897 - https://github.com/nomi-sec/PoC-in-GitHub + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2024-23897 + epss-score: 0.41536 + epss-percentile: 0.97188 + cpe: cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:* metadata: verified: true max-request: 1 @@ -46,4 +53,4 @@ javascript: group: 1 regex: - '\b([a-z_][a-z0-9_-]{0,31})\:x\:' -# digest: 490a004630440220372fe535c840b56a301714c9f7a129ea3f3e11c8b6a1be3f2b91f2016985a19b02200475afdb8f58db254c2b7085231ab51bbe979873cb22ac0dc3bc0dec3c9490a9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a22e0bf486c5362bd7b22a4d814691dcb9318a631e13e7cf7086dd922feb4dd4022100cfacc9f72ee0cf45347e0c8c97dc2b5c6f95028b6f5cc3a68a506f4d3d4c7964:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/javascript/detection/oracle-tns-listener.yaml b/javascript/detection/oracle-tns-listener.yaml index c9bd4b8dc7..8b7d962bc1 100644 --- a/javascript/detection/oracle-tns-listener.yaml +++ b/javascript/detection/oracle-tns-listener.yaml @@ -19,7 +19,7 @@ javascript: var m = require("nuclei/oracle"); var c = m.OracleClient(); var response = c.IsOracle(Host, Port); - to_json(response); + Export(response); args: Host: "{{Host}}" Port: "1521" @@ -29,4 +29,4 @@ javascript: name: Version regex: - 'Oracle TNS Listener Version:([0-9.]+)' -# digest: 4b0a00483046022100d596a4352a9045f3d0ae1eee76df6a93b18ecbcf6b30f7f5032616d7677bac67022100806e7490d2d6a8a0d8b8e577d2b013edd5118a9e00aa1221948cd402d34b89cc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220129240e18b2aa556cc11716ec2557e93227ec6456bdcf2f0dcf368adf837ecd302205f663abb46939e2d0d3489aa4496252e963edec4f6668f2bcfc2daafeb367448:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/javascript/detection/ssh-auth-methods.yaml b/javascript/detection/ssh-auth-methods.yaml index abcc2e91a8..f3b05c809e 100644 --- a/javascript/detection/ssh-auth-methods.yaml +++ b/javascript/detection/ssh-auth-methods.yaml @@ -18,7 +18,7 @@ javascript: var m = require("nuclei/ssh"); var c = m.SSHClient(); var response = c.ConnectSSHInfoMode(Host, Port); - to_json(response); + Export(response); args: Host: "{{Host}}" Port: "22" @@ -27,4 +27,4 @@ javascript: - type: json json: - '.UserAuth' -# digest: 490a004630440220101335916c2a6f380948e81dcc9656b684e4e86d6062fb2477b93045cebe4d9d022013f2dace0dda4b554bbe4ab45aa49d0a9c3d05919eedc13db70532e8a1402cb1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100e442be80dad13e6129777b4894e194eacd4b5eb3dd0e9cf00e0ec1cf57bc5db702210092d14d2ffb90731bdbf6c3614bf1b0728d6b00d7a5f1ee4f7b6b42575de66309:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/javascript/enumeration/smb/smb-enum.yaml b/javascript/enumeration/smb/smb-enum.yaml index 99c6abcee7..628c6c0237 100644 --- a/javascript/enumeration/smb/smb-enum.yaml +++ b/javascript/enumeration/smb/smb-enum.yaml @@ -20,7 +20,7 @@ javascript: var m = require("nuclei/smb"); var c = m.SMBClient(); var response = c.ListSMBv2Metadata(Host, Port); - to_json(response); + Export(response); args: Host: "{{Host}}" Port: "445" @@ -79,4 +79,4 @@ javascript: - '"DNSComputerNamen: "+ .DNSComputerName ' - '"DNSComputerName: "+ .DNSComputerName ' - '"ForestName: "+ .ForestName' -# digest: 4a0a00473045022100b48190b092fe84d8d8d8fb624e3ccfa8e5d82af580bbd50df22b2b8ebf7b6d3802207e0a9e8c2fb633993fead5e8f48d2a5962354698c9bfc30f00409abd38c7d794:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220103e1700a5a198c32e79080551d88161a02a1e431ece3f87c05e0e0b6cf3e30802204c8fc2a96872067955cd54cbd6256e05403895b6048ef6d4d8a9a67e4cfd9e0d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/javascript/enumeration/smb/smb2-capabilities.yaml b/javascript/enumeration/smb/smb2-capabilities.yaml index d32361abba..5cac17bd03 100644 --- a/javascript/enumeration/smb/smb2-capabilities.yaml +++ b/javascript/enumeration/smb/smb2-capabilities.yaml @@ -18,7 +18,7 @@ javascript: var m = require("nuclei/smb"); var c = m.SMBClient(); var response = c.ConnectSMBInfoMode(Host, Port); - to_json(response); + Export(response); args: Host: "{{Host}}" @@ -29,4 +29,4 @@ javascript: part: response json: - '.Capabilities | with_entries(select(.value == true)) | keys' -# digest: 4b0a00483046022100d6a33a99d4196af35fb8cad28d1c479443979a9948ccfd1c29569005b7ac911b022100c402571f32c02fdf8af300505866625ea130d9fc73e36751dc7a52d8d04e1188:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a0048304602210082593316ec1a97bfb79e418e795a360cea0a3b5f3032690a00396b29ca8870b60221009f704d5b96964ebc0886a54635f92283465fba72d126d285481f347403dfcb12:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/javascript/enumeration/ssh/obsolete-ssh-version.yaml b/javascript/enumeration/ssh/obsolete-ssh-version.yaml index f34381092d..5be24f3acf 100644 --- a/javascript/enumeration/ssh/obsolete-ssh-version.yaml +++ b/javascript/enumeration/ssh/obsolete-ssh-version.yaml @@ -18,7 +18,7 @@ javascript: var m = require("nuclei/ssh"); var c = m.SSHClient(); var response = c.ConnectSSHInfoMode(Host, Port); - to_json(response); + Export(response); args: Host: "{{Host}}" @@ -42,4 +42,4 @@ javascript: name: version json: - '.ServerID.ProtoVersion' -# digest: 4a0a0047304502204f14fc5b7b10ed62211687646d896a15707c3491bb010ead469090ff878de99b022100b738d5a1363301ccbe3e4923fec32a5efe0446246e0e73d212b8f48f72b10197:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100cdfd4b45db26e844e6192d56df6940f1cfe3414e8f2adb44a7557dd1fb680e83022100c8f30940ba6d97ace4d0b7afb3c5923fd1d519e908d6857bf3bc071affce0ee4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/javascript/enumeration/ssh/ssh-diffie-hellman-logjam.yaml b/javascript/enumeration/ssh/ssh-diffie-hellman-logjam.yaml index dfb5df3960..c1cd683dfc 100644 --- a/javascript/enumeration/ssh/ssh-diffie-hellman-logjam.yaml +++ b/javascript/enumeration/ssh/ssh-diffie-hellman-logjam.yaml @@ -21,7 +21,7 @@ javascript: let m = require("nuclei/ssh"); let c = m.SSHClient(); let response = c.ConnectSSHInfoMode(Host, Port); - to_json(response); + Export(response); args: Host: "{{Host}}" @@ -36,4 +36,4 @@ javascript: - type: word words: - "diffie-hellman-group1-sha1" -# digest: 4b0a00483046022100e1c71232ca17b65b8581b993269890f9ac6093089e4c7876586501911fcfdbb8022100c138df296e81048e721dac3917d728a37711475b1386dd01d2c6ff474b323450:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022047744b338609da31f12a18932d74bccae4ea2758a793070b55b7b83f9267aaed0220426629766f694b67c9fd15098dad4e76235ad66279bdfe85f17f82ee09e78c0b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/javascript/enumeration/ssh/ssh-password-auth.yaml b/javascript/enumeration/ssh/ssh-password-auth.yaml index 3926f2701f..1e7bfb5416 100644 --- a/javascript/enumeration/ssh/ssh-password-auth.yaml +++ b/javascript/enumeration/ssh/ssh-password-auth.yaml @@ -19,7 +19,7 @@ javascript: var m = require("nuclei/ssh"); var c = m.SSHClient(); var response = c.ConnectSSHInfoMode(Host, Port); - to_json(response); + Export(response); args: Host: "{{Host}}" Port: "22" @@ -29,4 +29,4 @@ javascript: - '"UserAuth":' - '"password"' condition: and -# digest: 4a0a00473045022000a057693ca3320ab502efe2760c39b439c7ff3a1a16bfade62058fefb124f9d0221008b0eab3eeed064d265277f81ec57e63c7d7d4387924eb8ef18956c1dbbcbf420:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402206e780b3a9760aa12f941f8a669db283fc595ad9d883f7c47fbda01fa55809e4d0220754ac7b8b97214fb4d5250a565f880c70767877da92b96a42308f91eb122619e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/javascript/enumeration/ssh/ssh-server-enumeration.yaml b/javascript/enumeration/ssh/ssh-server-enumeration.yaml index 2383b4744d..7f17ea4e95 100644 --- a/javascript/enumeration/ssh/ssh-server-enumeration.yaml +++ b/javascript/enumeration/ssh/ssh-server-enumeration.yaml @@ -17,7 +17,7 @@ javascript: var m = require("nuclei/ssh"); var c = m.SSHClient(); var response = c.ConnectSSHInfoMode(Host, Port); - to_json(response); + Export(response); args: Host: "{{Host}}" Port: "22" @@ -26,4 +26,4 @@ javascript: - type: json json: - '.ServerID.Raw' -# digest: 4a0a00473045022100a5c9aeb4a1d6b785a344c022cfbffab3835a69b75036c64a53266fc36a1605b5022020829b997e638a4a26082bdbc578c0c628bf878ae8f61d60d1dfe23ba0d1c941:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008454815f142ff14ea6ad934e6ce57dde99af0c85637dab515feb395b41f100d402207b47e062f9fa5606b42cc3f47c99a550b4ed3ee48c580b63dd635b4f77a93be3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/javascript/enumeration/ssh/ssh-sha1-hmac-algo.yaml b/javascript/enumeration/ssh/ssh-sha1-hmac-algo.yaml index 1660f4b3d3..706bd07403 100644 --- a/javascript/enumeration/ssh/ssh-sha1-hmac-algo.yaml +++ b/javascript/enumeration/ssh/ssh-sha1-hmac-algo.yaml @@ -21,7 +21,7 @@ javascript: let m = require("nuclei/ssh"); let c = m.SSHClient(); let response = c.ConnectSSHInfoMode(Host, Port); - to_json(response); + Export(response); args: Host: "{{Host}}" @@ -38,4 +38,4 @@ javascript: - type: word words: - "hmac-sha1" -# digest: 4a0a0047304502206210881f22cd8c86f258ac9555736dc09d747df628475ba0dbac86b71078eff2022100ef7b5b68c9686f7120ccf30edaf60bbb4b9b733b690b0e3baf4777e482a5d692:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220555730d2fe30f844967a5de01e03db7d7c9cbf38e88c55096e2d1df3cf50e963022057c74c281255ccca90f6b1ca7f58a9b84ca4dcc4fccda7085687c9c05fe8143e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/javascript/misconfiguration/smb/smb-anonymous-access.yaml b/javascript/misconfiguration/smb/smb-anonymous-access.yaml index 642237d076..a6fbf3ab5a 100644 --- a/javascript/misconfiguration/smb/smb-anonymous-access.yaml +++ b/javascript/misconfiguration/smb/smb-anonymous-access.yaml @@ -18,7 +18,7 @@ javascript: var m = require("nuclei/smb"); var c = m.SMBClient(); var response = c.ListShares(Host,Port,User,Pass); - to_json(response); + Export(response); args: Host: "{{Host}}" @@ -37,4 +37,4 @@ javascript: - type: json json: - '.[]' -# digest: 490a004630440220008078896778ff4d5a38634bc917004ec60f655b85fac3b0dc44ee8e62aa3d7e0220759ef4316ffe35a59e1fd341747884fae3d2b69374de9711b468439e92c35e30:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ff496491c9b3cbee3dc68775e589068c010d1f38b066610934a93d7cceaa81ce02204aacf1e737e5fc49d15526a72571c0d6691e5bdee9001b0f96212d98f95b3648:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/javascript/misconfiguration/smb/smb-shares.yaml b/javascript/misconfiguration/smb/smb-shares.yaml index 070095fbd3..fb0194af93 100644 --- a/javascript/misconfiguration/smb/smb-shares.yaml +++ b/javascript/misconfiguration/smb/smb-shares.yaml @@ -18,7 +18,7 @@ javascript: var m = require("nuclei/smb"); var c = m.SMBClient(); var response = c.ListShares(Host, Port, User, Pass); - to_json(response); + Export(response); args: Host: "{{Host}}" @@ -30,4 +30,4 @@ javascript: - type: json json: - '.[]' -# digest: 4a0a00473045022074af30e3f523f1af8e7f6adf1b3da6943559db29198020d8803738b1934eff0b022100f8e908053b0b14f9231e0f654d889c305c39dc6cd5c1b52fd5b09359f583232d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221009f4105c209254c16d69381cc59fe56ce5001beefd0910b65c133b569116f3405022100b6c02b31a74b294eaf53890db5789abbbaf8c5c7322dbd0a67b5e39e59d7d5ba:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/javascript/misconfiguration/smb/smb-signing-not-required.yaml b/javascript/misconfiguration/smb/smb-signing-not-required.yaml index b90d2bb254..66e9b13f22 100644 --- a/javascript/misconfiguration/smb/smb-signing-not-required.yaml +++ b/javascript/misconfiguration/smb/smb-signing-not-required.yaml @@ -19,7 +19,7 @@ javascript: var m = require("nuclei/smb"); var c = m.SMBClient(); var response = c.ListSMBv2Metadata(Host, Port, User, Pass); - to_json(response); + Export(response); args: Host: "{{Host}}" @@ -33,4 +33,4 @@ javascript: - '"SigningEnabled": true' - '"SigningRequired": false' condition: and -# digest: 490a004630440220572929c85485fad5fa45df0e1c827ca39eb86a50e2d7effc11713392877151fe0220548a547db6f1c64f670325e7a30c889f33625e51dacdd4617d75d3225d68cd19:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022049f49fd56a1d77d36b080f98b5db836b76f5d9cc4b8848ee1891876dc8cc33b10220120c94455a412326568ae385e5657e5539e1f5a8ae17274150bd7084ae3daa5b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/javascript/misconfiguration/ssh/ssh-cbc-mode-ciphers.yaml b/javascript/misconfiguration/ssh/ssh-cbc-mode-ciphers.yaml index 59ae95b654..a94697fd59 100644 --- a/javascript/misconfiguration/ssh/ssh-cbc-mode-ciphers.yaml +++ b/javascript/misconfiguration/ssh/ssh-cbc-mode-ciphers.yaml @@ -21,7 +21,7 @@ javascript: let m = require("nuclei/ssh"); let c = m.SSHClient(); let response = c.ConnectSSHInfoMode(Host, Port); - to_json(response); + Export(response); args: Host: "{{Host}}" Port: "22" @@ -43,4 +43,4 @@ javascript: - "blowfish-cbc" - "cast128-cbc" condition: or -# digest: 4b0a0048304602210082687c326b5c8ec0803ad1e07fd7d94f166ac53dad501f5ad325daf42d789045022100e7525130e591163bc997cca9eac1c1b757c6099e892becc2e9b546f12298d13d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ab4b243e53367496b3662f4bf89922608e1fe7d795cadb204e2e3c677e20e1c7022065e11a8621be3306742a810c72efe5996a402e2a9bf8c66ef1d343e95fdbe58c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/javascript/misconfiguration/ssh/ssh-weak-algo-supported.yaml b/javascript/misconfiguration/ssh/ssh-weak-algo-supported.yaml index e21d6ef872..2b5856e014 100644 --- a/javascript/misconfiguration/ssh/ssh-weak-algo-supported.yaml +++ b/javascript/misconfiguration/ssh/ssh-weak-algo-supported.yaml @@ -21,7 +21,7 @@ javascript: let m = require("nuclei/ssh"); let c = m.SSHClient(); let response = c.ConnectSSHInfoMode(Host, Port); - to_json(response); + Export(response); args: Host: "{{Host}}" Port: "22" @@ -40,4 +40,4 @@ javascript: - "arcfour128" - "arcfour256" condition: or -# digest: 4b0a00483046022100d5c038917f6f85efc71fd0c4703c4d90406e6b2f94a7b3a21abaf30494d74369022100cf9e9e33471dab9e101674d98ef884133d7bc1f89306f560f010d6ffb42d359a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f5a936392279db23ce50aff41adcebe4526af7d2d851f64946ebfdd48830c2bb022076a11f935f2f1dd966c28ed4dbb697e23f0842341c7c5b1a505e4216e27cab55:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/javascript/misconfiguration/ssh/ssh-weak-mac-algo.yaml b/javascript/misconfiguration/ssh/ssh-weak-mac-algo.yaml index 8c9c10211e..c933f195ab 100644 --- a/javascript/misconfiguration/ssh/ssh-weak-mac-algo.yaml +++ b/javascript/misconfiguration/ssh/ssh-weak-mac-algo.yaml @@ -21,7 +21,7 @@ javascript: let m = require("nuclei/ssh"); let c = m.SSHClient(); let response = c.ConnectSSHInfoMode(Host, Port); - to_json(response); + Export(response); args: Host: "{{Host}}" Port: "22" @@ -43,4 +43,4 @@ javascript: - "hmac-md5-96" - "hmac-sha1-96" condition: or -# digest: 490a0046304402200808b310f424b589a3a2f8857b11481b27e3141e21dd9ae12991cc026d7a1dff022059ffe406c18c198b90735f0a78b24d49fbb04a6152186b7d83ae9e775b0e2072:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207c21377a66b663801228ba58c7145a36f82f256dff404f6a7e1e4ea067d12cf3022031a5619499916f5cafd51c7cd121e33ae70d410631b1804802378813ab99f3fc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/javascript/misconfiguration/ssh/ssh-weak-public-key.yaml b/javascript/misconfiguration/ssh/ssh-weak-public-key.yaml index 386fe6cfb7..06e7b759ab 100644 --- a/javascript/misconfiguration/ssh/ssh-weak-public-key.yaml +++ b/javascript/misconfiguration/ssh/ssh-weak-public-key.yaml @@ -25,7 +25,7 @@ javascript: let m = require("nuclei/ssh"); let c = m.SSHClient(); let response = c.ConnectSSHInfoMode(Host, Port); - to_json(response); + Export(response); args: Host: "{{Host}}" Port: "22" @@ -53,4 +53,4 @@ javascript: name: rsa_keylen json: - '.DHKeyExchange.server_host_key.rsa_public_key.length' -# digest: 4a0a0047304502204b98e1786f6494bcf96bf3b39d57952295c377938b7b72a812cb6d3a2ba43d85022100f73954e4a88a8b86052942f190163c039261f30781ab20b2d91102da65b2f7ab:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ea8b80af27d86935581b08d31adc9c4ee09d297f7c1f97af6f1bd02f1cc2e4f5022062872e1f08a379f7a69b14f975ca692a57cb28777c95d0b5eacb52573e0585e5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/javascript/misconfiguration/ssh/ssh-weakkey-exchange-algo.yaml b/javascript/misconfiguration/ssh/ssh-weakkey-exchange-algo.yaml index 256845aee3..6a6bf9ac90 100644 --- a/javascript/misconfiguration/ssh/ssh-weakkey-exchange-algo.yaml +++ b/javascript/misconfiguration/ssh/ssh-weakkey-exchange-algo.yaml @@ -21,7 +21,7 @@ javascript: let m = require("nuclei/ssh"); let c = m.SSHClient(); let response = c.ConnectSSHInfoMode(Host, Port); - to_json(response); + Export(response); args: Host: "{{Host}}" Port: "22" @@ -41,4 +41,4 @@ javascript: - "gss-group14-sha1" - "rsa1024-sha1" condition: or -# digest: 4b0a0048304602210097cf374f08b29512614a9e69ea8605018abddda61f043cb46358703a2d3fe34b0221008df104926f407aab1bd0020c6fd5e768b2581e19d355fefac6c73d62e5fa994c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100befebbb66d9a144decdccdbc510a7867f86c5945c6525459c69cc4d76a8c4e5e0221008e321d163d3884e694add93b28f1cc94f18106c0f5d560e1bef2fd42e78ea380:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/network/cves/2016/CVE-2016-2004.yaml b/network/cves/2016/CVE-2016-2004.yaml index 021aa4c78c..ea7e238e3a 100644 --- a/network/cves/2016/CVE-2016-2004.yaml +++ b/network/cves/2016/CVE-2016-2004.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2016-2004 cwe-id: CWE-306 - epss-score: 0.09306 - epss-percentile: 0.94149 + epss-score: 0.12552 + epss-percentile: 0.95291 cpe: cpe:2.3:a:hp:data_protector:*:*:*:*:*:*:*:* metadata: max-request: 2 @@ -40,4 +40,4 @@ tcp: encoding: hex words: - "00000034fffe3900000020006e007400200061007500740068006f0072006900740079005c00730079007300740065006d000a0000000000" # authority\system -# digest: 4a0a00473045022100cc9c3a2dcd121e1b386d545f2fc33db5208088164dc4710b4bcd353f90bbef290220469ec25c59f15ea77f8e3d218eeee38d405025b959c2306c7cc76d6e3f15f6f9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402206d2e150b2860c337d1b770f858e09818afab03165c95f399e6319d43f20ef948022061e1ffdbea044dce1fe9ca07383c03f6758d2ec7fee9b5549ba80a1c73f2314a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/network/cves/2016/CVE-2016-3510.yaml b/network/cves/2016/CVE-2016-3510.yaml index 970e2f22ff..64e8374d4e 100644 --- a/network/cves/2016/CVE-2016-3510.yaml +++ b/network/cves/2016/CVE-2016-3510.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2016-3510 cwe-id: CWE-119 epss-score: 0.04254 - epss-percentile: 0.914 + epss-percentile: 0.92018 cpe: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* metadata: verified: true @@ -57,4 +57,4 @@ tcp: part: interactsh_protocol words: - "dns" -# digest: 4b0a00483046022100f1798ba202decf0be6b46d298ff4d0b8dc65a24e0aa1f046e9df6d4b7297a4e8022100ffdb79570be4c89d1471180de4c21f570542923b0c5a614e984a08c6acfcaaca:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022043a31295126d58fbaa38a9cc0e672c6e4196a6b16f7a075def013ab769902eac02206d807cc60eaf030e3c730656b6e69dde708c01dc451d042f9962615d675ac8fe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/network/cves/2017/CVE-2017-3881.yaml b/network/cves/2017/CVE-2017-3881.yaml index f544ab30ee..cb805c9198 100644 --- a/network/cves/2017/CVE-2017-3881.yaml +++ b/network/cves/2017/CVE-2017-3881.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2017-3881 cwe-id: CWE-20 - epss-score: 0.9747 - epss-percentile: 0.99961 + epss-score: 0.9745 + epss-percentile: 0.99948 cpe: cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:* metadata: max-request: 2 @@ -43,4 +43,4 @@ tcp: - type: word words: - "Current privilege level is" -# digest: 4b0a00483046022100a28fc3b64b6fdec349e779b3f3b8fab80a924baf1a25a9d9d3e17e60845bf7d0022100a3286b1bf4e7edc0e5d140bcc7168e65ac30964bb84d9e28120184b5713ad779:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220637b8aa2350336b742a3993cb1a96a8a779de7b8875174d6ad6e6d0504d0a3f302202ab410bbcd75956ca4d9a817100841b63cd87c5c7a91e7eeae580f15d82b8329:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/network/cves/2017/CVE-2017-5645.yaml b/network/cves/2017/CVE-2017-5645.yaml index 83038a48fe..71b6524c5e 100644 --- a/network/cves/2017/CVE-2017-5645.yaml +++ b/network/cves/2017/CVE-2017-5645.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2017-5645 cwe-id: CWE-502 epss-score: 0.81948 - epss-percentile: 0.98126 + epss-percentile: 0.98287 cpe: cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:* metadata: max-request: 2 @@ -43,4 +43,4 @@ tcp: part: interactsh_protocol words: - dns -# digest: 4b0a00483046022100cd45082cee6f82b885d6617cebbb120541d7fc5068aad5a4fc354121a33d00c90221009c7a5a3152352a194854d2eebef711f04f65c3325b69bbfce8d1cac54e95c7ef:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e199727c5616fce1c06967cfa07e2d5b9dfd3a91c592502e189bbdfbeead001802203bf3f8517b3e21b0cedd1c8a0bebe2f45379f79d7244c1ac372571a184845797:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/network/cves/2018/CVE-2018-2628.yaml b/network/cves/2018/CVE-2018-2628.yaml index 975459cf5c..6f0c13cf58 100644 --- a/network/cves/2018/CVE-2018-2628.yaml +++ b/network/cves/2018/CVE-2018-2628.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-2628 cwe-id: CWE-502 epss-score: 0.97523 - epss-percentile: 0.99988 + epss-percentile: 0.99987 cpe: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -45,4 +45,4 @@ tcp: - type: regex regex: - "\\$Proxy[0-9]+" -# digest: 4b0a00483046022100a55cfbe943624b79da0f290eb6440d43337ce7d7f759bb1f66e3ea33ebfb7ddf022100d638d7adef0f33d3242064734f1f7a97372238bcd3b58876edfaa0a37bc4a854:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220097149bb2a94e312c263b110c25fbf977b30e43dda5adb7d7b84db9650e5aede022100a1a7e3fa2fab68b4875af3eed42d914368ed0e956d2cdc0d61cf01222507160d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/network/cves/2018/CVE-2018-2893.yaml b/network/cves/2018/CVE-2018-2893.yaml index ce70a6cd74..7745656f41 100644 --- a/network/cves/2018/CVE-2018-2893.yaml +++ b/network/cves/2018/CVE-2018-2893.yaml @@ -20,14 +20,13 @@ info: cvss-score: 9.8 cve-id: CVE-2018-2893 epss-score: 0.97327 - epss-percentile: 0.99866 + epss-percentile: 0.99869 cpe: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* metadata: max-request: 2 vendor: oracle product: weblogic_server tags: cve,cve2018,weblogic,network,deserialization,rce,oracle - tcp: - inputs: - data: "t3 12.2.1 @@ -62,4 +61,4 @@ tcp: part: raw words: - "StreamMessageImpl cannot be cast to weblogic" -# digest: 4a0a0047304502200cc0a6917fcbb677b0d3b4bfb39e88a752347b30d0fd481b0bfac300f9661f7e022100c86c28970251f38955d5236d397e176ca04cddc4c09df1e9d1c31235cc7eaf9f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202812746a5c536762cdabcafa6453ee92a00495ce600a3ed17b383fbfbca20223022100aaec984c4e33647b08801c9cb3afbfd66c48c9d742a73c37189d5d3199106e97:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/network/cves/2020/CVE-2020-11981.yaml b/network/cves/2020/CVE-2020-11981.yaml index c24eb72b9c..d2cda0df83 100644 --- a/network/cves/2020/CVE-2020-11981.yaml +++ b/network/cves/2020/CVE-2020-11981.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-11981 cwe-id: CWE-78 epss-score: 0.9386 - epss-percentile: 0.98967 + epss-percentile: 0.99073 cpe: cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:* metadata: verified: true @@ -68,4 +68,4 @@ tcp: part: interactsh_request words: - "User-Agent: curl" -# digest: 490a0046304402207ea02c682dcf759b06a96e3f259ad008f0c98f586400d42b75ed0bdcccacb45c0220631455d5cc53aa39ed78364d2e7d435c81f372c719b9717a93187b1472bc60b1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c4e0d439580f58dd4b7c3c017767610bd5715068d08f0bbb05a14353d943c7bf022100dc9b62bca802405e9acdf93e869983abac49fe32580136c982b1341f248752b8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/network/cves/2020/CVE-2020-1938.yaml b/network/cves/2020/CVE-2020-1938.yaml index ebd34ebfea..d9c9dee1e9 100644 --- a/network/cves/2020/CVE-2020-1938.yaml +++ b/network/cves/2020/CVE-2020-1938.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-1938 cwe-id: CWE-269 - epss-score: 0.97499 - epss-percentile: 0.99978 + epss-score: 0.97384 + epss-percentile: 0.99902 cpe: cpe:2.3:a:apache:geode:1.12.0:*:*:*:*:*:*:* metadata: max-request: 4 @@ -28,7 +28,6 @@ info: product: geode shodan-query: title:"Apache Tomcat" tags: cve,cve2020,kev,tenable,apache,lfi,network,tomcat,ajp - tcp: - host: - "{{Hostname}}" @@ -42,4 +41,4 @@ tcp: - type: word words: - "See the NOTICE file distributed with" -# digest: 490a00463044022006000894257a12d07c3fe5f2008ab6b04fcfd8ac3150f5bd66ec91c1887f7a5f02203dbe4b87290053b9fac8396b4bb5f90562c451a328ed4bd986c21daf3aec3e4c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ea230d9cfb318ef3e36baa9026ec72f9d62c23fbdc2fd4396ecefffda5dfc2da022100fe789aa4c7d7fa6c31f77782f0161613dd3dee31060df1c0ebf1b39eeec47e25:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/network/cves/2020/CVE-2020-7247.yaml b/network/cves/2020/CVE-2020-7247.yaml index 80b515e057..af53dd33a1 100644 --- a/network/cves/2020/CVE-2020-7247.yaml +++ b/network/cves/2020/CVE-2020-7247.yaml @@ -20,15 +20,14 @@ info: cvss-score: 9.8 cve-id: CVE-2020-7247 cwe-id: CWE-755 - epss-score: 0.97504 - epss-percentile: 0.9998 + epss-score: 0.97506 + epss-percentile: 0.99976 cpe: cpe:2.3:a:openbsd:opensmtpd:6.6:*:*:*:*:*:*:* metadata: max-request: 2 vendor: openbsd product: opensmtpd tags: packetstorm,cve,cve2020,smtp,opensmtpd,network,rce,oast,kev - tcp: - host: - "{{Hostname}}" @@ -65,4 +64,4 @@ tcp: part: raw words: - "Message accepted for delivery" -# digest: 4b0a00483046022100a834285340d9fc7acaf100ad14766d6adfd2ff489823f5fde80bb6473bc21264022100e207f6f687ca7a0fd11f16a4f480efd6da72c847fa681dc3b687feb3ad786fe2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502206d2d5976aad5065ce791f22a7dc9f3180057061d52ed3004464756fdded7352e022100a566f220c01f7e94971cbf8aef25375f1324dcd653c207f84bfb8033388fd0af:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/network/cves/2021/CVE-2021-44521.yaml b/network/cves/2021/CVE-2021-44521.yaml index c49229eaba..dfedb77d30 100644 --- a/network/cves/2021/CVE-2021-44521.yaml +++ b/network/cves/2021/CVE-2021-44521.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.1 cve-id: CVE-2021-44521 cwe-id: CWE-732,CWE-94 - epss-score: 0.04449 - epss-percentile: 0.91568 + epss-score: 0.04594 + epss-percentile: 0.92315 cpe: cpe:2.3:a:apache:cassandra:*:*:*:*:*:*:*:* metadata: max-request: 2 @@ -73,4 +73,4 @@ tcp: part: raw words: - "123123" -# digest: 490a0046304402207cf7e3d01d75e027690ae4d7c65b1d3b151a1e36cbc195ad5ad0c7f999e5a1ab022013f77c8bb75f4d32f253ddbce15aeb00a72bfee87fbfbdf369845fc1bdeffcab:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b2f33e9771382f46589a612f1ad1b13cbaa977983861b561b5c2557114ed8f1c022100c96cecc141a01aa8881c20b8b687c5702c88c1868cb5614f1c3cadfbee39bf61:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/network/cves/2022/CVE-2022-24706.yaml b/network/cves/2022/CVE-2022-24706.yaml index e567a5140b..0dc99a7dc2 100644 --- a/network/cves/2022/CVE-2022-24706.yaml +++ b/network/cves/2022/CVE-2022-24706.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-24706 cwe-id: CWE-1188 - epss-score: 0.97372 - epss-percentile: 0.99891 + epss-score: 0.9748 + epss-percentile: 0.99964 cpe: cpe:2.3:a:apache:couchdb:*:*:*:*:*:*:*:* metadata: verified: "true" @@ -31,7 +31,6 @@ info: product: couchdb shodan-query: product:"CouchDB" tags: cve2022,network,cve,couch,rce,kev,couchdb,apache - variables: name_msg: "00156e00050007499c4141414141414041414141414141" challenge_reply: "00157201020304" @@ -62,4 +61,4 @@ tcp: - "gid" - "groups" condition: and -# digest: 4b0a00483046022100a7ed6ce0f340dfb619ee179c476c59b6ee1edfe07b0e9a1fa10aa413ba13a3ce022100e54615923f106fda1c1af60cd24c47de23d48cb373067f9badcb0210cbf36542:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220602f1a063fe87341e5ec859e52c38e96493e433e56306a897672d3b25e1421050220331d04d26d8d1693385a3bbe00a72a748c82f4586857b7fdec165de6c7b7a4e8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/network/cves/2022/CVE-2022-31793.yaml b/network/cves/2022/CVE-2022-31793.yaml index 164af895dc..0d5e0514ca 100644 --- a/network/cves/2022/CVE-2022-31793.yaml +++ b/network/cves/2022/CVE-2022-31793.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-31793 cwe-id: CWE-22 - epss-score: 0.2754 - epss-percentile: 0.96365 + epss-score: 0.25241 + epss-percentile: 0.96539 cpe: cpe:2.3:a:inglorion:muhttpd:*:*:*:*:*:*:*:* metadata: verified: true @@ -44,4 +44,4 @@ tcp: encoding: hex words: - "726f6f743a" -# digest: 490a00463044022027eab97d23c543475d63779a7814e3f0f417d9d0f37acef9851faf771e02b35c022036e5ec613bb50763d2fc9013ee47dfae1e55a7d4e50263c73238d06d646a2d69:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220552dea540450a6b50bb4fd1647d35646f4ddf95b681f33a3d832e169c3ee54a00221008959a00adc118b209a3e73b2598a4eafc401f50232ac399d121322f839f2a04c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/templates-checksum.txt b/templates-checksum.txt index 88ed1b3f79..fddd09bba7 100644 --- a/templates-checksum.txt +++ b/templates-checksum.txt @@ -16,18 +16,18 @@ cloud/enum/gcp-app-engine-enum.yaml:b22ff0601a3f7f6ddc39e39ab9dc34410d213e41 cloud/enum/gcp-bucket-enum.yaml:896300c26517adf67feb80304f5edb25590a03c4 cloud/enum/gcp-firebase-app-enum.yaml:a36c4fefc09c86eed490307663012e87e9ef2f1e cloud/enum/gcp-firebase-rtdb-enum.yaml:dc50ea5960f35d0e43edc1a6503d42e5e7b2502a -code/cves/2019/CVE-2019-14287.yaml:3ee2f67606d1b0957cb27d3290436e3bc5e2941b -code/cves/2021/CVE-2021-3156.yaml:949d267525a879ba32331b8f7a0bf2156a679758 -code/cves/2023/CVE-2023-2640.yaml:bd0f827096c038a0e50aa964974dee6dba0b3037 +code/cves/2019/CVE-2019-14287.yaml:9aad96858c897beafcb206fee31c0a2375a8b859 +code/cves/2021/CVE-2021-3156.yaml:8bda0eaa4013a73de4c97229459c44cbb027b7fe +code/cves/2023/CVE-2023-2640.yaml:56cd80671ea35f8b4d7a39fad28622c300e889c6 code/cves/2023/CVE-2023-49105.yaml:b1ac3f08bb473e440955687bdaa32eed5c6a7d54 -code/cves/2023/CVE-2023-4911.yaml:b1e3c1b3abba477997f55da0afad33be59500a2f -code/cves/2023/CVE-2023-6246.yaml:0a43a277e86a2820dd8cc18c2abae184bd6b9ef1 +code/cves/2023/CVE-2023-4911.yaml:0cd65b591ec6b8fa45cb4f8053f30a068ff314fe +code/cves/2023/CVE-2023-6246.yaml:88234c38185554df59d5def6b5146ae38d39216d code/privilege-escalation/linux/binary/privesc-aa-exec.yaml:03e874f0a174244627cc2c167c3d9829bf12f260 code/privilege-escalation/linux/binary/privesc-ash.yaml:a19a050317a19374ca4edc12474fd1de3600999b code/privilege-escalation/linux/binary/privesc-awk.yaml:0fb5884b81ce822978b5c9fbbd5d266333e002be code/privilege-escalation/linux/binary/privesc-bash.yaml:263829aab45da0cfa28bfd27d35fdde9d16ae22d code/privilege-escalation/linux/binary/privesc-cdist.yaml:4284eca2da5ac3fdafc8e5369eafa904d0d8f61b -code/privilege-escalation/linux/binary/privesc-choom.yaml:62bc90d72855d23325a0233a7604779c082b64e7 +code/privilege-escalation/linux/binary/privesc-choom.yaml:2dec29e0401a6b2bb3015306c383499b426d91fc code/privilege-escalation/linux/binary/privesc-cpulimit.yaml:583961db33de22e088045e96f1827ffd69300f5e code/privilege-escalation/linux/binary/privesc-csh.yaml:8600b4f51015e633006c1f5ee6245fe23725da63 code/privilege-escalation/linux/binary/privesc-csvtool.yaml:514362d485e33bed47fd0af73b7cede79985ad6e @@ -38,7 +38,7 @@ code/privilege-escalation/linux/binary/privesc-elvish.yaml:eb58e7cb41493578f4638 code/privilege-escalation/linux/binary/privesc-enscript.yaml:f5f0e0f38fe0a3bca395e1a641426f3095f35d09 code/privilege-escalation/linux/binary/privesc-env.yaml:74bceb5a18161fc743391bb87c8c7da8755f8f31 code/privilege-escalation/linux/binary/privesc-expect.yaml:e5093f4134402ecfe00f5f24c5b9ebd8b9d2073f -code/privilege-escalation/linux/binary/privesc-find.yaml:526992827df2ef20fd3cd81f4a7097f2f5603a1b +code/privilege-escalation/linux/binary/privesc-find.yaml:7f166986f5a105166994cbd6c983c99c6fafac70 code/privilege-escalation/linux/binary/privesc-fish.yaml:09ef7463c5995ab8f55d756b4495d12ee9e4a3d2 code/privilege-escalation/linux/binary/privesc-flock.yaml:ce4254b5fe712548c72d22a668212c5eea7ff906 code/privilege-escalation/linux/binary/privesc-gawk.yaml:25bb3a8aaa025630bbad912c68db9d2e8f7be923 @@ -47,13 +47,13 @@ code/privilege-escalation/linux/binary/privesc-ionice.yaml:6ad1ed5e759f6e9f2dc1a code/privilege-escalation/linux/binary/privesc-julia.yaml:12746e5fd02ca5f7bcfdda1680a5d4adb5a1c727 code/privilege-escalation/linux/binary/privesc-lftp.yaml:f7436c9f70846a7fd1aa8348d34f3e013d2de87a code/privilege-escalation/linux/binary/privesc-ltrace.yaml:a81982dda7a1d028ced9d0625b461f51b3cb97a2 -code/privilege-escalation/linux/binary/privesc-lua.yaml:1f1b5b5a1054a4a2b860bdb2c16bb0d65f721d5e +code/privilege-escalation/linux/binary/privesc-lua.yaml:f2b22d43900f61b3f05dbc802554dc53671d7079 code/privilege-escalation/linux/binary/privesc-mawk.yaml:09f8672433e0145373315622f79cd0ff91caf63e code/privilege-escalation/linux/binary/privesc-multitime.yaml:c2e5b177592fe5e40e5683e6907d906e0d8bfd2e -code/privilege-escalation/linux/binary/privesc-mysql.yaml:7a780fc80228f75b21e31cecb2c52afcbaf566e4 +code/privilege-escalation/linux/binary/privesc-mysql.yaml:e6d97d99e2f3cf70cf5140b56fdcf51f8667178e code/privilege-escalation/linux/binary/privesc-nawk.yaml:ef024b7b2050a27cabd84be97aad59426c5879a4 code/privilege-escalation/linux/binary/privesc-nice.yaml:46d38ceec2ae777d74844a25b6c5832447626096 -code/privilege-escalation/linux/binary/privesc-node.yaml:18d37bb2cd8fdfa2cf1e89574ea50cbb5cb02fb4 +code/privilege-escalation/linux/binary/privesc-node.yaml:06dfdfdbdafc70d9949eeefeaf4618d0dacf05e2 code/privilege-escalation/linux/binary/privesc-nsenter.yaml:9101de808bed12dc738afa556a1123a3fe734a31 code/privilege-escalation/linux/binary/privesc-perl.yaml:91606710033bac4d018b667ad83027ca395d2396 code/privilege-escalation/linux/binary/privesc-pexec.yaml:7eab2cc974bab631a34f554dfa087a0aff6cc72c @@ -61,13 +61,13 @@ code/privilege-escalation/linux/binary/privesc-php.yaml:262dcde94668c4908a4c682a code/privilege-escalation/linux/binary/privesc-posh.yaml:934a4723025d66dc8ed3877480ca00b853341a70 code/privilege-escalation/linux/binary/privesc-python.yaml:9818cf0109e9b8d173810882f220cbb72fe1a189 code/privilege-escalation/linux/binary/privesc-rake.yaml:7515d7347a6a4c6277de7ac6a7ee980139692973 -code/privilege-escalation/linux/binary/privesc-rc.yaml:74b791faf834471c7a1354d501162bc026f552c5 +code/privilege-escalation/linux/binary/privesc-rc.yaml:be55001e2b9d975b643d1ca30187e1f98712b688 code/privilege-escalation/linux/binary/privesc-rlwrap.yaml:a25a323fe8acd7a88a37a654a70a449b2aca0e56 code/privilege-escalation/linux/binary/privesc-rpm.yaml:160761028920ab30c20589c3d48b98d93032443e code/privilege-escalation/linux/binary/privesc-rpmdb.yaml:979d7bef3cd68aab5a93a4e67a7b07400f7f1717 code/privilege-escalation/linux/binary/privesc-rpmverify.yaml:d6274199e363a98898614ffc799615a73e676353 code/privilege-escalation/linux/binary/privesc-ruby.yaml:68f68e9285367ae1d8dadd5ef6cd47aa7866a53b -code/privilege-escalation/linux/binary/privesc-run-parts.yaml:2a8861433853dd94208678d3f87756c1a76e07c2 +code/privilege-escalation/linux/binary/privesc-run-parts.yaml:f91f59e346a17b3e425a347beb03e8159d722944 code/privilege-escalation/linux/binary/privesc-sash.yaml:47db9ab06a4f468b98d650390198500ccc6ceac3 code/privilege-escalation/linux/binary/privesc-slsh.yaml:431c5dc758a7683b9da0da0e6beb24d934c70f9e code/privilege-escalation/linux/binary/privesc-socat.yaml:037b6e4915a0c15a9fadd209acd67e814a0860fd @@ -76,23 +76,23 @@ code/privilege-escalation/linux/binary/privesc-sqlite3.yaml:2058277fb5244f5afcec code/privilege-escalation/linux/binary/privesc-ssh-agent.yaml:f0ebce1afdb3fd1eae222f9c7b6ea5a601af3ed0 code/privilege-escalation/linux/binary/privesc-sshpass.yaml:13b17781d68a728c2a05ba9c8d6bca1a72e93105 code/privilege-escalation/linux/binary/privesc-stdbuf.yaml:8102de9b345ef557aefd83e193797a65cdfb8258 -code/privilege-escalation/linux/binary/privesc-strace.yaml:2069fd6d6370d5d403bd8b68c4f80d062376d06b +code/privilege-escalation/linux/binary/privesc-strace.yaml:3e7f372e495dca6ba84152e6d639ba8da02ad819 code/privilege-escalation/linux/binary/privesc-tar.yaml:9adcdee8229c8b54000d68fcac0cb917e4b9ff82 code/privilege-escalation/linux/binary/privesc-tcsh.yaml:f3e9ff1927341367653db3069c8cdf146fac93c4 code/privilege-escalation/linux/binary/privesc-time.yaml:5f692f95c8b291382794fd704bb351a4e2feed4a code/privilege-escalation/linux/binary/privesc-timeout.yaml:026045467bf1d94891fdc2b489e2e1b148bf5fef code/privilege-escalation/linux/binary/privesc-tmate.yaml:b8c5000e5e9f8c669ff93c9d6ccc443b925faa5e -code/privilege-escalation/linux/binary/privesc-torify.yaml:0c06a0776ef3a9120255fe53b4c458eaf3a7540d +code/privilege-escalation/linux/binary/privesc-torify.yaml:44abc68b269888cc8b73b2cd1b38cf0d66c298cb code/privilege-escalation/linux/binary/privesc-torsocks.yaml:a87cee0a3a542c9d3d8e8d447c2997900b0bd9c0 code/privilege-escalation/linux/binary/privesc-unshare.yaml:23eeb83ef423b6d7df028561faa13d11923ed69d code/privilege-escalation/linux/binary/privesc-vi.yaml:2f1fc5e88774852efeda5e5edc03edd00980defd -code/privilege-escalation/linux/binary/privesc-view.yaml:49bff476df0f8fe342883b354f6782addfbad7b9 +code/privilege-escalation/linux/binary/privesc-view.yaml:eba257a8a4cb415d2785fca80964bea47c571f59 code/privilege-escalation/linux/binary/privesc-vim.yaml:0b095b22fb0e0385bfe1f41c1fb8f9846547ee62 -code/privilege-escalation/linux/binary/privesc-xargs.yaml:ceac2c70305270d2ea1925a1bf75af75a57bcd84 +code/privilege-escalation/linux/binary/privesc-xargs.yaml:e1ce412f0af9dbb90081d7fb9f166139df3c067d code/privilege-escalation/linux/binary/privesc-xdg-user-dir.yaml:f33d3281a9151568ceea599728c96c5c109a34d7 code/privilege-escalation/linux/binary/privesc-yash.yaml:12526b00d02c792266be471353cbea47e4ce2702 code/privilege-escalation/linux/binary/privesc-zsh.yaml:a372f88df6b957618c20b1a2673f7366aacc67d5 -code/privilege-escalation/linux/rw-shadow.yaml:e7ae5f1d42c356720437bae9e1550b4d3f745b51 +code/privilege-escalation/linux/rw-shadow.yaml:e9cc69616fbbda31ffe6fda74384f13082fb3e43 code/privilege-escalation/linux/rw-sudoers.yaml:f974b1d1a68fd7a8cd24b6f1b61855dd3eb92c98 code/privilege-escalation/linux/sudo-nopasswd.yaml:3117c141f35b9229b6ebe1db10a4fef77aa6ee17 code/privilege-escalation/linux/writable-etc-passwd.yaml:c0ad4796f42aab9c901b52b52b91940172d070e9 @@ -105,13 +105,13 @@ config/pentest.yml:c7b04a39e2efaf1a5f627da9b49ecf714d927f0e config/privilege-escalation.yml:325607b721fcea55111f8698b10951fd2f0d17b8 config/recommended.yml:eb4d0cb29634218f0279692e8c59fa1906d7148c contributors.json:8d840b1db8c1af9a3927448841f817aa9c850de9 -cves.json:d97b64843e81ded58e0fd5a768024ec2c37f1265 -cves.json-checksum.txt:bde4b6219a3dae5156a09d26bf8d39f98e704f25 +cves.json:51d8ac58d8ffdf6cfd4660d3e19373bb08bb6605 +cves.json-checksum.txt:fdca644f563bcfe217c57881fc5991db50a942e4 dns/azure-takeover-detection.yaml:34e8e8a0db3e2ff7af0bf8df8ee9c54f2ee8e3b4 dns/caa-fingerprint.yaml:71845ba0a32b1968e23b507166275ee4c1f84b24 dns/detect-dangling-cname.yaml:0c5204f22465c8ebb8ae31e6265ffa5c0cd4b6e2 dns/dmarc-detect.yaml:d60f87ac8a617c0496d558269abd50389bbb1b37 -dns/dns-rebinding.yaml:bff2b36d160aa021e5310b15cb8a5d856478c1fe +dns/dns-rebinding.yaml:45774e6d0aabacb2fcf032dc41deb3073c8abba6 dns/dns-saas-service-detection.yaml:d43ab2edca6bc38254ad1f4c4889e5cece34691e dns/dns-waf-detect.yaml:f7746eceeca514f20911c4152f2c17bbeb10242c dns/dnssec-detection.yaml:ce828fea84336b2c79b18479063e1e1aaf083592 @@ -437,7 +437,7 @@ file/webshell/asp-webshell.yaml:3d5fd63aebe784dc4f49b04478b7fef5f4e9e2c2 file/webshell/jsp-webshell.yaml:2d750d74431e61570c7d96d5ffeb4353d3820a1d file/webshell/php-webshell.yaml:8465f2abe6a2b13a2f3ceaa3c277a7fdebdfaa41 file/xss/dom-xss.yaml:40436508df8f3c8cd80d076702738b9df22ed281 -headless/cves/2018/CVE-2018-25031.yaml:ab5cc2302012a28a0273350e502ae1d901cd872b +headless/cves/2018/CVE-2018-25031.yaml:0df7019375bfe403057072e12e3640841c6a87e5 headless/dvwa-headless-automatic-login.yaml:4c1f2437b541a83dfda0e1239995b08a0315e478 headless/extract-urls.yaml:499408f8b8d77cb5315ed584ac23c90328823a3f headless/headless-open-redirect.yaml:a67d2b3108c8870d7907b8f9244cb5697d4341ff @@ -1000,12 +1000,12 @@ http/cves/2014/CVE-2014-4942.yaml:ca31e2efcd6b8e2593546a1951f70b3a0291d9b6 http/cves/2014/CVE-2014-5111.yaml:e6df0c241d84455dd45f7ba94efb1f7351a2b58d http/cves/2014/CVE-2014-5258.yaml:69e107078bcfaa3446c5014b957771dfd159d26e http/cves/2014/CVE-2014-5368.yaml:1139aa279b532b7b240b967e591a6ddd1c4c4182 -http/cves/2014/CVE-2014-6271.yaml:6b4b27f6f63c6c4f4a36fc2b1b36bd1336af4b9b +http/cves/2014/CVE-2014-6271.yaml:3849e0de35aa289baa3eceb37a88f92953d7cc84 http/cves/2014/CVE-2014-6287.yaml:ceeef918bb23167daecd266da96a15ff63ea7c77 http/cves/2014/CVE-2014-6308.yaml:84c8abb253c1c2648c51f4b5f205b49e507e2ae4 http/cves/2014/CVE-2014-8676.yaml:d4bbef2d3f08b56feb3913e2ec2aeadee9f3fccf http/cves/2014/CVE-2014-8682.yaml:0c494b1f9c0dafc3b160990c57e7223407190531 -http/cves/2014/CVE-2014-8799.yaml:b21807693e31a84bcf20eededd859334f7eafeae +http/cves/2014/CVE-2014-8799.yaml:77b6f3fe834490e0e0037793b0d8690020ad828f http/cves/2014/CVE-2014-9094.yaml:71b7ff62e6fe8609787b3fb8a45161c5b3255fe5 http/cves/2014/CVE-2014-9119.yaml:a34b5c3ef7249fdc456ac68b5fafb31e630e2d2a http/cves/2014/CVE-2014-9180.yaml:a3bb63a61c739ca29128a21ac0195818766b0a86 @@ -1317,7 +1317,7 @@ http/cves/2018/CVE-2018-17153.yaml:53c845318fd5e6f5f472142548afa3022acc2aa7 http/cves/2018/CVE-2018-17246.yaml:57da02b29f0de6c71f621c58ee729211e860c20c http/cves/2018/CVE-2018-17254.yaml:796bc823bb38f76e61b2c6a7b8d508a6a81a1cb8 http/cves/2018/CVE-2018-17422.yaml:d5eee43cada5f9af5a4e66a34c03770f58a1d8db -http/cves/2018/CVE-2018-17431.yaml:3eec3293a8d95628bb637715c400b567bfb55668 +http/cves/2018/CVE-2018-17431.yaml:fbac44517b3ffac61275eab6786d1071c40111cc http/cves/2018/CVE-2018-18069.yaml:a181a6282ac0544de0b8d83e45dd8ab52c48e6ba http/cves/2018/CVE-2018-18264.yaml:467ce7a084da6b753da03af3f9b79b5865642421 http/cves/2018/CVE-2018-18323.yaml:2d43f79fb6921d70bd9d3e4e940f80234d022236 @@ -1348,7 +1348,7 @@ http/cves/2018/CVE-2018-20009.yaml:a08180dd2954ea56039884a9d9ed6ca8592fe726 http/cves/2018/CVE-2018-20010.yaml:bc62b4e05862fb630f78def592a0ea23e8f9375e http/cves/2018/CVE-2018-20011.yaml:3745e1289309949e6a2412695f553640618a2082 http/cves/2018/CVE-2018-20462.yaml:9469391880695934437de37802e127a415726320 -http/cves/2018/CVE-2018-20463.yaml:88e1c3e3ae4f1e38907fac5f3931115610d06723 +http/cves/2018/CVE-2018-20463.yaml:180320bc21c90675a24473b357ddebdaacc567ff http/cves/2018/CVE-2018-20470.yaml:b5e4fedc8ecb0a2f546ceb1cb8a7d7335b5c2915 http/cves/2018/CVE-2018-20526.yaml:6b32c07e9f0bd71dda2f652c750e43391a4a70bb http/cves/2018/CVE-2018-20608.yaml:ce089e4f9a03cbe77aee41db1b82e6d624161a76 @@ -1672,7 +1672,7 @@ http/cves/2020/CVE-2020-23697.yaml:cd022bc02020a7310cff8c2ee13657da03db8ea2 http/cves/2020/CVE-2020-23972.yaml:0a48b705ba7c8d0a161f2ba6d636ec1b31ebc2fd http/cves/2020/CVE-2020-24148.yaml:a93d18e0fc61925f628be3874136a699f3602faf http/cves/2020/CVE-2020-24186.yaml:818bcfdc1ad7b5e1941e880b70010852e5759246 -http/cves/2020/CVE-2020-24223.yaml:93a001f5c9d49dbe9f34ae457597e828fefd4357 +http/cves/2020/CVE-2020-24223.yaml:d62b4ba02fd051b041fe6ee0e3300c25e2db7fd5 http/cves/2020/CVE-2020-24312.yaml:b12e6e7427aab4161e503e980266b06e310e1b75 http/cves/2020/CVE-2020-24391.yaml:31faba721545b5cab31aba26d8d4e5001d74e635 http/cves/2020/CVE-2020-24550.yaml:df5052c65b1037f38f8ed25cb384ec4c54f81b8c @@ -1845,7 +1845,7 @@ http/cves/2021/CVE-2021-21800.yaml:4ed23c318de87fe0651e1e5811d405459a9db2f8 http/cves/2021/CVE-2021-21801.yaml:f64b9221773cc64fb581df2f4f210e1fb36cb932 http/cves/2021/CVE-2021-21802.yaml:4b6cb6a8c278b13dddd13dfee352b262acda4637 http/cves/2021/CVE-2021-21803.yaml:bc436dcf17f3973b8942964c371ef452b55cee2c -http/cves/2021/CVE-2021-21805.yaml:17682d57cd6a4c8d6e512a4b55f5fa81b29ae22e +http/cves/2021/CVE-2021-21805.yaml:d8ccf425e42057a5f8d4877ab7dcc1fc1dd1101c http/cves/2021/CVE-2021-21816.yaml:4652048aac9fbf5bbf7a878e148e4c92b56f7e73 http/cves/2021/CVE-2021-21881.yaml:14fb30bc772e932324eeca4c46a1f2d196302656 http/cves/2021/CVE-2021-21972.yaml:d1ed2eb032b6cb4af15e1c0b4868f2091fa9d9de @@ -1862,7 +1862,7 @@ http/cves/2021/CVE-2021-22205.yaml:9e49c70f067bba5a2e7eeed24798245c195838f6 http/cves/2021/CVE-2021-22214.yaml:1781cdcdd284eb473268d4b899267d21c384ec31 http/cves/2021/CVE-2021-22502.yaml:48fdcab031b646a7a7ffe574003f5d8f1759424f http/cves/2021/CVE-2021-22707.yaml:357bb8f21563f734ad39595545d74eb9b2cd420c -http/cves/2021/CVE-2021-22873.yaml:878ae2fa13d9fdb342cfcf705c20abfb7659f31b +http/cves/2021/CVE-2021-22873.yaml:27bb4559cd747aa7a3c317c5e047d6a65eb9fb68 http/cves/2021/CVE-2021-22911.yaml:d1ed945946106e5a35c7839bacda4038e5485045 http/cves/2021/CVE-2021-22986.yaml:06a290cbb4d4bafb585a68270201fe178561c9e2 http/cves/2021/CVE-2021-23241.yaml:b51d31ed7ab97cbe82f09a1c219e5f420f605aa1 @@ -1931,7 +1931,7 @@ http/cves/2021/CVE-2021-24762.yaml:33c2e8efc337a1f06768b1e6047d6a02c32e9e8a http/cves/2021/CVE-2021-24791.yaml:3f1787fab7f8c5b55c71487da389ef40ae02004a http/cves/2021/CVE-2021-24827.yaml:61c481595a7dabb304fd1c0cec9c7cd6a6a39684 http/cves/2021/CVE-2021-24838.yaml:0cc51d4d1c10c2f4af870aa9b636013be8130a28 -http/cves/2021/CVE-2021-24849.yaml:227f62a7a0777f9ff82b648e7af058671c247a6c +http/cves/2021/CVE-2021-24849.yaml:df64d0e9181487f09388c40c20efce5c144c6363 http/cves/2021/CVE-2021-24862.yaml:c12546a4335f7196f4b2813946601c2f74e79cca http/cves/2021/CVE-2021-24875.yaml:af4472bf9db8cc8423ae0c3b0ebe71c3767829bc http/cves/2021/CVE-2021-24891.yaml:5f5b34b68a1adb03037d025323f10c8e0ebc115b @@ -2149,7 +2149,7 @@ http/cves/2021/CVE-2021-40323.yaml:f3f0c3eea48bcd931ae02d342124777ec76ee56c http/cves/2021/CVE-2021-40438.yaml:f1b6c45033ed7d755af7555aae255fb42124eff7 http/cves/2021/CVE-2021-40539.yaml:7985657b3ac67432a5b8679eadef1709d45bbc77 http/cves/2021/CVE-2021-40542.yaml:4262ce96a0d10b4f084d0b8d8df3cdf75b1e6ad0 -http/cves/2021/CVE-2021-40651.yaml:ef68da77743f5ba0772165f489dc9afc9446ab9e +http/cves/2021/CVE-2021-40651.yaml:c907b7e75f51f1502ad937e9409cbbace292de61 http/cves/2021/CVE-2021-40661.yaml:ca4ecb0564030ac7f24b9e13661afd3187e16bc1 http/cves/2021/CVE-2021-40822.yaml:72b525174ead8e288c64af5f81bf059a8ea382a1 http/cves/2021/CVE-2021-40856.yaml:ca7bae9ad8b13b8e381f5d8a1d3591b8e79f2534 @@ -2306,7 +2306,7 @@ http/cves/2022/CVE-2022-0747.yaml:9dff5facfd9d4d1828f0fab192883febf8866894 http/cves/2022/CVE-2022-0760.yaml:6cb4a03a430f9731eb6888abbb95be407f48dd01 http/cves/2022/CVE-2022-0769.yaml:75dde837b1c463e88457f09556a8e68b3848f68b http/cves/2022/CVE-2022-0773.yaml:60911205f06d37439f55025d19e56f3cdef9f67c -http/cves/2022/CVE-2022-0776.yaml:f55240f8a0d48d277cfc86af0b845e46e55a4b70 +http/cves/2022/CVE-2022-0776.yaml:41be15654a797fafb73ea1089ff017778494469e http/cves/2022/CVE-2022-0781.yaml:6527a7ba5e105d989b2aad49e2f4a6b70f32c006 http/cves/2022/CVE-2022-0784.yaml:2107e45efa64b5cb810e3b6b439417ce59170e5a http/cves/2022/CVE-2022-0785.yaml:b011a7bc9a2d0384dce444cbd264785f028b1dd4 @@ -2461,7 +2461,7 @@ http/cves/2022/CVE-2022-26138.yaml:15d0534ab6765d2e536070eda15d020e04f43abc http/cves/2022/CVE-2022-26148.yaml:f37f9182974b9dd8d49af32a7ef9841fe7d704ae http/cves/2022/CVE-2022-26159.yaml:2dde1b272c1dfeac01a264357157ec36a2908098 http/cves/2022/CVE-2022-26233.yaml:c3c2b5ae6757ccea98f43bbad5972b476676580f -http/cves/2022/CVE-2022-26263.yaml:2476fb8a950e3fec139cbb7fa4a3c3fda944e9a3 +http/cves/2022/CVE-2022-26263.yaml:9eab12e68303aac28656c29d549b1e6aa5dec9f4 http/cves/2022/CVE-2022-2627.yaml:885630cc92cafecd1c3fc0f50dec0ad718eca022 http/cves/2022/CVE-2022-2633.yaml:f5e4f97d83de093349047dbfef8f6fb8b6fcbaf3 http/cves/2022/CVE-2022-26352.yaml:8a4a3da59f2de84c390b078180d2e0656b1b236e @@ -2515,7 +2515,7 @@ http/cves/2022/CVE-2022-30513.yaml:c2e24dc7a0e025be020f475114207244e932ebd7 http/cves/2022/CVE-2022-30514.yaml:e9628b6516133512e750548d5bf784ba6c949abf http/cves/2022/CVE-2022-30525.yaml:b8176ccd295f510ae461402974acd63c743c9089 http/cves/2022/CVE-2022-3062.yaml:7545985982064ed6299bb255ed864c05288ef8d7 -http/cves/2022/CVE-2022-30776.yaml:cf5846c2a74de43f7cf7cfc474fac1a381933cdb +http/cves/2022/CVE-2022-30776.yaml:cdd27a6361eaf5ae1bc2e10f88ffea3c010964dc http/cves/2022/CVE-2022-30777.yaml:4a5d5c47347d47105250e150bce32834e3425b07 http/cves/2022/CVE-2022-31126.yaml:1f26a420187dea4340b4545d9a64082fcdf72f06 http/cves/2022/CVE-2022-31268.yaml:0ddb08b717fc7c4e161197e5c95aadaf9e5f23c2 @@ -2562,7 +2562,7 @@ http/cves/2022/CVE-2022-32771.yaml:9d53b2c8a0a6f142bc43929545fd3dff40e1bbc4 http/cves/2022/CVE-2022-32772.yaml:da27806050d52e5cac3989730b256c6f4509314c http/cves/2022/CVE-2022-33119.yaml:13ad425beed298fb00c4917231e181b1e640126d http/cves/2022/CVE-2022-33174.yaml:bf783832e44576d526ce3516d5f2e22693a208b3 -http/cves/2022/CVE-2022-33891.yaml:c46aeff1d75d06b137e25ca1bf72bbc0119b604a +http/cves/2022/CVE-2022-33891.yaml:3e6beb8dd90d38ed71e65ffb134ebfd55293644a http/cves/2022/CVE-2022-33901.yaml:d83eda96f781a13ca34491b22a2c184694eee183 http/cves/2022/CVE-2022-33965.yaml:3739b3179daf3df8780e204c3eb4c3b981cf15d6 http/cves/2022/CVE-2022-34045.yaml:db5379939e4c83f95058bda21f7e05a1f0331aaa @@ -2600,7 +2600,7 @@ http/cves/2022/CVE-2022-37191.yaml:a977ea067bf64e1d421824777088a50fd310eb2e http/cves/2022/CVE-2022-37299.yaml:568c7b9d2ef0f47d89d61b82807ea2ffa82ab656 http/cves/2022/CVE-2022-3768.yaml:ced3fb8dc8aed180f6f71e7220f6737492ff7aee http/cves/2022/CVE-2022-3800.yaml:e0db40aab2e6f85e641c8544d490df6d1813bfb4 -http/cves/2022/CVE-2022-38131.yaml:4bca594d530e550ad8fb5701116f919b0a349b4b +http/cves/2022/CVE-2022-38131.yaml:2a0172f325f1ac33b2ba2424f7718410d9814d33 http/cves/2022/CVE-2022-38295.yaml:5d2b719b844945457583a57848120fce85b5ddee http/cves/2022/CVE-2022-38296.yaml:ddedd4e313db9c5b34f247104057fd75cf21c627 http/cves/2022/CVE-2022-38463.yaml:67fd650848441729ca48e83c86ac8cf1501920e4 @@ -2638,7 +2638,7 @@ http/cves/2022/CVE-2022-40843.yaml:0332ea78bff2dd087ccc8d307425805ad31e7ddb http/cves/2022/CVE-2022-40879.yaml:f73496413f888009c2ed8b548f891f92eb4ef712 http/cves/2022/CVE-2022-40881.yaml:a8bf76f64d0d5af12a5bf4f286e83a8a27ffc529 http/cves/2022/CVE-2022-4117.yaml:c1eeb432690d765588047e477c5976ec24ca5ee7 -http/cves/2022/CVE-2022-4140.yaml:ef7a65ae2ab0c5cefaa63e258f33dae957f62421 +http/cves/2022/CVE-2022-4140.yaml:f243423772b8b2e9cfb6a9a3d8e4bbbbab68b2c9 http/cves/2022/CVE-2022-41441.yaml:475d6025512041b2525e7783899ec3089c9fe0b5 http/cves/2022/CVE-2022-41473.yaml:fa6e5fe2c30c24e58a3cbf8355b829c32344d06e http/cves/2022/CVE-2022-41840.yaml:a55753333818330dd5ac198655530d2755a3a239 @@ -2725,7 +2725,7 @@ http/cves/2023/CVE-2023-0334.yaml:5745b49ca90b7ec86a8fdfb52b0480b7efba1d06 http/cves/2023/CVE-2023-0448.yaml:eda3389c65a3febc26ecb5aab7b333cc7cd8752b http/cves/2023/CVE-2023-0514.yaml:2fa21591b066a41177e99e65330f99c858a776aa http/cves/2023/CVE-2023-0527.yaml:449eebba4ffb759da9b3d3781d8265572e4872b9 -http/cves/2023/CVE-2023-0552.yaml:0410b726beff35205672aa893be19b30f0d35e57 +http/cves/2023/CVE-2023-0552.yaml:ddf199d71221e792573a728054ea2ea8aa6fc836 http/cves/2023/CVE-2023-0562.yaml:5cd2c47d041b7ff14d88f53535337f40097678dc http/cves/2023/CVE-2023-0563.yaml:ac4dde27257cd4cb685dcf4cb2d326a1b0941b60 http/cves/2023/CVE-2023-0600.yaml:066968b7a75996dac3b26a8af3b6a4ae64c2521d @@ -2807,7 +2807,7 @@ http/cves/2023/CVE-2023-25573.yaml:14cefbe18039294fc7425e50389003458b26ac93 http/cves/2023/CVE-2023-25717.yaml:0b6c0a8588e86f9213e2e17a2c043374955aba8c http/cves/2023/CVE-2023-26035.yaml:48b5f402f0ea73fe32878e6bb4fdccaea579f7c0 http/cves/2023/CVE-2023-26067.yaml:11afd29d380c2ba9206d3f73fca0047255b1a3a5 -http/cves/2023/CVE-2023-26255.yaml:291ad543f2035fd4085bc9647e69c3dac8caac8b +http/cves/2023/CVE-2023-26255.yaml:72ba0cb106a848cbf4550abb5e379601fc8d57c7 http/cves/2023/CVE-2023-26256.yaml:235515a1f0e49888d8e059097494109563de4d3f http/cves/2023/CVE-2023-26347.yaml:45dfb56d74425380ee9d71194f4e4e05e2632782 http/cves/2023/CVE-2023-26360.yaml:9ae6adc24876a9f0e6eba59879e0cb520015d0c1 @@ -2839,7 +2839,7 @@ http/cves/2023/CVE-2023-2822.yaml:b638b609770d15a230fa7246f171a5a654bce03e http/cves/2023/CVE-2023-2825.yaml:b2643a2bd896b947ff028ed645cdde96c95ebd27 http/cves/2023/CVE-2023-28343.yaml:c781cd98e3899efad10ad98e84ccad6bb0d2435c http/cves/2023/CVE-2023-28432.yaml:257ea32d858fb24d05fd61158b2c57b3ce5766f1 -http/cves/2023/CVE-2023-28662.yaml:1d097ea046ec7ac9dc40f40bd11cd390109dc9a4 +http/cves/2023/CVE-2023-28662.yaml:9981df82e6b9c39fc2ed4873eb98952515243976 http/cves/2023/CVE-2023-28665.yaml:f7cbf06ff60743045c2b85276c87e28b0182c049 http/cves/2023/CVE-2023-29084.yaml:0aec84e1da8ee04af40d224507da99427a56f8df http/cves/2023/CVE-2023-29298.yaml:2dd762a56ce650feb87703cf13af9ad126d8103a @@ -2874,7 +2874,7 @@ http/cves/2023/CVE-2023-3219.yaml:5311e1286c4722d9e9c3eb119f3a69e86051d75b http/cves/2023/CVE-2023-32235.yaml:97088e4dd3fc67bdf37659084e1c32fdb2670818 http/cves/2023/CVE-2023-32243.yaml:5017ee9fcc24b114eea4fe7633c99cebef59ca6c http/cves/2023/CVE-2023-32315.yaml:a388628fddc080cfb46ff933715ea37cc21c96f5 -http/cves/2023/CVE-2023-32563.yaml:fc82c31dfb58af56c66b354f7c01765af579f59b +http/cves/2023/CVE-2023-32563.yaml:4a171569f2a6e84f38750fc3fb1cc48bae71810c http/cves/2023/CVE-2023-33338.yaml:d35cdd0d185206331c54ff9a08ad69faa9a901b1 http/cves/2023/CVE-2023-33405.yaml:fd578aece75fa256b7e9d6fbfd1d5beac0ac400c http/cves/2023/CVE-2023-33439.yaml:598de9b341c7b3f13bc571114b20489906d89efb @@ -2983,7 +2983,7 @@ http/cves/2023/CVE-2023-4174.yaml:d2a97a88f0baba3caf65cc60cf274db932b1229f http/cves/2023/CVE-2023-41763.yaml:b3ef965f70f0a3c365b68bf36a2db700dcad8b30 http/cves/2023/CVE-2023-41892.yaml:26004dc155f05de0936d3fbaf9ba9d01ddb0af9d http/cves/2023/CVE-2023-42343.yaml:c1bffaa8664049b88b3f225dccf9b3e372fdf1bd -http/cves/2023/CVE-2023-42344.yaml:ddc78481c259a9aa0b68cf705dcc1cac1efc7a61 +http/cves/2023/CVE-2023-42344.yaml:8a94321d6e52b3e05d8898f4306648431b3b7eef http/cves/2023/CVE-2023-42442.yaml:f9d27d085afe82b96452ceaccf7be30e9a2202f9 http/cves/2023/CVE-2023-42793.yaml:8b264acdf918cb03bffd6b5c4de29320b8947997 http/cves/2023/CVE-2023-43177.yaml:ea77350bd701f6e47c68e8276d5033cfa3b10073 @@ -3005,7 +3005,7 @@ http/cves/2023/CVE-2023-4634.yaml:e89a93597f3a0d77427d5cf94b80b008e489ca5d http/cves/2023/CVE-2023-46359.yaml:2c5eadff5358c49c151934a282621b2bfce3bf92 http/cves/2023/CVE-2023-46574.yaml:d39bb36ad3ad2ca72034abe7139d9ecb3d131bb6 http/cves/2023/CVE-2023-46747.yaml:55aac6c051f2f2c61ee392fcee2132e489cc508c -http/cves/2023/CVE-2023-46805.yaml:9512ea3a9fffb7a9da602e143e4154df9f5a0ed8 +http/cves/2023/CVE-2023-46805.yaml:f86c81314cab84c5cba11e8cf28935fb2d054633 http/cves/2023/CVE-2023-47115.yaml:c12131d77ca810deaa51f3e73e3765eb334487fd http/cves/2023/CVE-2023-4714.yaml:f1478389ce3c421c8ea11427b60981dd202f1dee http/cves/2023/CVE-2023-47211.yaml:8894e51deeb6296e85a13c51c19ece0a197312f4 @@ -3022,7 +3022,7 @@ http/cves/2023/CVE-2023-5074.yaml:340095d00333b6b3d7dece3033a3cb41dd04d2f6 http/cves/2023/CVE-2023-50917.yaml:ee3ee070739fd42dafe2fed738ebdfacba14df51 http/cves/2023/CVE-2023-50968.yaml:844d5620e67bf7a9af304aed0e687d3fb54ac3ae http/cves/2023/CVE-2023-51467.yaml:d7ed00cef69c3992971e8b16f594bb3dc78c387f -http/cves/2023/CVE-2023-52085.yaml:128ce095be41c0e483180fc16b24b995e2a45897 +http/cves/2023/CVE-2023-52085.yaml:c9eb6ba66b397c36a1d3acf94303b8c30cbe7ab6 http/cves/2023/CVE-2023-5244.yaml:32f7df605dda4c16610c548f773673f5b69c67a5 http/cves/2023/CVE-2023-5360.yaml:387bf52196ed2e1d383a97ea158fe90b94d213b9 http/cves/2023/CVE-2023-5375.yaml:394c4b2b0867a8922fcfad500616380c117983d8 @@ -3039,26 +3039,27 @@ http/cves/2023/CVE-2023-6380.yaml:24e6506046fab035c83ce942b572d9389c88df15 http/cves/2023/CVE-2023-6553.yaml:a618d49197ae2f0c157df3548f40083211ad1161 http/cves/2023/CVE-2023-6623.yaml:9ee42ac9d9ed6c2c8e26d9ab039ae2d7a324c18c http/cves/2023/CVE-2023-6634.yaml:3e5d401d42812445929734319bbd63ed5f5823c2 -http/cves/2023/CVE-2023-6831.yaml:cafdd086fd6ded52b8bf7bddbfbcbe7bc89890ff +http/cves/2023/CVE-2023-6831.yaml:d76624f07424ff9ba2da9fcb03de93a99a5bb089 http/cves/2023/CVE-2023-6875.yaml:8b82d1b639505427889b14e159a706a66f65bae1 -http/cves/2023/CVE-2023-6909.yaml:94ea35c6bc6b26b7428c58fc6b3c484387d5cc7c +http/cves/2023/CVE-2023-6895.yaml:0ef4052f3a65107072ee47d11c4028e55f54b472 +http/cves/2023/CVE-2023-6909.yaml:e8c84b54fb87c65ef2afbbe6e44f305c8eb67188 http/cves/2023/CVE-2023-6977.yaml:5f16b7bdb7c8c98ab5e1c333cffaccbb4fbe51ae http/cves/2023/CVE-2023-7028.yaml:16a6a22a93bf8caea281ec34d32def83f8e06fac http/cves/2024/CVE-2024-0204.yaml:6fe6e29907168dd0d6bf7ca67ef70b3e5114430b http/cves/2024/CVE-2024-0305.yaml:81dbabe027bcd8f7733aefac310dcb7efa6e0a4f http/cves/2024/CVE-2024-0352.yaml:e324d6ccb69d2bee50aa487f5e068cc005c715d8 -http/cves/2024/CVE-2024-0713.yaml:997f1179701220ba776e8da4e321042b950c529a -http/cves/2024/CVE-2024-1021.yaml:6f94c1cf051951cac002787a5f971c60471f410d -http/cves/2024/CVE-2024-1061.yaml:b27c2c94969a04256555997add9575b0b39f1ca4 +http/cves/2024/CVE-2024-0713.yaml:1cfada6be44de92c30a1355f6b5976f42f1c789d +http/cves/2024/CVE-2024-1021.yaml:1162c1b388a8a47704b67c78a17a3cf6083a5291 +http/cves/2024/CVE-2024-1061.yaml:3b0e04f3a7179f58422006595516cdf1ce45607f http/cves/2024/CVE-2024-1071.yaml:672dd1ef0240ede4f06d3b98caf96f2f14bd1e8e http/cves/2024/CVE-2024-1208.yaml:6f0363cecc95a2187f9fbca30620a2d39d87eb15 http/cves/2024/CVE-2024-1209.yaml:36f848394da33f75c2198b8f5b9081f212b3ecd1 http/cves/2024/CVE-2024-1210.yaml:1333fe26c55e1b4e44bcfdc0e0de5226a053f949 http/cves/2024/CVE-2024-1709.yaml:7f5ad668e9c8e5ab56afee96df8907d7ccc71e0b http/cves/2024/CVE-2024-21644.yaml:e8d58594c2dc1021f9107eee925f11791e0627e7 -http/cves/2024/CVE-2024-21645.yaml:ba1ed2e20b119442be0cdf467f18b6b552b86e4f +http/cves/2024/CVE-2024-21645.yaml:ad0726f831503456cfb6dcc9f25c083d7eedb3bb http/cves/2024/CVE-2024-21887.yaml:e03d9cf1b5a79ff2e547281368ad69f048990696 -http/cves/2024/CVE-2024-21893.yaml:e4fb0025c29ec1deb55fe006c1021b9d54fbf64b +http/cves/2024/CVE-2024-21893.yaml:6109cdcfde4b7c3cebe0636d136b9f6b38d95501 http/cves/2024/CVE-2024-22024.yaml:8f8fbb852668db0a337fbc6e9046e4a05c458be1 http/cves/2024/CVE-2024-22319.yaml:089e73d8633f14ef54b24a562f3c6a81e7e85b2d http/cves/2024/CVE-2024-22320.yaml:cf3af4c9bacde29dca689a1319482e45b5604979 @@ -3133,12 +3134,13 @@ http/default-logins/hortonworks/smartsense-default-login.yaml:fd7c933a480a680b23 http/default-logins/hp/hp-switch-default-login.yaml:ae3ff7a8b5eed448ce748645e4281980e33f15c1 http/default-logins/huawei/huawei-HG532e-default-router-login.yaml:2235ed26074baba22aec6043a0f6c93655e39c24 http/default-logins/hybris/hybris-default-login.yaml:1a6ec57b31ab8ff954088f340689d5d7e4e99afd -http/default-logins/ibm/ibm-dcbc-default-login.yaml:b534cb6e21f2e83e84297e9635742e5bcd838094 -http/default-logins/ibm/ibm-dcec-default-login.yaml:2a09cb34e52c4c5f9d53da57b0121aa7cbc27fba -http/default-logins/ibm/ibm-dsc-default-login.yaml:d973f032a1fb897886d4bcbb807c75e82696541d +http/default-logins/ibm/ibm-dcbc-default-login.yaml:43cce1c0f66b50fff9e59961d6c43072412e280f +http/default-logins/ibm/ibm-dcec-default-login.yaml:60af0b002809852a80e6da175df516d8f5482873 +http/default-logins/ibm/ibm-dsc-default-login.yaml:c1271bea702a5a2e40ecb145c8ebb9ee3aee66b3 http/default-logins/ibm/ibm-hmc-default-login.yaml:d087d00369169148ef44163ccd78a3245e2efa6e http/default-logins/ibm/ibm-mqseries-default-login.yaml:dfa62ae47ac4a8b8a1b29dffd1916b10c29b78e9 http/default-logins/ibm/ibm-storage-default-credential.yaml:9ff20b457d9b772ab37ce47ac07cf98f4e3055e0 +http/default-logins/ibm/imm-default-login.yaml:b33fc7df35dd47c91454d64754218d38cb4fe283 http/default-logins/idemia/idemia-biometrics-default-login.yaml:db73400dbe50ee865fdd925253e5288f6f195170 http/default-logins/iptime/iptime-default-login.yaml:48f3d34ec32b4e732a8ba25d4a801b0943ec0076 http/default-logins/jboss/jboss-jbpm-default-login.yaml:fd2387ad05ebe5855e3dfb79602c5226b585c458 @@ -3227,7 +3229,7 @@ http/default-logins/visionhub/visionhub-default-login.yaml:b56eb860c30e4d0c61139 http/default-logins/wayos/ac-weak-login.yaml:9ac5c6fffbaa09f5459e593e5df4626808733f2a http/default-logins/wazuh-default-login.yaml:45a7a79185ef1e3d5429e0c1c8db5fc455e78ddc http/default-logins/weblogic/weblogic-weak-login.yaml:f619a9c8b20569891ca39be379d0fc4674a379b9 -http/default-logins/webmethod/webmethod-integration-default-login.yaml:419fb82fd48569467503c2e3a966128c44117f56 +http/default-logins/webmethod/webmethod-integration-default-login.yaml:175c660c03cdace405eea32c10066e958d5fcd2f http/default-logins/webmin-default-login.yaml:7fe6bf9a16301b60194d8527800c413cbe445df0 http/default-logins/wifisky/wifisky-default-login.yaml:fec471a9c422d4c39c5425dffc64034c16f6f170 http/default-logins/wildfly/wildfly-default-login.yaml:4ca97c36a46a4cc53b4122cde061d0b066d065af @@ -3410,6 +3412,7 @@ http/exposed-panels/cisco/cisco-telepresence.yaml:594345d10298304a335423d1015723 http/exposed-panels/cisco/cisco-ucs-kvm-login.yaml:fffbb67c8d3a7bd5135c67d7dbaa3ce24679508f http/exposed-panels/cisco/cisco-vmanage-login.yaml:9cc974726d25e4ce10d9332891f57295dd04ad39 http/exposed-panels/cisco/cisco-webvpn-detect.yaml:ded6595e6e37a67c13a4e4077398d6e8b0316ac1 +http/exposed-panels/cisco-unity-panel.yaml:a3fef0463750e4eb8d77578588e38f96a2c81564 http/exposed-panels/citrix-adc-gateway-detect.yaml:aa43603fd4cdfc6a2f59fe5cddd82bc19d707967 http/exposed-panels/citrix-vpn-detect.yaml:194e2d0b87e883821161a72061aeef9f87363bb9 http/exposed-panels/claris-filemaker-webdirect.yaml:37825b8f99280b58d83a5d4d055b5a822bc92592 @@ -3476,7 +3479,7 @@ http/exposed-panels/directum-login.yaml:ec5df7276a1dc4989d9633ed8078460cd24b0112 http/exposed-panels/discuz-panel.yaml:2f73e9f1d5c8c022d3c6a715da4659b5560346af http/exposed-panels/django-admin-panel.yaml:d8b9065509829de020b78427daec510584a2b468 http/exposed-panels/docebo-elearning-panel.yaml:f01ade0911337cae5daffd60b3e296aac2f55740 -http/exposed-panels/dockge-panel.yaml:5ad4a0e85f785e4f218b3c78924aab8df1318a70 +http/exposed-panels/dockge-panel.yaml:a3b0bb1d43a1e36479944b2ff7c7992efe691858 http/exposed-panels/dokuwiki-panel.yaml:a902f53c61fbfa19e0f1be93357d65c8b4e451af http/exposed-panels/dolibarr-panel.yaml:55116a68b7f74bf090c4b9c50a4ca206326ac9b3 http/exposed-panels/doris-panel.yaml:94122da74cdd477086713493ee85e977a9507f3c @@ -3498,7 +3501,7 @@ http/exposed-panels/dzzoffice/dzzoffice-panel.yaml:155233dcb6cf4a41ef20c0b07241f http/exposed-panels/e-mobile-panel.yaml:42cc7eb0cdda103e4d1b789de0752c414f188b02 http/exposed-panels/eMerge-panel.yaml:2e9faea2dc77851b77ae39e96b26b47ec6a6b2f6 http/exposed-panels/earcu-panel.yaml:b774d09b56a1681f579f0ba5867316241516e6a9 -http/exposed-panels/easyjob-panel.yaml:7fc0a9574c078ed7c9093d02d466db583b575a45 +http/exposed-panels/easyjob-panel.yaml:5761f4b0c4e1f9db9a69c460ceb7091ffbb147d8 http/exposed-panels/eclipse-birt-panel.yaml:b7f3a309113ccb41151d7e4259afaa25770c6715 http/exposed-panels/ecosys-command-center.yaml:31d14e7774b2d41a35d0e05bbe9890fc3ce92193 http/exposed-panels/edgeos-login.yaml:0f05b473da79c35f06ad0a848857796c1f67562f @@ -3586,17 +3589,17 @@ http/exposed-panels/glowroot-panel.yaml:f9291f4d014448048816fbb7cf55855c14717a53 http/exposed-panels/glpi-panel.yaml:3f27f30694ce40f397a69f4e7d1a133e57f69eb7 http/exposed-panels/gnu-mailman.yaml:efda62bc036eee39d330a9c8215af88539b1cb40 http/exposed-panels/go-anywhere-client.yaml:7bd1a8148f74cc8629be184499dce8b37cee47c9 -http/exposed-panels/goanywhere-mft-login.yaml:fbdb7b43b2231fec389e01215d59f29468bbbd8a +http/exposed-panels/goanywhere-mft-login.yaml:813a49bd77e7e617785c4d46325f59f0f56b1e53 http/exposed-panels/gocd-login.yaml:702ed7d2b74d608d9baa2102303ed6a85ac104bd http/exposed-panels/gocron-panel.yaml:a193236d3fac7ff70f1666b8695cb2c41616dde6 http/exposed-panels/gogs-panel.yaml:2092997fa2ff7d0833df1f87754b8a81cd75738c http/exposed-panels/goodjob-dashboard.yaml:bc842395f96f10f0ab84db6c3f151799143ba3f0 http/exposed-panels/gophish-login.yaml:0f8533a5b510c0baca7197b981062e04a367783b -http/exposed-panels/gotify-panel.yaml:38baac5d106fa94408165af3f95794db01daa854 +http/exposed-panels/gotify-panel.yaml:f4c23305778f9ac6b3ea5e48d289dbc8fc07931e http/exposed-panels/gradle/gradle-cache-node-detect.yaml:294def83b2827933ebffe4afe6867ad2f92127b9 http/exposed-panels/gradle/gradle-enterprise-panel.yaml:2fb4b0b7be3d63ff32d530f2da79c85a4fcc2de2 http/exposed-panels/grafana-detect.yaml:238348869bd6ad73719ae23215af97e2fdef48c1 -http/exposed-panels/grails-database-admin-console.yaml:49ac7bd1e264755f0e9c88fb97868217837fb387 +http/exposed-panels/grails-database-admin-console.yaml:31a044306b35272eebb66e5e4cbb02a128bf05fb http/exposed-panels/graphite-browser.yaml:c98dfaa4253b9aa9ef27f6886eb8a1b624bb4d8f http/exposed-panels/greenbone-panel.yaml:a61dcb8c7f0bebbd1afedbe8c8497177c4c8a1bf http/exposed-panels/group-ib-panel.yaml:056fb3641f24ba56bdbddcf80f3c130d0c7428e9 @@ -3604,8 +3607,8 @@ http/exposed-panels/gryphon-login.yaml:9a3308a4e0f593bb59466db79295493486678b30 http/exposed-panels/gyra-master-admin.yaml:9e304038b1c601e6504da249b2ccd5ec2ecb8cde http/exposed-panels/h2console-panel.yaml:c6b82d1327699bef6c956d99fa8a58b6721137db http/exposed-panels/hadoop-exposure.yaml:82cf6bf649601078e8c98bb20eb8e9cb01d5e788 -http/exposed-panels/haivision-gateway-panel.yaml:6ce2e856f2d3152ce5a268826f27dde0aff10e23 -http/exposed-panels/haivision-media-platform-panel.yaml:6cf0ef29e87c10a0992a51774fe55f79def80bcd +http/exposed-panels/haivision-gateway-panel.yaml:584b19dcd7d008f4380c64d7046c4e5190604a1e +http/exposed-panels/haivision-media-platform-panel.yaml:c0557be9c643cd538758b7f2c1d9db579687c020 http/exposed-panels/hangfire-dashboard.yaml:4abfa396f30c760a48a0541270c9850c8f0ab6e5 http/exposed-panels/harbor-panel.yaml:664b0548662d77ec6bf81e550dabc1a4846dd3da http/exposed-panels/hashicorp-consul-agent.yaml:a7ee66557adc42551d372074d3e68e7b35c703b7 @@ -3635,12 +3638,12 @@ http/exposed-panels/hydra-dashboard.yaml:dab003b7535935824c6ddec9037caeb7d2c6c42 http/exposed-panels/hypertest-dashboard.yaml:df964d88ec76e5744953b6565928e47360466324 http/exposed-panels/i-mscp-panel.yaml:2adb22b8779bc12d0c5789ff36ec30aa7e3899e9 http/exposed-panels/ibm/ibm-advanced-system-management.yaml:15ded76a978237194ac7e242f20b548c73783fd9 -http/exposed-panels/ibm/ibm-dcec-panel.yaml:d7ad5b898d4c572bc873785f60c98f783a48cf2e -http/exposed-panels/ibm/ibm-decision-server-console.yaml:be6b625194022ae9c89baab1ad1255bca8d16670 +http/exposed-panels/ibm/ibm-dcec-panel.yaml:e692d333cf9982ef6d646954cd1cc0a0d9f0dd47 +http/exposed-panels/ibm/ibm-decision-server-console.yaml:acb9c87256bc53d6bd0802bc89bcb76429191db0 http/exposed-panels/ibm/ibm-maximo-login.yaml:29e053730060e94849d2d52e478b4078fc186565 http/exposed-panels/ibm/ibm-mqseries-web-console.yaml:63db8a7ee3da09474b4cb3a9e2ac4670ebf3d150 http/exposed-panels/ibm/ibm-note-login.yaml:43ce71c262ed598194f2f77690e71636c5351c11 -http/exposed-panels/ibm/ibm-odm-panel.yaml:b660e97f46bb7c7c738f40c7c05a6b2a39d1b7b7 +http/exposed-panels/ibm/ibm-odm-panel.yaml:655bdc6160608c45967e84954ff97c383060e723 http/exposed-panels/ibm/ibm-security-access-manager.yaml:b0b5ab627868c554bb1e3983b7cee18b69a47806 http/exposed-panels/ibm/ibm-service-assistant.yaml:b114d0f3fa65478a82ea742961b66f4f1262866b http/exposed-panels/ibm/ibm-websphere-admin-panel.yaml:8853a7463bc4607667a36587ac55b988e8e83145 @@ -3669,7 +3672,7 @@ http/exposed-panels/isams-panel.yaml:ca2273a65861e25483e7d5d132612fc5525a925d http/exposed-panels/issabel-login.yaml:087d0d21228ab4508d0dd455d1b85f4ac4f04e05 http/exposed-panels/istat-panel-detect.yaml:88ccce9c45ad3c15649f7738f3115e1ec739ac3b http/exposed-panels/itop-panel.yaml:14759ff6d17dd1773942c8baa66da1416cc2d786 -http/exposed-panels/ivanti-connect-secure-panel.yaml:6ce904a67e742de7103761c5b0041e6659d58a90 +http/exposed-panels/ivanti-connect-secure-panel.yaml:fe12773faaee57ad83d6b5318c502ab9f542adb8 http/exposed-panels/ixbus/ixbusweb-version.yaml:21a7279400000e26d29de651beccdc780c3df35e http/exposed-panels/ixcache-panel.yaml:6e3705503bb4c69beb84e53b85ed01815cbaffcd http/exposed-panels/jamf-login.yaml:fa86d3ecb3c6e5f3529b4b7cd6c2c0a43df89a57 @@ -3693,13 +3696,13 @@ http/exposed-panels/joomla-panel.yaml:8b9e53d29b7a811d5cf245c6fd8e5e79b6a45d28 http/exposed-panels/jorani-panel.yaml:d496613b9575c4995919ab5bd3ccdfaf9e0f8963 http/exposed-panels/jsherp-boot-panel.yaml:023f3b78ffb50f0c6622062538d5921fb7d6431f http/exposed-panels/jumpserver-panel.yaml:9ad421999a050d85710524466cbb74f4934107ce -http/exposed-panels/juniper-panel.yaml:6314cba7514f68932413961927dcc1b99968149a +http/exposed-panels/juniper-panel.yaml:afb8f60e64fb7a1d361b20ea4faddff3f476d36f http/exposed-panels/jupyter-notebook.yaml:8cae4f93e5f1f7bdab5011c5eebbaac39318e097 http/exposed-panels/kafka-center-login.yaml:c9ded88de9addf49f8e31778a750e204b9296741 http/exposed-panels/kafka-connect-ui.yaml:f074332f024637669ecda119e9e9f461c69e323b http/exposed-panels/kafka-consumer-monitor.yaml:b37fd45f7a45f55e7d6013b4c4d29de462e1f0c5 http/exposed-panels/kafka-monitoring.yaml:d524b23928279ecd8845cc16bb1d0649a508b6b6 -http/exposed-panels/kafka-topics-ui.yaml:f448af7c2117d1b3dcf32fa957d91777174ddaf4 +http/exposed-panels/kafka-topics-ui.yaml:57b44ab6571612fb59cc0118bd1824ae57afa88d http/exposed-panels/kanboard-login.yaml:e81e61d745b0822a0e2943cee7d97f9fcca08061 http/exposed-panels/kasm-login-panel.yaml:5c4d3cfeba2613c7f94e001f9778eeef221b5b27 http/exposed-panels/kavita-panel-detect.yaml:d8e6bd5f80d41c0c670c8746f85fd04c6197649f @@ -3708,7 +3711,7 @@ http/exposed-panels/kenesto-login.yaml:029abf8eee5feac07d240cccf7e1e45d6b18be82 http/exposed-panels/kentico-login.yaml:c9e330ca7e168c9924a1fccf4d34a215f16cbb52 http/exposed-panels/kerio-connect-client.yaml:f7da874e308eafd9debac29b3e671c5a9ea5484b http/exposed-panels/kettle-panel.yaml:fb9048403a4d2670d0fad4d96e5677ccd1247917 -http/exposed-panels/keycloak-admin-panel.yaml:c331ea2a328ab857b7ff8ec0d987394d69b58613 +http/exposed-panels/keycloak-admin-panel.yaml:9597ef310b14743cf638bc8cbcac36045610d1ad http/exposed-panels/kfm/kaes-file-manager.yaml:7e8c259ede5d248200462d357845262c7cf53ee4 http/exposed-panels/kfm/kfm-login-panel.yaml:0e1cd56d1514332b82462681207f8196641bd42e http/exposed-panels/kibana-panel.yaml:5e776912526a5658d58c72a39e5ea59c549fa2bb @@ -3719,7 +3722,7 @@ http/exposed-panels/klr300n-panel.yaml:77bcef22397d636d0957d23fd684e38234a2d4de http/exposed-panels/kodak-network-panel.yaml:b3e6d8d398e7f47d2fa7a7d86c2bc998c41273c3 http/exposed-panels/koel-panel.yaml:33f4134d0c2d04e52a38e5d1c5a719410c73a78a http/exposed-panels/konga-panel.yaml:28cef710e093588c7bfa3abd84c8275baa6b3158 -http/exposed-panels/kopano-webapp-panel.yaml:048001c7e11bb518c1261974ffe30699090a5a8a +http/exposed-panels/kopano-webapp-panel.yaml:40bb9f884c65f358d2e26c3aa3bb4c0b5d3437b3 http/exposed-panels/kraken-cluster-monitoring.yaml:6f54a553c36ba088ba26779809f865b223a5e1cd http/exposed-panels/kronos-workforce-central.yaml:ce09748d0112e0ef4ff5174739765da8ee534859 http/exposed-panels/kubernetes-dashboard.yaml:aefdc298e7ff11db716c0d4576da6f02328305de @@ -3745,7 +3748,7 @@ http/exposed-panels/librespeed-panel.yaml:182d4df57a3211176c1a3ce5d9f78848cd149f http/exposed-panels/liferay-portal.yaml:2df4a8abbb09dae75f9f06365ab68ac9b1f128f8 http/exposed-panels/linkerd-panel.yaml:427eec2cc6b7a8db76d70940bb7a6741e588303a http/exposed-panels/linksys-wifi-login.yaml:69500b6f284b2a1720b8deb66c0abc6a25fc207a -http/exposed-panels/linshare-panel.yaml:cf943eb5a2674ff0bf322a4ad45a6b2f8c2d1ff3 +http/exposed-panels/linshare-panel.yaml:99f26a2eeef068c9c0c4bdd40a692ffd0870fd3c http/exposed-panels/livehelperchat-admin-panel.yaml:d54b72c2407edeeae7fc2b9d5a7bd04ffc9ddb0f http/exposed-panels/livezilla-login-panel.yaml:1c3634579be362e43976f3a9864c72b9ea790a31 http/exposed-panels/locklizard-webviewer-panel.yaml:497d5ab1498ae973f3e2863a0a2b4e599940f766 @@ -3844,7 +3847,7 @@ http/exposed-panels/ocomon-panel.yaml:323101dbd0f51d8e7e49abdf56c5ea0228f7b160 http/exposed-panels/ocs-inventory-login.yaml:711d8ca6a53efa893696cba5e4ad2bbbb6db9232 http/exposed-panels/octoprint-login.yaml:41f21362c3d2dc005488c9cefaee82aa9e10ab23 http/exposed-panels/odoo-database-manager.yaml:579d2c251cd5568352b0caa47b04898020ca8176 -http/exposed-panels/odoo-panel.yaml:b59341daecefcbecb5db2228550981492afe94f5 +http/exposed-panels/odoo-panel.yaml:144b20fd31b2fa89169206926cb5b511fd018665 http/exposed-panels/office-webapps-panel.yaml:718769cab4904014bc34053259d98c1362c40405 http/exposed-panels/officekeeper-admin-login.yaml:faf41b22b69f4896fa2553ce296a6cead3f29fe7 http/exposed-panels/oipm-detect.yaml:67ae690797779c5fc51c1856e55226269fcc27f2 @@ -3905,7 +3908,7 @@ http/exposed-panels/papercut-ng-panel.yaml:c9416141d60d2a44853b8774026e67a361479 http/exposed-panels/parallels/parallels-hsphere-detect.yaml:fba1cad2ac538e1005bfdf8c16e07251bcde263c http/exposed-panels/parallels-html-client.yaml:6c08e35a449b7044fddf4a557bf49ac7f31081d3 http/exposed-panels/parse-dashboard.yaml:b39d67095b3b7343ef831a044511b1d3e71ab471 -http/exposed-panels/passbolt-panel.yaml:9e31ba5ebc3d54dde16d130c0c92a0cd58341307 +http/exposed-panels/passbolt-panel.yaml:9524a3a93ab310024e931ce784c6568453e2437d http/exposed-panels/payroll-management-system-panel.yaml:96202e2ae2cf1f0f38f75368b29ae46e8521dd57 http/exposed-panels/pdi-device-page.yaml:71edd7176f2fa3d8a1a2bab5cc4eabd02143126e http/exposed-panels/pega-web-panel.yaml:384c9b52a8e1b6d63df0693d5364688b9766fbde @@ -3919,7 +3922,7 @@ http/exposed-panels/php-mailer.yaml:7d030c37fca8805ef27fff915c2e0912ca0dca8c http/exposed-panels/phpcollab-panel.yaml:d5156159edb9ec66810d29d88b975d80d285505e http/exposed-panels/phpldapadmin-panel.yaml:9d436776af6f1d11508b0c4b372d1e44910025a2 http/exposed-panels/phpminiadmin-panel.yaml:0d81288b041d9a52618c6e87cc752baf61a27292 -http/exposed-panels/phpmyadmin-panel.yaml:c27b70c869e79a61960e51a64366f9fea2f3380d +http/exposed-panels/phpmyadmin-panel.yaml:24d52b396d8261cc2bd91a36fdfda5086e12a4aa http/exposed-panels/phppgadmin-panel.yaml:c8aae052776161df87348ff61d8cc55426d9f89b http/exposed-panels/pichome-panel.yaml:ecd10756b689ed1d53f4c4cf63d9b2eceeb6e3c9 http/exposed-panels/piwigo-panel.yaml:acb1051758098d9daa0042d84c10d9d8e70ec72b @@ -3942,13 +3945,13 @@ http/exposed-panels/project-insight-login.yaml:dd9a34c5f6438b77fecf05b6e4d305b28 http/exposed-panels/projectsend-login.yaml:e0a36b6d89d4a2ec0398efb42d1979471915f2f1 http/exposed-panels/prometheus-exposed-panel.yaml:3333812520f9e84d156389863615889a0e3609f6 http/exposed-panels/prometheus-pushgateway-exposed-panel.yaml:a10a1edcf4f8915960002dab928f3f9f7a015a66 -http/exposed-panels/proofpoint-protection-server-panel.yaml:b3511759e99ac384368570f7e71a2519b4393ce8 +http/exposed-panels/proofpoint-protection-server-panel.yaml:ea3bee8c972a55415f3930bc5a33185e913bdafa http/exposed-panels/proxmox-panel.yaml:a72cbcbbd718ae78da9e5cb651e5162fbd8fe13b http/exposed-panels/pulsar-admin-console.yaml:4378cb1c13c28c4f9961a823688885fc37c85f8e http/exposed-panels/pulsar-adminui-panel.yaml:649db134d3c76fa580f07602953664179ecc7167 http/exposed-panels/pulsar360-admin-panel.yaml:f5f87b493ac361ad71c3ea7af6e443cc7740c5f2 http/exposed-panels/pulse-secure-panel.yaml:56d61f0f7cc10184ccfa1527698e50cf92014464 -http/exposed-panels/pulse-secure-version.yaml:561e042e7a55c3e68bc70a27e47116e3cfc11fbb +http/exposed-panels/pulse-secure-version.yaml:e96faee87895723d9669048dda1e8d77a0e0e9bd http/exposed-panels/puppetboard-panel.yaml:e9344133cb99a7168b27279af1804969b22ecece http/exposed-panels/pure-storage-login.yaml:349951b690b9f2897a0a1b17e154761e23dadff5 http/exposed-panels/pyload-panel.yaml:91e768746f561abcf6f27bab971e584204604f19 @@ -3986,7 +3989,7 @@ http/exposed-panels/reportico-admin-panel.yaml:3eee7ac81c3fbabedae7410fef23f596f http/exposed-panels/residential-gateway-login.yaml:72d29785a821307d2cbe2d78f528d4852f9dce71 http/exposed-panels/retool-login.yaml:7467202e85ce03329fd437805bfd4781e26e9c4d http/exposed-panels/riseup-panel.yaml:504bcbdfee20e690fcb233c4d28e112be0e6a7ca -http/exposed-panels/rocketchat-panel.yaml:65a3e134f3967ca5b70eef8dd1aafab465b4c6c7 +http/exposed-panels/rocketchat-panel.yaml:1797a0588ebc8cd8883506cf64fa59588035b00e http/exposed-panels/rocketmq-console-exposure.yaml:09a1f16ae4d579ade6261d0c4656bdce4da79fed http/exposed-panels/room-alert-detect.yaml:fddb0fc30967eeba1c39aaa437ec0de3ead10c60 http/exposed-panels/roxy-fileman.yaml:89c198d917c4a3d8d215263f4f7762423264fd3b @@ -4033,7 +4036,7 @@ http/exposed-panels/selenoid-ui-exposure.yaml:2a2578a2126c9e0938450a0b0fc3ebbdf3 http/exposed-panels/selfcheck-panel.yaml:26a1dba78672ed274e62e8851c7a0434a9d20acc http/exposed-panels/sensu-panel.yaml:f0552262a1bea70d309b5dad4c54877261ac2a60 http/exposed-panels/sentinelone-console.yaml:21a9d216c8fe1537aef84beb70227e34ced97eeb -http/exposed-panels/sentry-panel.yaml:b28a84746bd4565f89c6359710be9bc92d4bcc39 +http/exposed-panels/sentry-panel.yaml:4ccff3f9d0e57d27b8b1ac1301d3a418bb6549dc http/exposed-panels/sequoiadb-login.yaml:5c6ae87b911d88098a919ea2c9019bcdcb4aac1d http/exposed-panels/server-backup-login.yaml:8bb46ccd47f51f326a14eb98c88c9cc417d959dc http/exposed-panels/server-backup-manager-se.yaml:0649b37f7571f65585081f415c9f7e3a3a1f7449 @@ -4148,7 +4151,7 @@ http/exposed-panels/totemomail-panel.yaml:ef9aeb8f3b622f8dc8634a061f763c95b62119 http/exposed-panels/tracer-sc-login.yaml:c4c690015c69c1daf59971d2569b68adc8803e40 http/exposed-panels/traefik-dashboard.yaml:ac7ea377559cd81de337724cf38ef90b151c65ee http/exposed-panels/trendnet/trendnet-tew827dru-login.yaml:7bdea91b74a9a7443858cd136687182ac083db3c -http/exposed-panels/truenas-scale-panel.yaml:208b542bc140b1a3cc22ddb0fe9b9f0568f620a4 +http/exposed-panels/truenas-scale-panel.yaml:b939282e8aaf6700a38d1a774caa02297f999c32 http/exposed-panels/tufin-securetrack-login.yaml:e8a2462f2191c552225314a7c452611ed49ac135 http/exposed-panels/tup-openframe.yaml:4cfd81dae974fd0f05c15a6f7b52ef6f30db58c2 http/exposed-panels/turnkey-openvpn.yaml:d46d4e58d49cf0306651a9ded2b4a7bbe18e4a40 @@ -4179,7 +4182,7 @@ http/exposed-panels/vigor-login.yaml:2430738e29f88051404914d3dd485fa7f6e35c8d http/exposed-panels/vinchin-panel.yaml:a44d0b06dff2aaac357c0147ff0ce2a9165e058e http/exposed-panels/virtua-software-panel.yaml:0ba322ac76fab6f1e5883b264f12a219c3679192 http/exposed-panels/virtual-ema-detect.yaml:4a3ae03480bf6bad92ba6043941f2031e085fa0e -http/exposed-panels/vistaweb-panel.yaml:98a403e71bd08420623f70037eaf7274d375663c +http/exposed-panels/vistaweb-panel.yaml:00cf1a3c6157db900e38b3918719841fa2a5a244 http/exposed-panels/vmware-carbon-black-edr.yaml:51c714c30e6991ec619987477c861053586d9e4b http/exposed-panels/vmware-cloud-availability.yaml:9602473a585805e2b305c2b2be4b930f1cfbf7f5 http/exposed-panels/vmware-cloud-director.yaml:f7651a17aab8a84e8db4cc38016e8fdf6c12f2a1 @@ -4280,7 +4283,7 @@ http/exposures/apis/jeecg-boot-swagger.yaml:f90ea6927d4e5f8dad82d5766129ea8de5ba http/exposures/apis/openapi.yaml:61119f5825fa000b6b5965624596a1586399bfa8 http/exposures/apis/seafile-api.yaml:a1a4fa907bd1cb8bedb8d6be776da5e9e454b7ec http/exposures/apis/strapi-page.yaml:971cedde18c18e1adb7ba2aee80a4e57ba92dc9d -http/exposures/apis/swagger-api.yaml:ddd6f475bc65aa4e7912694cb96adb1fb61b2ea5 +http/exposures/apis/swagger-api.yaml:83458048dae90cf2d5f58730ce9be996818555f1 http/exposures/apis/wadl-api.yaml:7a728eb7a4cb779218d582661a7fb2978abedc03 http/exposures/apis/wsdl-api.yaml:e28378d37cb724e50ad74e13158210a704a2d9df http/exposures/backups/exposed-mysql-initial.yaml:546b26c48697aa27b99c9d385c509b1af10e8907 @@ -4288,7 +4291,7 @@ http/exposures/backups/froxlor-database-backup.yaml:a8296d723d545dea6b9d898766db http/exposures/backups/php-backup-files.yaml:6af27377a944a299aee9bf4c4dbd8b60b99b8224 http/exposures/backups/settings-php-files.yaml:4deb7ac78c1f7df72c6efad11c7ce77373c3ba7b http/exposures/backups/sql-dump.yaml:e989e8b4ad56b0ed996c7dc9cec7eab2210c223c -http/exposures/backups/zip-backup-files.yaml:698e3e2a807739351cbabb672ece73fb636e3753 +http/exposures/backups/zip-backup-files.yaml:0b4309555d6a4f0fee56b49d302d209baccb808e http/exposures/configs/accueil-wampserver.yaml:d33e2f3e0f198426999fff6bcd7d1344b5c46240 http/exposures/configs/airflow-configuration-exposure.yaml:b212acd4a5ef9cbb3e0b84da2b4a3cd8599aa1b3 http/exposures/configs/alibaba-canal-info-leak.yaml:9a0d928feb9c023e106d2e5fb6d4d6bab4e84297 @@ -4300,7 +4303,7 @@ http/exposures/configs/appveyor-configuration-file.yaml:20b64eb403f080bf2a11eaf9 http/exposures/configs/aws-config.yaml:193af91d07b6ff68bd8ea13f10a65de246c92f4d http/exposures/configs/aws-credentials.yaml:9a1f115114ef1675d53b0ab4b51191a250db02db http/exposures/configs/awstats-config.yaml:e4d9b1e86e0e0ab0a70e7f4865b20339d854e659 -http/exposures/configs/awstats-script.yaml:162d4836cf9a0f82ffd6173e4af50f283f05de87 +http/exposures/configs/awstats-script.yaml:b0a116b8b759d728c392f66ccee4628593ec6a76 http/exposures/configs/azure-domain-tenant.yaml:537cfd449ad2413268752cb92200e3582ee0ea82 http/exposures/configs/babel-config-exposure.yaml:e3b7be4f09d41013125edd362cc94b181fe40e9f http/exposures/configs/behat-config.yaml:050530632c7cf5f4ae9c6eaf57c98a9e2a255fa0 @@ -4587,7 +4590,7 @@ http/exposures/logs/pyramid-debug-toolbar.yaml:bea48f6faf39793e2515c6176595cb2ad http/exposures/logs/rails-debug-mode.yaml:35b2fc2542e911f45fc43c9b7626c9b08e948f3a http/exposures/logs/redis-exception-error.yaml:501efe20402074733f8cea4256893da5cda5924a http/exposures/logs/redv-super-logs.yaml:6c1f653bdbfcb064d83ac5cc8405407941261f48 -http/exposures/logs/roundcube-log-disclosure.yaml:19e93312c353c2d711a12205172d40f925e1e8b4 +http/exposures/logs/roundcube-log-disclosure.yaml:ebb3b450a71afecfcbedb06ec3e72099f40c0752 http/exposures/logs/squid-analysis-report-generator.yaml:6fd300a0bdb813fedab1afd52e4f0d03b8e1ab35 http/exposures/logs/struts-debug-mode.yaml:1e3dbbca8b63398a837d712471b7c5d1b27876b8 http/exposures/logs/struts-problem-report.yaml:4ceadc53f20790df85828ba96eef8c7ff3df8d8d @@ -4750,7 +4753,7 @@ http/fuzzing/prestashop-module-fuzz.yaml:1770351eb8024ad210d1773b851f15a92f523bf http/fuzzing/ssrf-via-proxy.yaml:67a0e37236d363d42d148494ee00f3fb55372ce3 http/fuzzing/valid-gmail-check.yaml:5322234e7caccea4fe57c3ec8ea7e5b6b91317e6 http/fuzzing/waf-fuzz.yaml:6b9237448f006d60291634510ac4d910fb73ca0c -http/fuzzing/wordpress-plugins-detect.yaml:84fd21c4d4f2957e281e3f858c997807f5b3b5af +http/fuzzing/wordpress-plugins-detect.yaml:3bb133a2a5af6333133a4d1afc69b7253325e071 http/fuzzing/wordpress-themes-detect.yaml:81452a0c2201364547a722b3268c3cc9be19fbad http/fuzzing/wordpress-weak-credentials.yaml:7888d38b87847f4bc5e598027b24d373ed72a51f http/fuzzing/xff-403-bypass.yaml:3988407398c98a0f521e0251aafe2738470ed895 @@ -4927,6 +4930,7 @@ http/misconfiguration/clickhouse-unauth-api.yaml:50981e20ce91e8483c828bc8dc08342 http/misconfiguration/clockwork-dashboard-exposure.yaml:560363ab2aa0f4ee66a559fcd79af2a25a1ec3f3 http/misconfiguration/cloud-metadata.yaml:c830abb35eeddf51f760f450947c00499fcdae28 http/misconfiguration/cloudflare-image-ssrf.yaml:571629f99a2171f68d0e62923df20f125663bb22 +http/misconfiguration/cloudflare-rocketloader-htmli.yaml:c84f320283284c322b5c18a1f04837b77519c76d http/misconfiguration/cluster-panel.yaml:a55bbcd24bdcbf255c289f5e865ef63a0b00f6ec http/misconfiguration/cobbler-exposed-directory.yaml:024dc111a55d35d7da4e00e12c15ebb9e28c8303 http/misconfiguration/codeigniter-errorpage.yaml:85190ddc7995b4e5a3889743d784c9ff750fa987 @@ -6233,7 +6237,7 @@ http/technologies/gitea-detect.yaml:bc807981ba172321669615b213d248cbaa2b5da0 http/technologies/glpi-status-page.yaml:9f9a087ab4f29bcf258d005e9d63523e710e1060 http/technologies/gnuboard-detect.yaml:9da36bc59856b04e8db84a9a3db621b33c7c351d http/technologies/goliath-detect.yaml:d53a98cd9a0b50e9a6bd0cf889ee1c02bec81e2d -http/technologies/google/chromecast-detect.yaml:a185d3e179384b8e87f1529ae7039ae2a23882f3 +http/technologies/google/chromecast-detect.yaml:6e737a6bb7af67aa3969c03364e3782330847c04 http/technologies/google/cloud-run-default-page.yaml:91ff90b29a400729fd8dbef4aaf0769ff29584d0 http/technologies/google/firebase-detect.yaml:fa2021156b4a3de1e257f610042c076d83ecab21 http/technologies/google/firebase-urls.yaml:567d690e4e228892b057512c135046889827baa9 @@ -6260,7 +6264,7 @@ http/technologies/hugo-detect.yaml:ba04ba7428351903f8cb1bc1048e880900ff7a43 http/technologies/ibm/ibm-decision-runner.yaml:a6248059b1ad2317d2175dc564922099f457d099 http/technologies/ibm/ibm-decision-server-runtime.yaml:72d72f3428e03859b6f2404a21a59b32442267f3 http/technologies/ibm/ibm-http-server.yaml:c296167189f646852e2783ea825f7020d56fbe29 -http/technologies/ibm/ibm-odm-detect.yaml:38e897917b49732dd3af162669d9634739fa4de4 +http/technologies/ibm/ibm-odm-detect.yaml:e138c918a7c81a8d1ea1bfb4e8074570225bcb1e http/technologies/ibm/ibm-sterling-detect.yaml:813f10f25e68c4638f3cacd9e2fad36fa47686c9 http/technologies/icecast-mediaserver-detect.yaml:e8cd04701c56d72863370946d98a0ab90920a418 http/technologies/icecast-server-detect.yaml:9c420fa5e33996ea06f25259e6d07fbc940e416d @@ -6311,7 +6315,7 @@ http/technologies/limesurvey-detect.yaml:afed2527d32f8cfcda0e339101e78498708358c http/technologies/linkerd-detect.yaml:920354b2b2ef4c619d2edef1d09f1fc0955f227e http/technologies/livehelperchat-detect.yaml:196d3edefaf008a63137a608b428e3938f2a9454 http/technologies/lotus-domino-version.yaml:b455d220f9fae490009b55eff93de6999eec8289 -http/technologies/lucee-detect.yaml:b2c5b2e4cb5312f7cf1a4a24c0e09ec346990fb3 +http/technologies/lucee-detect.yaml:c77b002ba99d147cd9041dbc14f28c34bb7df42e http/technologies/lucy-admin-panel.yaml:6aaab45f852e16617ea258289512ab6f40a352b9 http/technologies/magento-detect.yaml:45e89094e19e4e16bfbf390a075ac7aa20dcfab1 http/technologies/magento-eol.yaml:72a8972fdc4c3a96e7db989297db7da0da7ecea3 @@ -6982,7 +6986,7 @@ http/vulnerabilities/code42/code42-log4j-rce.yaml:c6eca1ad5491f3ab51671acd906724 http/vulnerabilities/concrete/concrete-xss.yaml:85b12fb54e5f98736f4bc70df764384fe675f2f2 http/vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml:305c4b65dec3bc65e31fcd5c0b72a9841e630064 http/vulnerabilities/copyparty-xss.yaml:f6a15b2e183849ebd607677d67c8cf3bc5eed755 -http/vulnerabilities/dahua/dahua-bitmap-fileupload.yaml:7593dae9b36adbf2b2f0ee51c0179790c5f3f765 +http/vulnerabilities/dahua/dahua-bitmap-fileupload.yaml:c1fc5b4ce6f0391224885f8ed89cf6fca238f981 http/vulnerabilities/dahua/dahua-icc-backdoor-user.yaml:18c3fc320dcc5e7a99cffcafdaff748340344ebc http/vulnerabilities/dahua/dahua-wpms-lfi.yaml:bf3a85ebab2aa341bf4537517a41eb0fc63e79d2 http/vulnerabilities/dahua/dahua-wpms-rce.yaml:38d785507734118baeee83b9c5ecc2429017eb3c @@ -7027,7 +7031,7 @@ http/vulnerabilities/generic/open-redirect.yaml:9b55ef301e2bd2439812462a96343e68 http/vulnerabilities/generic/request-based-interaction.yaml:d3d7eaea6c38c5463861075a7542ed9c7e8f119e http/vulnerabilities/generic/top-xss-params.yaml:3e9a7e3fa96022f53af19ddd617225731c3bd9df http/vulnerabilities/generic/xmlrpc-pingback-ssrf.yaml:0a058b056b1584bc9de28df14baa9b57be220e88 -http/vulnerabilities/generic/xss-fuzz.yaml:805377b4b892732ce903b7aab9ab602820745e7f +http/vulnerabilities/generic/xss-fuzz.yaml:c4dbcbb7df14ae32211b8d13b91795bc1498a63f http/vulnerabilities/gitea/gitea-rce.yaml:4ea12e8bbd3bc44f738ece481eb43e8dd6cbbef4 http/vulnerabilities/gitlab/gitlab-rce.yaml:173dd50897b2956f85fce08f9730f740415ee4b2 http/vulnerabilities/gnuboard/gnuboard-sms-xss.yaml:969333f355e024ef605152fe26bb45511f20f4ad @@ -7128,7 +7132,7 @@ http/vulnerabilities/other/avcon6-lfi.yaml:31fda2c65574c91b2ccd8e140e03243fb9546 http/vulnerabilities/other/bems-api-lfi.yaml:4b2ace615d63afc61e4401ca7c6d6bd3c7e0a02a http/vulnerabilities/other/beward-ipcamera-disclosure.yaml:4461c2309baf099cca67518def7863f003f459ac http/vulnerabilities/other/beyond-trust-xss.yaml:541a6f90d60f4267863346d5ebe9e1083f234f62 -http/vulnerabilities/other/bitrix-open-redirect.yaml:e80422dc787d18e6b6b111beccd61380e91dea7b +http/vulnerabilities/other/bitrix-open-redirect.yaml:833af07ba94f8963714b0e88e9886d354d49b893 http/vulnerabilities/other/blue-ocean-excellence-lfi.yaml:77169388e9064f1e08de2505a00c6d01b999ac44 http/vulnerabilities/other/brightsign-dsdws-ssrf.yaml:366050c5044a7f40dd54529a409f4ef2a3aceff1 http/vulnerabilities/other/bullwark-momentum-lfi.yaml:4677beb1cf50189f15dddee0c2c36357df5f0c1a @@ -7510,7 +7514,7 @@ http/vulnerabilities/ueditor/ueditor-ssrf.yaml:6d255515d772049bbc3acf2eda7a48635 http/vulnerabilities/ueditor/ueditor-xss.yaml:222e1f2da270e70eb6a8c9a9b57ba955b9ecb785 http/vulnerabilities/vbulletin/arcade-php-sqli.yaml:3aefc2073f08e855dec0c8146b728b692ce654f2 http/vulnerabilities/vbulletin/vbulletin-ajaxreg-sqli.yaml:5e3cb2ac4a3259c35592098294ad49ef31b87efe -http/vulnerabilities/vbulletin/vbulletin-backdoor.yaml:b392b082f2902adce1f3c5560bdebbc6997f986f +http/vulnerabilities/vbulletin/vbulletin-backdoor.yaml:5565f8dcc7d5ad169422fd7e698c0399f79ab961 http/vulnerabilities/videoxpert-lfi.yaml:1aa4c4a1048489e9343348c0e436a2917c4edcf9 http/vulnerabilities/vmware/vmware-cloud-xss.yaml:4afa16c86c0394c6134840c2745657758b78e063 http/vulnerabilities/vmware/vmware-hcx-log4j.yaml:73321afec891e37709b54301889f4d0fddf26e1e @@ -7774,49 +7778,49 @@ http/vulnerabilities/zyxel/unauth-ztp-ping.yaml:fe9fe6bf3d7f27b2f5297126714f53c3 http/vulnerabilities/zzzcms/zzzcms-info-disclosure.yaml:daa2040c8238fbe51311e7ac80eca48e3eb64691 http/vulnerabilities/zzzcms/zzzcms-ssrf.yaml:80348e0fda22d428224a9a62afae01b8380694a0 http/vulnerabilities/zzzcms/zzzcms-xss.yaml:61a6fd65556054e8e2a631080388aff7aed42f6b -javascript/cves/2016/CVE-2016-8706.yaml:c21463abcb42d88d7e816d3db29d7d13fa1ac54d -javascript/cves/2023/CVE-2023-34039.yaml:454f5853fb31bb0ab3a22952a5dc13a06ced76c6 -javascript/cves/2023/CVE-2023-46604.yaml:5dacba8518a99f746260e0beba45af0c5eb127d3 -javascript/cves/2024/CVE-2024-23897.yaml:1830ed16e8a41ed65ca7d716316b83165570ae22 +javascript/cves/2016/CVE-2016-8706.yaml:823829801f090b3c8aa0b65a21f506da440cb2a0 +javascript/cves/2023/CVE-2023-34039.yaml:99873aefa26ca441bdea56e83f1433ddc11054c4 +javascript/cves/2023/CVE-2023-46604.yaml:5f4409197ba9dd7f86ae5de4beb6409ce7f1bfb8 +javascript/cves/2024/CVE-2024-23897.yaml:2de4bb803c9ebd5e8a989cc1760102ea53ee95d3 javascript/default-logins/mssql-default-logins.yaml:b95502ea9632648bc430c61995e3d80d0c46f161 javascript/default-logins/postgres-default-logins.yaml:dfa3031c3333b73c7c50bc8f37c85dcd093d7fe7 javascript/default-logins/redis-default-logins.yaml:2fa73c5a1e16bf94079c15ae7c9299fa3adbfb2b javascript/default-logins/ssh-default-logins.yaml:c4bcd972a43fe891783029326291d50bbf3c1ac2 javascript/detection/mssql-detect.yaml:3dad2c227b904cc228247a86bf0372c5b2544b94 -javascript/detection/oracle-tns-listener.yaml:e435c4b79ba01c3ea663d492a3ab6b66a48cf302 -javascript/detection/ssh-auth-methods.yaml:a1bec17399b358307021abc7ebf774f9a7d82af2 -javascript/enumeration/smb/smb-enum.yaml:074eff7507fc747785bf379b0cf67d717249705d -javascript/enumeration/smb/smb2-capabilities.yaml:abc6037826111ddad3578bdbae6301605da88df7 -javascript/enumeration/ssh/obsolete-ssh-version.yaml:cf51412fb5a680512ee870ca33838b57386753ee -javascript/enumeration/ssh/ssh-diffie-hellman-logjam.yaml:48276f32d49bb8e81ff668697334ec15ce9062f9 -javascript/enumeration/ssh/ssh-password-auth.yaml:58385baadea880de6eed9047c4973567660e933c -javascript/enumeration/ssh/ssh-server-enumeration.yaml:3312b0c9e9522964fdfcadde2018e34d504dd8b6 -javascript/enumeration/ssh/ssh-sha1-hmac-algo.yaml:f018ece04f89b8191d43add38bba775b9a240ed5 -javascript/misconfiguration/smb/smb-anonymous-access.yaml:7095dc15d11e500b09d3d5268a834a5583389131 -javascript/misconfiguration/smb/smb-shares.yaml:49be9dcadfeeb13bf30630bb536bceda58324c75 -javascript/misconfiguration/smb/smb-signing-not-required.yaml:4ee3aad447c4c2b6cbf2d56795115ef257c7aefa -javascript/misconfiguration/ssh/ssh-cbc-mode-ciphers.yaml:af24c1f0c5ae96ae784214f58fecc612a96b3b2a -javascript/misconfiguration/ssh/ssh-weak-algo-supported.yaml:4a45d74b94f45d97bd78e028093283f8a0116887 -javascript/misconfiguration/ssh/ssh-weak-mac-algo.yaml:17979d5b031984834c179cbf78698e3bd2d02b1e -javascript/misconfiguration/ssh/ssh-weak-public-key.yaml:782299f4c89ce130c7b94375293ea690189acc79 -javascript/misconfiguration/ssh/ssh-weakkey-exchange-algo.yaml:c5ed345cb88bf03ed78fc39539bbed99e4767e21 +javascript/detection/oracle-tns-listener.yaml:3d274f668de183b62c79c04782bf0740150b4423 +javascript/detection/ssh-auth-methods.yaml:7240dac7d7ee80f4aebf95f7ddf7a540874adf04 +javascript/enumeration/smb/smb-enum.yaml:afac4784cfb9e19ad73c4a66bcb927f872f3056d +javascript/enumeration/smb/smb2-capabilities.yaml:4692b31e9b77dd75b52c3f995244a49ac3066f0d +javascript/enumeration/ssh/obsolete-ssh-version.yaml:136a52496c5832d06d80ced805951ab7be25dbff +javascript/enumeration/ssh/ssh-diffie-hellman-logjam.yaml:95c983ec5f5cec534007b5a252f53e5d764d8512 +javascript/enumeration/ssh/ssh-password-auth.yaml:50ca5eb9f3fba26eb72d9510b71ac4fbad8b4698 +javascript/enumeration/ssh/ssh-server-enumeration.yaml:4253ab5aaab4bc8690c29788d7f7b298aedca45e +javascript/enumeration/ssh/ssh-sha1-hmac-algo.yaml:cf9e950c3f3200c8af9aeedeb35fc90f2eb5b1af +javascript/misconfiguration/smb/smb-anonymous-access.yaml:9a3a03bc272aa7e8e41371b9d5da218e4db9ea6d +javascript/misconfiguration/smb/smb-shares.yaml:29625411d102acc559a20069fb58a3b7fe5c7fab +javascript/misconfiguration/smb/smb-signing-not-required.yaml:d3d28166bb313aaf989f155001f17b23dc08af06 +javascript/misconfiguration/ssh/ssh-cbc-mode-ciphers.yaml:cc5d0034e363156cfcb6efe1b982fae8f2d0fdd1 +javascript/misconfiguration/ssh/ssh-weak-algo-supported.yaml:83bdd007c2437f397fa047b0c844faaeadb9580b +javascript/misconfiguration/ssh/ssh-weak-mac-algo.yaml:5b88f7a8604b8495d2376c87d7ed98e48a5517a7 +javascript/misconfiguration/ssh/ssh-weak-public-key.yaml:f6a91e501db1e6dfb6e9ea406e11df4991697d4e +javascript/misconfiguration/ssh/ssh-weakkey-exchange-algo.yaml:6749f7256d5cdb6171b77be90c144d7947efcc27 network/backdoor/backdoored-zte.yaml:42b5ec609229045d3ebbb6e8968a1797413afb44 network/cves/2001/CVE-2001-1473.yaml:5374944a926a53026fd02e17333ab21c0fd94115 network/cves/2011/CVE-2011-2523.yaml:439f13ea18e52af5b7de1ae93ed2de579a3157c3 network/cves/2015/CVE-2015-3306.yaml:89bdabc177692a54c7c144c2c45446b15350f513 -network/cves/2016/CVE-2016-2004.yaml:d91783c38f072fb9d31f26ab5855277bd99ac2b7 -network/cves/2016/CVE-2016-3510.yaml:2a3546986aee945c468fdc07b503bca5523305a6 -network/cves/2017/CVE-2017-3881.yaml:869996ec20da14c23dca67b165c43c0a13b81346 -network/cves/2017/CVE-2017-5645.yaml:372a5b5d351046b1686556f8f1d3b90d0cb9bca5 -network/cves/2018/CVE-2018-2628.yaml:4b40199b66e16cb429a1b906a225222ce4ee0b4b -network/cves/2018/CVE-2018-2893.yaml:b3f4ba2576ee7f7bfcd1803833d35a77d58d3803 -network/cves/2020/CVE-2020-11981.yaml:ba2eab844ec1d1f417522b3cee35697103cd1cf8 -network/cves/2020/CVE-2020-1938.yaml:06e7c8ed52d5b37470fe08bbbc6704cbf47de8ed -network/cves/2020/CVE-2020-7247.yaml:b53d8667d78dd8815cf4d2d8762b3b3659db20f5 -network/cves/2021/CVE-2021-44521.yaml:3bcb6606fb5afe8ebc4d1fbe975c1ca2c074cc37 +network/cves/2016/CVE-2016-2004.yaml:d4713d0f58f1ce397fa93f4b63846b20e9fbf8ee +network/cves/2016/CVE-2016-3510.yaml:b4c02dac17d6d414df12ae417a1808db98132783 +network/cves/2017/CVE-2017-3881.yaml:b7bd93f6269a7668f90d5c4123cb607575af22a2 +network/cves/2017/CVE-2017-5645.yaml:830bfd883c9814559f0427b630a4e81a517e4574 +network/cves/2018/CVE-2018-2628.yaml:de8f05be4ba405e979d63a7568ed60997d73aadb +network/cves/2018/CVE-2018-2893.yaml:f0fdaf4f4e2987fa578b0002c333a4bc9044ee04 +network/cves/2020/CVE-2020-11981.yaml:37bdf9249ab7be23ba33722b18b2665a37f03b9e +network/cves/2020/CVE-2020-1938.yaml:67304c9387b0cc25e1b58533281f4cc3f54b96ee +network/cves/2020/CVE-2020-7247.yaml:c13a56665dd6b6a402ad0796e3e46da7f7113b71 +network/cves/2021/CVE-2021-44521.yaml:bdc1acf919d253a609fbcaf9ae914344f9c187e0 network/cves/2022/CVE-2022-0543.yaml:e9859038895a62b5bb1e60ed5c400d9b0e0940c1 -network/cves/2022/CVE-2022-24706.yaml:67d5e23f9d2ca0f84093adc805a743b6173cec17 -network/cves/2022/CVE-2022-31793.yaml:c65cc50f8fedc2b15e1ee7034df6aa14e3ae0d3f +network/cves/2022/CVE-2022-24706.yaml:6d06d9e53c396048b61fabb7486075474ad61f11 +network/cves/2022/CVE-2022-31793.yaml:d53c4361e167a401f76f3069a2cd985a612c955c network/cves/2023/CVE-2023-33246.yaml:3db23ab1b222f81ce0a08b75c23bc5ecae85b9dd network/default-login/ftp-anonymous-login.yaml:da3402a791529b5521e14fceafe0f0084bb4c9d2 network/default-login/ftp-weak-credentials.yaml:c0cf4a3227435e117de922b08ad77edebf6304a5 @@ -7959,7 +7963,7 @@ ssl/tls-version.yaml:4e40f08efbb39172b9280ea9e26ca5f0a14a575a ssl/untrusted-root-certificate.yaml:a91d36990a1d052f5ee64d170ad8f084d38dab19 ssl/weak-cipher-suites.yaml:62fe808d9dfafda67c410e6cb9445fdc70257e89 ssl/wildcard-tls.yaml:f1d29ec45ddad271d388c2e8fc28026fc24a04a4 -templates-checksum.txt:f5787843057a21375f03c72553e68cc3e4f0149d +templates-checksum.txt:966c81983bcd21d235e3044ac02e71abeb147329 wappalyzer-mapping.yml:7f03bd65baacac20c1dc6bbf35ff2407959574f1 workflows/74cms-workflow.yaml:bb010e767ad32b906153e36ea618be545b4e22d0 workflows/acrolinx-workflow.yaml:8434089bb55dec3d7b2ebc6a6f340e73382dd0c4