From 2d86242a2da1ca6b5abd8978021926a2601abc45 Mon Sep 17 00:00:00 2001
From: sullo <sullo@cirt.net>
Date: Mon, 27 Mar 2023 09:37:36 -0400
Subject: [PATCH] dashboard gremlins

---
 cves/2015/CVE-2015-9312.yaml  | 2 +-
 cves/2021/CVE-2021-24155.yaml | 1 +
 cves/2021/CVE-2021-24347.yaml | 4 ++++
 3 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/cves/2015/CVE-2015-9312.yaml b/cves/2015/CVE-2015-9312.yaml
index e01780289d..8328a5eff8 100644
--- a/cves/2015/CVE-2015-9312.yaml
+++ b/cves/2015/CVE-2015-9312.yaml
@@ -5,7 +5,7 @@ info:
   author: r3Y3r53
   severity: medium
   description: |
-    WordPress NewStatPress plugin through 1.0.4 contains a cross-site scripting vulnerability. The plugin utilizes, on lines 28 and 31 of the file âincludes/nsp_search.phpâ, several variables from the $_GET scope without sanitation. While WordPress automatically escapes quotes on this scope, the outputs on these lines are outside of quotes, and as such can be utilized to initiate a cross-site scripting attack.
+    WordPress NewStatPress plugin through 1.0.4 contains a cross-site scripting vulnerability. The plugin utilizes, on lines 28 and 31 of the file "includes/nsp_search.php", several variables from the $_GET scope without sanitation. While WordPress automatically escapes quotes on this scope, the outputs on these lines are outside of quotes, and as such can be utilized to initiate a cross-site scripting attack.
   reference:
     - https://wpscan.com/vulnerability/46bf6c69-b612-4aee-965d-91f53f642054
     - https://g0blin.co.uk/g0blin-00057/
diff --git a/cves/2021/CVE-2021-24155.yaml b/cves/2021/CVE-2021-24155.yaml
index 36427fd6e6..44ea4c8696 100644
--- a/cves/2021/CVE-2021-24155.yaml
+++ b/cves/2021/CVE-2021-24155.yaml
@@ -55,6 +55,7 @@ requests:
         GET /wp-content/uploads/backup-guard/{{randstr}}.php HTTP/1.1
         Host: {{Hostname}}
 
+
     req-condition: true
     cookie-reuse: true
     matchers-condition: and
diff --git a/cves/2021/CVE-2021-24347.yaml b/cves/2021/CVE-2021-24347.yaml
index f97931e55a..007295d474 100644
--- a/cves/2021/CVE-2021-24347.yaml
+++ b/cves/2021/CVE-2021-24347.yaml
@@ -49,10 +49,12 @@ requests:
         ------WebKitFormBoundaryaeBrxrKJzAF0Tgfy
         Content-Disposition: form-data; name="dlg-upload-name"
 
+
         ------WebKitFormBoundaryaeBrxrKJzAF0Tgfy
         Content-Disposition: form-data; name="dlg-upload-file[]"; filename=""
         Content-Type: application/octet-stream
 
+
         ------WebKitFormBoundaryaeBrxrKJzAF0Tgfy
         Content-Disposition: form-data; name="dlg-upload-file[]"; filename="{{randstr}}.pHP"
         Content-Type: image/svg+xml
@@ -65,12 +67,14 @@ requests:
         ------WebKitFormBoundaryaeBrxrKJzAF0Tgfy
         Content-Disposition: form-data; name="dlg-upload-notes"
 
+
         ------WebKitFormBoundaryaeBrxrKJzAF0Tgfy
         Content-Disposition: form-data; name="sp-cdm-community-upload"
 
         Upload
         ------WebKitFormBoundaryaeBrxrKJzAF0Tgfy--
 
+
       - |
         GET /wp-content/uploads/sp-client-document-manager/1/{{to_lower("{{randstr}}.pHP")}} HTTP/1.1
         Host: {{Hostname}}