diff --git a/cnvd/2021/CNVD-2021-10543.yaml b/cnvd/2021/CNVD-2021-10543.yaml index 2ff27e9afd..0611b057c6 100644 --- a/cnvd/2021/CNVD-2021-10543.yaml +++ b/cnvd/2021/CNVD-2021-10543.yaml @@ -4,12 +4,12 @@ info: name: EEA - Information Disclosure author: pikpikcu severity: high - description: EEA is susceptible to information disclosure. + description: EEA is susceptible to information disclosure including the username and password. reference: - https://www.cnvd.org.cn/flaw/show/CNVD-2021-10543 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 cwe-id: CWE-200 tags: config,exposure,cnvd,cnvd2021 diff --git a/default-logins/lutron/lutron-default-login.yaml b/default-logins/lutron/lutron-default-login.yaml index e881d1a524..31d85fb6ed 100644 --- a/default-logins/lutron/lutron-default-login.yaml +++ b/default-logins/lutron/lutron-default-login.yaml @@ -1,17 +1,17 @@ id: lutron-default-login info: - name: Lutron - Default Login + name: Lutron - Default Account author: geeknik - severity: high + severity: critical description: Multiple Lutron devices contain a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. reference: - https://www.lutron.com - https://vulners.com/openvas/OPENVAS:1361412562310113206 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N - cvss-score: 5.8 - cwe-id: CWE-522 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cwe-id: CWE-1391 tags: default-login,lutron,iot requests: diff --git a/default-logins/ruckus/ruckus-wireless-default-login.yaml b/default-logins/ruckus/ruckus-wireless-default-login.yaml index 1c0413f3d6..3aafac340c 100644 --- a/default-logins/ruckus/ruckus-wireless-default-login.yaml +++ b/default-logins/ruckus/ruckus-wireless-default-login.yaml @@ -8,9 +8,9 @@ info: reference: - https://docs.commscope.com/bundle/fastiron-08092-securityguide/page/GUID-32D3BB01-E600-4FBE-B555-7570B5024D34.html classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cwe-id: CWE-1391 metadata: verified: true shodan-query: title:"ruckus" diff --git a/exposed-panels/mybb/mybb-forum-install.yaml b/exposed-panels/mybb/mybb-forum-install.yaml index 776485cdea..c4d0e1ba25 100644 --- a/exposed-panels/mybb/mybb-forum-install.yaml +++ b/exposed-panels/mybb/mybb-forum-install.yaml @@ -3,11 +3,11 @@ id: mybb-forum-install info: name: MyBB Installation Panel - Detect author: ritikchaddha - severity: high + severity: info description: MyBB installation panel was detected. classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 cwe-id: CWE-200 metadata: verified: true diff --git a/exposed-panels/osticket/osticket-install.yaml b/exposed-panels/osticket/osticket-install.yaml index 599affb6d8..bef50b8430 100644 --- a/exposed-panels/osticket/osticket-install.yaml +++ b/exposed-panels/osticket/osticket-install.yaml @@ -3,12 +3,12 @@ id: osticket-install info: name: osTicket Installer Panel - Detect author: ritikchaddha - severity: high + severity: critical description: osTicket installer panel was detected. classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 - cwe-id: CWE-200 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H + cvss-score: 9.4 + cwe-id: CWE-284 metadata: verified: true shodan-query: http.title:"osTicket Installer" diff --git a/exposed-panels/saltstack-config-panel.yaml b/exposed-panels/saltstack-config-panel.yaml index 63b8ec6baf..8d050659fe 100644 --- a/exposed-panels/saltstack-config-panel.yaml +++ b/exposed-panels/saltstack-config-panel.yaml @@ -1,34 +1,34 @@ -id: saltstack-config-panel - -info: - name: SaltStack Config Panel - Detect - author: pussycat0x - severity: info - description: | - SaltStack config panel was detected. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cwe-id: CWE-200 - metadata: - verified: true - shodan-query: title:"SaltStack Config" - tags: panel,vmware,login,saltstack - -requests: - - method: GET - path: - - "{{BaseURL}}/login" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - "SaltStack Config" - - - type: status - status: - - 200 - -# Enhanced by cs 01/26/2023 +id: saltstack-config-panel + +info: + name: SaltStack Config Panel - Detect + author: pussycat0x + severity: info + description: | + SaltStack config panel was detected. + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 + metadata: + verified: true + shodan-query: title:"SaltStack Config" + tags: panel,vmware,login,saltstack + +requests: + - method: GET + path: + - "{{BaseURL}}/login" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "SaltStack Config" + + - type: status + status: + - 200 + +# Enhanced by cs 01/26/2023 diff --git a/exposed-panels/solr-panel-exposure.yaml b/exposed-panels/solr-panel-exposure.yaml index 4d324ebebb..1dba8f964c 100644 --- a/exposed-panels/solr-panel-exposure.yaml +++ b/exposed-panels/solr-panel-exposure.yaml @@ -6,8 +6,8 @@ info: severity: info description: Apache Solr admin panel was detected. classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L - cvss-score: 8.6 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 cwe-id: CWE-200 metadata: verified: true diff --git a/exposed-panels/wagtail-cms-detect.yaml b/exposed-panels/wagtail-cms-detect.yaml index 9826a08d88..e3d90025b7 100644 --- a/exposed-panels/wagtail-cms-detect.yaml +++ b/exposed-panels/wagtail-cms-detect.yaml @@ -1,35 +1,35 @@ -id: wagtail-login - -info: - name: Wagtail Login - Detect - author: kishore-hariram - severity: info - description: The Wagtail panel has been detected. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cwe-id: CWE-200 - metadata: - verified: true - shodan-query: title:"Wagtail - Sign in" - tags: panel,wagtail - -requests: - - method: GET - path: - - '{{BaseURL}}/login/?next=/' - - '{{BaseURL}}/admin/login/?next=/admin/' - - stop-at-first-match: true - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'Wagtail - Sign in' - - - type: status - status: - - 200 - -# Enhanced by cs 01/23/2023 +id: wagtail-login + +info: + name: Wagtail Login - Detect + author: kishore-hariram + severity: info + description: The Wagtail panel has been detected. + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 + metadata: + verified: true + shodan-query: title:"Wagtail - Sign in" + tags: panel,wagtail + +requests: + - method: GET + path: + - '{{BaseURL}}/login/?next=/' + - '{{BaseURL}}/admin/login/?next=/admin/' + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Wagtail - Sign in' + + - type: status + status: + - 200 + +# Enhanced by cs 01/23/2023 diff --git a/exposures/apis/couchbase-buckets-api.yaml b/exposures/apis/couchbase-buckets-api.yaml index 07efae68fe..621f7ddc44 100644 --- a/exposures/apis/couchbase-buckets-api.yaml +++ b/exposures/apis/couchbase-buckets-api.yaml @@ -3,7 +3,7 @@ id: couchbase-buckets-api info: name: Couchbase Buckets Unauthenticated REST API - Detect author: geeknik - severity: info + severity: medium description: Couchbase Buckets REST API without authentication was detected. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N diff --git a/exposures/configs/django-variables-exposed.yaml b/exposures/configs/django-variables-exposed.yaml index a9977d64a1..762ac9e457 100644 --- a/exposures/configs/django-variables-exposed.yaml +++ b/exposures/configs/django-variables-exposed.yaml @@ -10,9 +10,9 @@ info: - https://docs.djangoproject.com/en/1.11/topics/logging/#django-security - https://github.com/projectdiscovery/nuclei-templates/blob/master/file/logs/django-framework- classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 - cwe-id: CWE-200exceptions.yaml + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true tags: exposure,config,django diff --git a/exposures/configs/gruntfile-exposure.yaml b/exposures/configs/gruntfile-exposure.yaml index 2590cb51c8..3c1c7385cb 100644 --- a/exposures/configs/gruntfile-exposure.yaml +++ b/exposures/configs/gruntfile-exposure.yaml @@ -8,8 +8,8 @@ info: reference: - https://gruntjs.com/sample-gruntfile classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 cwe-id: CWE-200 tags: config,exposure diff --git a/exposures/configs/htpasswd-detection.yaml b/exposures/configs/htpasswd-detection.yaml index 04ec97f20d..e5d12ff0f9 100644 --- a/exposures/configs/htpasswd-detection.yaml +++ b/exposures/configs/htpasswd-detection.yaml @@ -3,12 +3,12 @@ id: htpasswd-detection info: name: Apache htpasswd Config - Detect author: geeknik - severity: info + severity: high description: Apache htpasswd configuration was detected. reference: https://httpd.apache.org/docs/current/programs/htpasswd.html classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 cwe-id: CWE-200 tags: config,exposure diff --git a/exposures/configs/httpd-config.yaml b/exposures/configs/httpd-config.yaml index 952c595e59..e3302df816 100644 --- a/exposures/configs/httpd-config.yaml +++ b/exposures/configs/httpd-config.yaml @@ -7,8 +7,8 @@ info: description: Apache httpd configuration information was detected. reference: https://httpd.apache.org/docs/current/configuring.html classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 cwe-id: CWE-200 tags: config,exposure,httpd diff --git a/exposures/configs/jetbrains-datasources.yaml b/exposures/configs/jetbrains-datasources.yaml index 4df809a4ca..1c3f634a9d 100644 --- a/exposures/configs/jetbrains-datasources.yaml +++ b/exposures/configs/jetbrains-datasources.yaml @@ -7,8 +7,8 @@ info: description: Jetbrains IDE DataSources configuration information was detected. reference: https://www.jetbrains.com classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 cwe-id: CWE-200 tags: config,exposure,jetbrains diff --git a/exposures/configs/keycloak-openid-config.yaml b/exposures/configs/keycloak-openid-config.yaml index 9ae6814c0b..c75ffc8fcb 100644 --- a/exposures/configs/keycloak-openid-config.yaml +++ b/exposures/configs/keycloak-openid-config.yaml @@ -8,8 +8,8 @@ info: reference: - https://issues.jboss.org/browse/KEYCLOAK-571 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 cwe-id: CWE-200 tags: keycloak,config diff --git a/exposures/configs/netbeans-config.yaml b/exposures/configs/netbeans-config.yaml index f7dc0d70b3..d9cdd2c220 100644 --- a/exposures/configs/netbeans-config.yaml +++ b/exposures/configs/netbeans-config.yaml @@ -8,8 +8,8 @@ info: reference: - https://netbeans.apache.org/ classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 cwe-id: CWE-200 tags: netbeans,config,exposure diff --git a/exposures/configs/owncloud-config.yaml b/exposures/configs/owncloud-config.yaml index a6b8fc5498..af86d254e7 100644 --- a/exposures/configs/owncloud-config.yaml +++ b/exposures/configs/owncloud-config.yaml @@ -8,8 +8,8 @@ info: reference: - https://owncloud.com/ classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 cwe-id: CWE-200 tags: config,exposure diff --git a/exposures/configs/package-json.yaml b/exposures/configs/package-json.yaml index 353f4e168b..da0a7bd47d 100644 --- a/exposures/configs/package-json.yaml +++ b/exposures/configs/package-json.yaml @@ -7,8 +7,8 @@ info: description: npm configuration information was detected. All npm packages contain a file, usually in the project root, called package.json - this file holds various metadata relevant to the project. reference: https://www.npmjs.com classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 cwe-id: CWE-200 tags: config,exposure diff --git a/exposures/configs/phpsec-config.yaml b/exposures/configs/phpsec-config.yaml index d9c85917bd..83b6d7330c 100644 --- a/exposures/configs/phpsec-config.yaml +++ b/exposures/configs/phpsec-config.yaml @@ -7,8 +7,8 @@ info: description: phpspec configuration information was detected. reference: https://phpspec.net/en/stable/cookbook/configuration.html classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 cwe-id: CWE-200 metadata: verified: true diff --git a/exposures/configs/pipfile-config.yaml b/exposures/configs/pipfile-config.yaml index edd88b250a..830eabcfef 100644 --- a/exposures/configs/pipfile-config.yaml +++ b/exposures/configs/pipfile-config.yaml @@ -7,8 +7,8 @@ info: description: Pipfile configuration information was detected. reference: https://pypi.org/project classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 cwe-id: CWE-200 metadata: verified: true diff --git a/exposures/configs/rubocop-config.yaml b/exposures/configs/rubocop-config.yaml index 592a2e6fce..fc756ee6ca 100644 --- a/exposures/configs/rubocop-config.yaml +++ b/exposures/configs/rubocop-config.yaml @@ -9,8 +9,8 @@ info: - https://raw.githubusercontent.com/maurosoria/dirsearch/master/db/dicc.txt - https://github.com/rubocop/rubocop classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 cwe-id: CWE-200 metadata: verified: true diff --git a/iot/lutron-iot-default-login.yaml b/iot/lutron-iot-default-login.yaml index 2930155349..4409fcb894 100644 --- a/iot/lutron-iot-default-login.yaml +++ b/iot/lutron-iot-default-login.yaml @@ -3,7 +3,7 @@ id: lutron-iot-default-login info: name: Lutron IOT Device Default Login Panel - Detect author: geeknik - severity: high + severity: info description: Lutron IOT Device Default login panel was detected. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N diff --git a/miscellaneous/addeventlistener-detect.yaml b/miscellaneous/addeventlistener-detect.yaml deleted file mode 100644 index 379295999f..0000000000 --- a/miscellaneous/addeventlistener-detect.yaml +++ /dev/null @@ -1,27 +0,0 @@ -id: addeventlistener-detect - -info: - name: DOM EventListener - Cross-Site Scripting - author: yavolo,dwisiswant0 - severity: info - description: EventListener contains a cross-site scripting vulnerability via the document object model (DOM). An attacker can execute arbitrary script which can then allow theft of cookie-based authentication credentials and launch of other attacks. - reference: - - https://portswigger.net/web-security/dom-based/controlling-the-web-message-source - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 - tags: xss,misc - -requests: - - method: GET - path: - - "{{BaseURL}}" - - matchers: - - type: regex - part: body - regex: - - (([\w\_]+)\.)?add[Ee]vent[Ll]istener\(["']?[\w\_]+["']? # Test cases: https://www.regextester.com/?fam=121118 - -# Enhanced by md on 2022/09/19 diff --git a/misconfiguration/command-api-explorer.yaml b/misconfiguration/command-api-explorer.yaml index e05ac147d5..128e0a0df3 100644 --- a/misconfiguration/command-api-explorer.yaml +++ b/misconfiguration/command-api-explorer.yaml @@ -3,7 +3,7 @@ id: command-api-explorer info: name: Command API Explorer Panel - Detect author: DhiyaneshDK - severity: low + severity: info description: Command API Explorer panel was detected. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N diff --git a/misconfiguration/dgraph-dashboard-exposure.yaml b/misconfiguration/dgraph-dashboard-exposure.yaml index 0e5f5b4761..8a03a540fb 100644 --- a/misconfiguration/dgraph-dashboard-exposure.yaml +++ b/misconfiguration/dgraph-dashboard-exposure.yaml @@ -3,7 +3,7 @@ id: dgraph-dashboard-exposure info: name: Dgraph Ratel Dashboard Exposure Panel - Detect author: dhiyaneshDk - severity: low + severity: info description: Dgraph Ratel Dashboard Exposure panel was detected. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N diff --git a/misconfiguration/iot-vdme-simulator.yaml b/misconfiguration/iot-vdme-simulator.yaml index 93e0a96f87..8dbd9f46c3 100644 --- a/misconfiguration/iot-vdme-simulator.yaml +++ b/misconfiguration/iot-vdme-simulator.yaml @@ -3,7 +3,7 @@ id: iot-vdme-simulator info: name: IoT vDME Simulator Panel - Detect author: tess - severity: low + severity: info description: | loT vDME Simulator panel was detected. Exposure IoT vDME Simulator panel allows anonymous access to create new Items. classification: diff --git a/misconfiguration/office365-open-redirect.yaml b/misconfiguration/office365-open-redirect.yaml index aab0e5467e..0c4385535e 100644 --- a/misconfiguration/office365-open-redirect.yaml +++ b/misconfiguration/office365-open-redirect.yaml @@ -3,9 +3,9 @@ id: office365-open-redirect info: name: Office365 Autodiscover - Open Redirect author: dhiyaneshDk - severity: low + severity: medium description: Office365 Autodiscover contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. - remediation: See https://learn.microsoft.com/en-us/outlook/troubleshoot/connectivity/how-to-suppress-autodiscover-redirect-warning for a workaround. + remediation: See the workaround detailed in the Medium post in the references. reference: - https://medium.com/@heinjame/office365-open-redirect-from-autodiscover-64284d26c168 classification: diff --git a/misconfiguration/pghero-dashboard-exposure.yaml b/misconfiguration/pghero-dashboard-exposure.yaml index 601b4dc326..c9203500e9 100644 --- a/misconfiguration/pghero-dashboard-exposure.yaml +++ b/misconfiguration/pghero-dashboard-exposure.yaml @@ -3,7 +3,7 @@ id: pghero-dashboard-exposure info: name: PgHero Dashboard Exposure Panel - Detect author: DhiyaneshDk - severity: low + severity: info description: PgHero Dashboard Exposure panel was detected. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N diff --git a/misconfiguration/unauth-fastvue-dashboard.yaml b/misconfiguration/unauth-fastvue-dashboard.yaml index 5121faff54..256d324fd5 100644 --- a/misconfiguration/unauth-fastvue-dashboard.yaml +++ b/misconfiguration/unauth-fastvue-dashboard.yaml @@ -6,8 +6,8 @@ info: severity: medium description: Fastvue Dashboard panel was detected without authentication. classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 cwe-id: CWE-200 metadata: verified: true diff --git a/network/mysql-native-password.yaml b/network/mysql-native-password.yaml index 84c01a362e..f002924116 100644 --- a/network/mysql-native-password.yaml +++ b/network/mysql-native-password.yaml @@ -8,8 +8,8 @@ info: reference: - https://github.com/Tinram/MySQL-Brute classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 cwe-id: CWE-200 tags: network,mysql,bruteforce,db diff --git a/vulnerabilities/gnuboard/gnuboard-sms-xss.yaml b/vulnerabilities/gnuboard/gnuboard-sms-xss.yaml index 21bad6a887..1020962baf 100644 --- a/vulnerabilities/gnuboard/gnuboard-sms-xss.yaml +++ b/vulnerabilities/gnuboard/gnuboard-sms-xss.yaml @@ -9,9 +9,9 @@ info: - https://sir.kr/g5_pds/4788?page=5 - https://github.com/gnuboard/gnuboard5/commit/8182cac90d2ee2f9da06469ecba759170e782ee3 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 metadata: verified: true shodan-query: http.html:"Gnuboard" diff --git a/vulnerabilities/gnuboard/gnuboard5-rxss.yaml b/vulnerabilities/gnuboard/gnuboard5-rxss.yaml index f5622ae8d1..9b96cdd9e2 100644 --- a/vulnerabilities/gnuboard/gnuboard5-rxss.yaml +++ b/vulnerabilities/gnuboard/gnuboard5-rxss.yaml @@ -10,9 +10,9 @@ info: - https://huntr.dev/bounties/ed317cde-9bd1-429e-b6d3-547e72534dd5/ - https://vulners.com/huntr/25775287-88CD-4F00-B978-692D627DFF04 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 metadata: verified: true shodan-query: http.html:"gnuboard5" diff --git a/vulnerabilities/gnuboard/gnuboard5-xss.yaml b/vulnerabilities/gnuboard/gnuboard5-xss.yaml index 8bc27e5a80..3dc6e2361c 100644 --- a/vulnerabilities/gnuboard/gnuboard5-xss.yaml +++ b/vulnerabilities/gnuboard/gnuboard5-xss.yaml @@ -9,9 +9,9 @@ info: reference: - https://huntr.dev/bounties/ad2a9b32-fe6c-43e9-9b05-2c77c58dde6a/ classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 metadata: verified: true shodan-query: http.html:"gnuboard5" diff --git a/vulnerabilities/moodle/moodle-filter-jmol-xss.yaml b/vulnerabilities/moodle/moodle-filter-jmol-xss.yaml index d60d37ee18..80325a621e 100644 --- a/vulnerabilities/moodle/moodle-filter-jmol-xss.yaml +++ b/vulnerabilities/moodle/moodle-filter-jmol-xss.yaml @@ -8,9 +8,9 @@ info: reference: - https://www.dionach.com/blog/moodle-jmol-plugin-multiple-vulnerabilities/ classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: moodle,xss requests: diff --git a/vulnerabilities/moodle/moodle-xss.yaml b/vulnerabilities/moodle/moodle-xss.yaml index e94f6bb292..c48123110c 100644 --- a/vulnerabilities/moodle/moodle-xss.yaml +++ b/vulnerabilities/moodle/moodle-xss.yaml @@ -9,9 +9,9 @@ info: - https://twitter.com/JacksonHHax/status/1391367064154042377 - https://nvd.nist.gov/vuln/detail/CVE-2021-32478 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: moodle,xss requests: diff --git a/vulnerabilities/other/carrental-xss.yaml b/vulnerabilities/other/carrental-xss.yaml index a41c5c03fa..c9bf66f528 100644 --- a/vulnerabilities/other/carrental-xss.yaml +++ b/vulnerabilities/other/carrental-xss.yaml @@ -10,9 +10,9 @@ info: - https://www.exploit-db.com/exploits/49546 - https://www.sourcecodester.com/ classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 metadata: verified: true shodan-query: http.html:"Car Rental Management System" diff --git a/vulnerabilities/other/kavita-lfi.yaml b/vulnerabilities/other/kavita-lfi.yaml index b5fcb55af3..71cdc28a0d 100644 --- a/vulnerabilities/other/kavita-lfi.yaml +++ b/vulnerabilities/other/kavita-lfi.yaml @@ -3,7 +3,7 @@ id: kavita-lfi info: name: Kavita - Local File Inclusion author: arafatansari - severity: medium + severity: high description: | Kavita - Path Traversal is vulnerable to local file inclusion via abusing the Path Traversal filename parameter of the /api/image/cover-upload. reference: diff --git a/vulnerabilities/other/keycloak-xss.yaml b/vulnerabilities/other/keycloak-xss.yaml index 146a86ec34..db58a6edaf 100644 --- a/vulnerabilities/other/keycloak-xss.yaml +++ b/vulnerabilities/other/keycloak-xss.yaml @@ -3,14 +3,14 @@ id: keycloak-xss info: name: Keycloak <= 8.0 - Cross-Site Scripting author: incogbyte - severity: info + severity: medium description: Keycloak 8.0 and prior contains a cross-site scripting vulnerability. An attacker can execute arbitrary script and thus steal cookie-based authentication credentials and launch other attacks. reference: - https://cure53.de/pentest-report_keycloak.pdf classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: keycloak,xss requests: diff --git a/vulnerabilities/squirrelmail/squirrelmail-add-xss.yaml b/vulnerabilities/squirrelmail/squirrelmail-add-xss.yaml index 23454649c2..9bc2733e7f 100644 --- a/vulnerabilities/squirrelmail/squirrelmail-add-xss.yaml +++ b/vulnerabilities/squirrelmail/squirrelmail-add-xss.yaml @@ -8,9 +8,9 @@ info: reference: - https://www.exploit-db.com/exploits/26305 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: edb,xss,squirrelmail,plugin requests: diff --git a/vulnerabilities/squirrelmail/squirrelmail-vkeyboard-xss.yaml b/vulnerabilities/squirrelmail/squirrelmail-vkeyboard-xss.yaml index 6c0d22199b..c5382ede64 100644 --- a/vulnerabilities/squirrelmail/squirrelmail-vkeyboard-xss.yaml +++ b/vulnerabilities/squirrelmail/squirrelmail-vkeyboard-xss.yaml @@ -8,9 +8,9 @@ info: reference: - https://www.exploit-db.com/exploits/34814 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: xss,squirrelmail,plugin,edb requests: diff --git a/vulnerabilities/weaver/ecology/ecology-arbitrary-file-upload.yaml b/vulnerabilities/weaver/ecology/ecology-arbitrary-file-upload.yaml index 4af9d1deb9..23f5c33a4c 100644 --- a/vulnerabilities/weaver/ecology/ecology-arbitrary-file-upload.yaml +++ b/vulnerabilities/weaver/ecology/ecology-arbitrary-file-upload.yaml @@ -3,13 +3,13 @@ id: ecology-arbitrary-file-upload info: name: Ecology - Arbitrary File Upload author: ritikchaddha - severity: medium + severity: critical description: Ecology contains an arbitrary file upload vulnerability. An attacker can upload arbitrary files to the server, which in turn can be used to make the application execute file content as code, As a result, an attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized operations. reference: - https://mp.weixin.qq.com/s/wH5luLISE_G381W2ssv93g classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - cvss-score: 8.8 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cwe-id: CWE-434 metadata: fofa-query: app="泛微-协同办公OA" diff --git a/vulnerabilities/wordpress/404-to-301-xss.yaml b/vulnerabilities/wordpress/404-to-301-xss.yaml index 8b83ef8a27..18a4207981 100644 --- a/vulnerabilities/wordpress/404-to-301-xss.yaml +++ b/vulnerabilities/wordpress/404-to-301-xss.yaml @@ -9,9 +9,9 @@ info: - https://wpscan.com/vulnerability/4a310b4f-79fa-4b74-93f8-e4522921abe1 - https://wordpress.org/plugins/404-to-301 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: wpscan,wp-plugin,xss,wp,wordpress,authenticated requests: diff --git a/vulnerabilities/wordpress/analytify-plugin-xss.yaml b/vulnerabilities/wordpress/analytify-plugin-xss.yaml index d4547f82d2..2c3483159e 100644 --- a/vulnerabilities/wordpress/analytify-plugin-xss.yaml +++ b/vulnerabilities/wordpress/analytify-plugin-xss.yaml @@ -12,9 +12,9 @@ info: verified: true google-query: inurl:/wp-content/plugins/wp-analytify classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: wp,wordpress,analytify,wpscan,wp-plugin,xss requests: diff --git a/vulnerabilities/wordpress/avchat-video-chat-xss.yaml b/vulnerabilities/wordpress/avchat-video-chat-xss.yaml index 0feaccd61a..83edeb64d3 100644 --- a/vulnerabilities/wordpress/avchat-video-chat-xss.yaml +++ b/vulnerabilities/wordpress/avchat-video-chat-xss.yaml @@ -12,9 +12,9 @@ info: metadata: verified: true classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: xss,,wp,wpscan,wordpress,wp-plugin diff --git a/vulnerabilities/wordpress/calameo-publications-xss.yaml b/vulnerabilities/wordpress/calameo-publications-xss.yaml index cd0c040307..a49a775dc0 100644 --- a/vulnerabilities/wordpress/calameo-publications-xss.yaml +++ b/vulnerabilities/wordpress/calameo-publications-xss.yaml @@ -13,9 +13,9 @@ info: metadata: verified: true classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: wordpress,wp-plugin,xss,wp,wpscan requests: diff --git a/vulnerabilities/wordpress/checkout-fields-manager-xss.yaml b/vulnerabilities/wordpress/checkout-fields-manager-xss.yaml index c432420d9e..b27172ecdb 100644 --- a/vulnerabilities/wordpress/checkout-fields-manager-xss.yaml +++ b/vulnerabilities/wordpress/checkout-fields-manager-xss.yaml @@ -11,9 +11,9 @@ info: metadata: verified: true classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: xss,wp,wordpress,authenticated,woocommerce,wpscan,wp-plugin requests: diff --git a/vulnerabilities/wordpress/clearfy-cache-xss.yaml b/vulnerabilities/wordpress/clearfy-cache-xss.yaml index 2ec2d9d0af..ccab8047ba 100644 --- a/vulnerabilities/wordpress/clearfy-cache-xss.yaml +++ b/vulnerabilities/wordpress/clearfy-cache-xss.yaml @@ -9,9 +9,9 @@ info: - https://wpscan.com/vulnerability/a59e7102-13d6-4f1e-b7b1-75eae307e516 - https://wordpress.org/plugins/clearfy classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: xss,wp,wordpress,authenticated,clearfy-cache,wpscan,wp-plugin requests: diff --git a/vulnerabilities/wordpress/curcy-xss.yaml b/vulnerabilities/wordpress/curcy-xss.yaml index c6a2793e0a..53370854c0 100644 --- a/vulnerabilities/wordpress/curcy-xss.yaml +++ b/vulnerabilities/wordpress/curcy-xss.yaml @@ -11,9 +11,9 @@ info: metadata: verified: true classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: wp-plugin,xss,wp,wordpress,authenticated,curcy,wpscan requests: diff --git a/vulnerabilities/wordpress/flow-flow-social-stream-xss.yaml b/vulnerabilities/wordpress/flow-flow-social-stream-xss.yaml index c1341f0c0f..d166572954 100644 --- a/vulnerabilities/wordpress/flow-flow-social-stream-xss.yaml +++ b/vulnerabilities/wordpress/flow-flow-social-stream-xss.yaml @@ -8,9 +8,9 @@ info: reference: - https://wpscan.com/vulnerability/8354b34e-40f4-4b70-bb09-38e2cf572ce9 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: xss,wordpress,wpscan requests: diff --git a/vulnerabilities/wordpress/members-list-xss.yaml b/vulnerabilities/wordpress/members-list-xss.yaml index dfe1948ff2..87a679464b 100644 --- a/vulnerabilities/wordpress/members-list-xss.yaml +++ b/vulnerabilities/wordpress/members-list-xss.yaml @@ -8,9 +8,9 @@ info: reference: - https://wpscan.com/vulnerability/d13f26f0-5d91-49d7-b514-1577d4247648 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: wp,wordpress,wp-plugin,xss,wpscan requests: diff --git a/vulnerabilities/wordpress/modula-image-gallery-xss.yaml b/vulnerabilities/wordpress/modula-image-gallery-xss.yaml index bff1ede706..1a9c889ee6 100644 --- a/vulnerabilities/wordpress/modula-image-gallery-xss.yaml +++ b/vulnerabilities/wordpress/modula-image-gallery-xss.yaml @@ -11,9 +11,9 @@ info: metadata: verified: true classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: authenticated,wpscan,wp-plugin,xss,wp,wordpress requests: diff --git a/vulnerabilities/wordpress/new-user-approve-xss.yaml b/vulnerabilities/wordpress/new-user-approve-xss.yaml index a563667db3..8dce77653e 100644 --- a/vulnerabilities/wordpress/new-user-approve-xss.yaml +++ b/vulnerabilities/wordpress/new-user-approve-xss.yaml @@ -11,9 +11,9 @@ info: metadata: verified: true classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: wordpress,xss,authenticated,wp-plugin,wpscan,wp requests: diff --git a/vulnerabilities/wordpress/sassy-social-share.yaml b/vulnerabilities/wordpress/sassy-social-share.yaml index f7790fbc98..d3ca7db429 100644 --- a/vulnerabilities/wordpress/sassy-social-share.yaml +++ b/vulnerabilities/wordpress/sassy-social-share.yaml @@ -9,9 +9,9 @@ info: reference: - https://wpscan.com/vulnerability/4631519b-2060-43a0-b69b-b3d7ed94c705 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: xss,wp,wpscan,wordpress,wp-plugin,sassy requests: diff --git a/vulnerabilities/wordpress/seo-redirection-xss.yaml b/vulnerabilities/wordpress/seo-redirection-xss.yaml index 663d14f2e2..1e5a50c5f0 100644 --- a/vulnerabilities/wordpress/seo-redirection-xss.yaml +++ b/vulnerabilities/wordpress/seo-redirection-xss.yaml @@ -10,9 +10,9 @@ info: reference: - https://wpscan.com/vulnerability/b694b9c0-a367-468c-99c2-6ba35bcf21ea classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: wordpress,xss,wp-plugin,authenticated,wpscan requests: diff --git a/vulnerabilities/wordpress/shortpixel-image-optimizer-xss.yaml b/vulnerabilities/wordpress/shortpixel-image-optimizer-xss.yaml index 04d9bb9eb8..dedabfb94c 100644 --- a/vulnerabilities/wordpress/shortpixel-image-optimizer-xss.yaml +++ b/vulnerabilities/wordpress/shortpixel-image-optimizer-xss.yaml @@ -11,9 +11,9 @@ info: metadata: verified: true classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: shortpixel,authenticated,wpscan,xss,wp-plugin,wp,wordpress requests: diff --git a/vulnerabilities/wordpress/woocommerce-pdf-invoices-xss.yaml b/vulnerabilities/wordpress/woocommerce-pdf-invoices-xss.yaml index b16d64dcae..761ce389b7 100644 --- a/vulnerabilities/wordpress/woocommerce-pdf-invoices-xss.yaml +++ b/vulnerabilities/wordpress/woocommerce-pdf-invoices-xss.yaml @@ -9,9 +9,9 @@ info: - https://wpscan.com/vulnerability/bc05dde0-98a2-46e3-b2c8-7bdc8c32394b - https://wordpress.org/plugins/woocommerce-pdf-invoices-packing-slips/ classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: xss,wp,wordpress,woocommerce,authenticated,wpscan,wp-plugin requests: diff --git a/vulnerabilities/wordpress/wordpress-wordfence-waf-bypass-xss.yaml b/vulnerabilities/wordpress/wordpress-wordfence-waf-bypass-xss.yaml index 476f3602f1..ac36d3ec28 100644 --- a/vulnerabilities/wordpress/wordpress-wordfence-waf-bypass-xss.yaml +++ b/vulnerabilities/wordpress/wordpress-wordfence-waf-bypass-xss.yaml @@ -8,9 +8,9 @@ info: reference: - https://twitter.com/naglinagli/status/1382082473744564226 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: wordpress,wordfence,xss,bypass requests: diff --git a/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml b/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml index 9fc4199fee..9696a352c9 100644 --- a/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml +++ b/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml @@ -6,9 +6,9 @@ info: severity: medium description: WordPress Wordfence 7.4.6 is vulnerable to cross-site scripting. classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: wordpress,wp-plugin,xss,wordfence requests: diff --git a/vulnerabilities/wordpress/wordpress-zebra-form-xss.yaml b/vulnerabilities/wordpress/wordpress-zebra-form-xss.yaml index 254120356e..f9e840daba 100644 --- a/vulnerabilities/wordpress/wordpress-zebra-form-xss.yaml +++ b/vulnerabilities/wordpress/wordpress-zebra-form-xss.yaml @@ -10,9 +10,9 @@ info: - https://blog.wpscan.com/2021/02/15/zebra-form-xss-wordpress-vulnerability-affects-multiple-plugins.html - https://wpscan.com/vulnerability/e4b796fa-3215-43ff-a6aa-71f6e1db25e5 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: wordpress,xss,wp,wpscan requests: diff --git a/vulnerabilities/wordpress/wp-all-export-xss.yaml b/vulnerabilities/wordpress/wp-all-export-xss.yaml index 3eb71ebc08..af05459785 100644 --- a/vulnerabilities/wordpress/wp-all-export-xss.yaml +++ b/vulnerabilities/wordpress/wp-all-export-xss.yaml @@ -10,9 +10,9 @@ info: reference: - https://wpscan.com/vulnerability/de330a59-d64d-40be-86df-98997949e5e4 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: wp-plugin,xss,wp,wordpress,authenticated,wpscan requests: diff --git a/vulnerabilities/wordpress/wp-ambience-xss.yaml b/vulnerabilities/wordpress/wp-ambience-xss.yaml index 40c9e68bfc..0b12226038 100644 --- a/vulnerabilities/wordpress/wp-ambience-xss.yaml +++ b/vulnerabilities/wordpress/wp-ambience-xss.yaml @@ -10,9 +10,9 @@ info: - https://www.exploit-db.com/expl oits/38568 - https://wpscan.com/vulnerability/c465e5c1-fe43-40e9-894a-97b8ac462381 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: wp-plugin,wp,edb,wpscan,wordpress,xss requests: diff --git a/vulnerabilities/wordpress/wp-code-snippets-xss.yaml b/vulnerabilities/wordpress/wp-code-snippets-xss.yaml index 0484b78dae..d1b41162c4 100644 --- a/vulnerabilities/wordpress/wp-code-snippets-xss.yaml +++ b/vulnerabilities/wordpress/wp-code-snippets-xss.yaml @@ -8,9 +8,9 @@ info: reference: - https://www.securify.nl/en/advisory/cross-site-scripting-in-code-snippets-wordpress-plugin/ classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: wordpress,xss,wp-plugin,authenticated requests: