updated to time-based-sqli
parent
3f531519ce
commit
31de443bd6
|
@ -6,7 +6,7 @@ info:
|
|||
severity: critical
|
||||
description: |
|
||||
This Template detects time-based Blind SQL Injection vulnerability
|
||||
tags: time-based,sqli,dast,time-based,blind
|
||||
tags: time-based-sqli,sqli,dast,time-based-sqli,blind
|
||||
|
||||
flow: http(1) && http(2)
|
||||
|
||||
|
|
|
@ -28,7 +28,7 @@ info:
|
|||
vendor: web-dorado
|
||||
product: spider_calendar
|
||||
framework: wordpress
|
||||
tags: time-based,cve2015,cve,wordpress,wp,sqli,wpscan,wp-plugin,spider-event-calendar,unauth,edb,web-dorado
|
||||
tags: time-based-sqli,cve2015,cve,wordpress,wp,sqli,wpscan,wp-plugin,spider-event-calendar,unauth,edb,web-dorado
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: newstatpress_project
|
||||
product: newstatpress
|
||||
framework: wordpress
|
||||
tags: time-based,cve2015,cve,authenticated,sqli,wp-plugin,newstatpress,packetstorm,wordpress,wp,newstatpress_project
|
||||
tags: time-based-sqli,cve2015,cve,authenticated,sqli,wp-plugin,newstatpress,packetstorm,wordpress,wp,newstatpress_project
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -29,7 +29,7 @@ info:
|
|||
vendor: duckdev
|
||||
product: 404_to_301
|
||||
framework: wordpress
|
||||
tags: time-based,cve2015,cve,404-to-301,sqli,wpscan,wp-plugin,wp,wordpress,authenticated,duckdev
|
||||
tags: time-based-sqli,cve2015,cve,404-to-301,sqli,wpscan,wp-plugin,wp,wordpress,authenticated,duckdev
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -31,7 +31,7 @@ info:
|
|||
framework: wordpress
|
||||
shodan-query: http.html:"/wp-content/plugins/gift-voucher/"
|
||||
fofa-query: body="/wp-content/plugins/gift-voucher/"
|
||||
tags: time-based,cve,cve2018,sqli,wordpress,unauth,wp,gift-voucher,edb,wpscan,wp-plugin,codemenschen
|
||||
tags: time-based-sqli,cve,cve2018,sqli,wordpress,unauth,wp,gift-voucher,edb,wpscan,wp-plugin,codemenschen
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -31,7 +31,7 @@ info:
|
|||
fofa-query: title="printmonitor"
|
||||
google-query: intitle:"printmonitor"
|
||||
product": printmonitor
|
||||
tags: time-based,cve2018,cve,sqli,printmonitor,unauth,titool
|
||||
tags: time-based-sqli,cve2018,cve,sqli,printmonitor,unauth,titool
|
||||
variables:
|
||||
username: "{{rand_base(6)}}"
|
||||
password: "{{rand_base(8)}}"
|
||||
|
|
|
@ -32,7 +32,7 @@ info:
|
|||
- http.component:"Magento"
|
||||
- cpe:"cpe:2.3:a:magento:magento"
|
||||
- http.component:"magento"
|
||||
tags: time-based,cve,cve2019,sqli,magento
|
||||
tags: time-based-sqli,cve,cve2019,sqli,magento
|
||||
|
||||
flow: http(1) && http(2)
|
||||
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: idangero
|
||||
product: chop_slider
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2020,wpscan,seclists,sqli,wordpress,wp-plugin,wp,chopslider,unauth,idangero
|
||||
tags: time-based-sqli,cve,cve2020,wpscan,seclists,sqli,wordpress,wp-plugin,wp,chopslider,unauth,idangero
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -31,7 +31,7 @@ info:
|
|||
shodan-query: http.title:"fuel cms"
|
||||
fofa-query: title="fuel cms"
|
||||
google-query: intitle:"fuel cms"
|
||||
tags: time-based,cve,cve2020,packetstorm,sqli,fuel-cms,kev,thedaylightstudio
|
||||
tags: time-based-sqli,cve,cve2020,packetstorm,sqli,fuel-cms,kev,thedaylightstudio
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -29,7 +29,7 @@ info:
|
|||
vendor: prestashop
|
||||
product: productcomments
|
||||
framework: prestashop
|
||||
tags: time-based,cve,cve2020,packetstorm,sqli,prestshop,prestashop
|
||||
tags: time-based-sqli,cve,cve2020,packetstorm,sqli,prestshop,prestashop
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -27,7 +27,7 @@ info:
|
|||
vendor: goodlayers
|
||||
product: good_learning_management_system
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2020,goodlayerslms,sqli,wpscan,goodlayers,wordpress
|
||||
tags: time-based-sqli,cve,cve2020,goodlayerslms,sqli,wpscan,goodlayers,wordpress
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
fofa-query: body=/wp-content/plugins/wp-statistics/
|
||||
publicwww-query: /wp-content/plugins/wp-statistics/
|
||||
google-query: inurl:/wp-content/plugins/wp-statistics
|
||||
tags: time-based,cve2021,cve,wp-plugin,unauth,wpscan,wordpress,sqli,blind,edb,veronalabs
|
||||
tags: time-based-sqli,cve2021,cve,wp-plugin,unauth,wpscan,wordpress,sqli,blind,edb,veronalabs
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -28,7 +28,7 @@ info:
|
|||
shodan-query: http.html:/wp-content/plugins/polls-widget/
|
||||
fofa-query: body=/wp-content/plugins/polls-widget/
|
||||
publicwww-query: "/wp-content/plugins/polls-widget/"
|
||||
tags: time-based,wpscan,cve,cve2021,wp,wp-plugin,wordpress,polls-widget,sqli,wpdevart
|
||||
tags: time-based-sqli,wpscan,cve,cve2021,wp,wp-plugin,wordpress,polls-widget,sqli,wpdevart
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: freelancetoindia
|
||||
product: paytm-pay
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2021,sqli,wordpress,wp-plugin,wp,wp-paytm-pay,wpscan,freelancetoindia
|
||||
tags: time-based-sqli,cve,cve2021,sqli,wordpress,wp-plugin,wp,wp-paytm-pay,wpscan,freelancetoindia
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -27,7 +27,7 @@ info:
|
|||
vendor: genetechsolutions
|
||||
product: pie_register
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2021,sqli,wpscan,wordpress,wp-plugin,wp,pie-register,unauth,genetechsolutions
|
||||
tags: time-based-sqli,cve,cve2021,sqli,wpscan,wordpress,wp-plugin,wp,pie-register,unauth,genetechsolutions
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -28,7 +28,7 @@ info:
|
|||
vendor: getperfectsurvey
|
||||
product: perfect_survey
|
||||
framework: wordpress
|
||||
tags: time-based,cve2021,cve,wpscan,sqli,wp,wordpress,wp-plugin,edb,getperfectsurvey
|
||||
tags: time-based-sqli,cve2021,cve,wpscan,sqli,wp,wordpress,wp-plugin,edb,getperfectsurvey
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -26,7 +26,7 @@ info:
|
|||
product: header_footer_code_manager
|
||||
framework: wordpress
|
||||
google-query: inurl:"/wp-content/plugins/wp-custom-pages/"
|
||||
tags: time-based,cve2021,cve,wpscan,sqli,wp,wordpress,wp-plugin,authenticated,header-footer-code-manager,draftpress
|
||||
tags: time-based-sqli,cve2021,cve,wpscan,sqli,wp,wordpress,wp-plugin,authenticated,header-footer-code-manager,draftpress
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: asgaros
|
||||
product: asgaros_forum
|
||||
framework: wordpress
|
||||
tags: time-based,cve2021,cve,wp-plugin,asgaros-forum,unauth,wpscan,wordpress,wp,sqli,asgaros
|
||||
tags: time-based-sqli,cve2021,cve,wp-plugin,asgaros-forum,unauth,wpscan,wordpress,wp,sqli,asgaros
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -28,7 +28,7 @@ info:
|
|||
shodan-query: http.html:/wp-content/plugins/wc-multivendor-marketplace
|
||||
fofa-query: body=/wp-content/plugins/wc-multivendor-marketplace
|
||||
publicwww-query: "/wp-content/plugins/wc-multivendor-marketplace"
|
||||
tags: time-based,wpscan,cve,cve2021,wp,wp-plugin,wordpress,wc-multivendor-marketplace,sqli,wclovers
|
||||
tags: time-based-sqli,wpscan,cve,cve2021,wp,wp-plugin,wordpress,wc-multivendor-marketplace,sqli,wclovers
|
||||
flow: http(1) && http(2)
|
||||
|
||||
http:
|
||||
|
|
|
@ -29,7 +29,7 @@ info:
|
|||
vendor: metagauss
|
||||
product: registrationmagic
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2021,wpscan,wp-plugin,wordpress,wp,registrationmagic,sqli,authenticated,packetstorm,metagauss
|
||||
tags: time-based-sqli,cve,cve2021,wpscan,wp-plugin,wordpress,wp,registrationmagic,sqli,authenticated,packetstorm,metagauss
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -28,7 +28,7 @@ info:
|
|||
vendor: ays-pro
|
||||
product: secure_copy_content_protection_and_content_locking
|
||||
framework: wordpress
|
||||
tags: time-based,cve2021,cve,wp-plugin,wp,packetstorm,unauth,wpscan,sqli,wordpress,secure-copy-content-protection,ays-pro
|
||||
tags: time-based-sqli,cve2021,cve,wp-plugin,wp,packetstorm,unauth,wpscan,sqli,wordpress,secure-copy-content-protection,ays-pro
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -28,7 +28,7 @@ info:
|
|||
shodan-query: http.html:/wp-content/plugins/registrations-for-the-events-calendar/
|
||||
fofa-query: body=/wp-content/plugins/registrations-for-the-events-calendar/
|
||||
publicwww-query: "/wp-content/plugins/registrations-for-the-events-calendar/"
|
||||
tags: time-based,wpscan,cve,cve2021,wp,wp-plugin,wordpress,sqli,registrations-for-the-events-calendar,roundupwp
|
||||
tags: time-based-sqli,wpscan,cve,cve2021,wp,wp-plugin,wordpress,sqli,registrations-for-the-events-calendar,roundupwp
|
||||
variables:
|
||||
text: "{{rand_base(5)}}"
|
||||
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: webnus
|
||||
product: modern_events_calendar_lite
|
||||
framework: wordpress
|
||||
tags: time-based,cve2021,cve,sqli,packetstorm,wp,wp-plugin,unauth,wpscan,modern-events-calendar-lite,wordpress,webnus
|
||||
tags: time-based-sqli,cve2021,cve,sqli,packetstorm,wp,wp-plugin,unauth,wpscan,modern-events-calendar-lite,wordpress,webnus
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -34,7 +34,7 @@ info:
|
|||
fofa-query: body=/wp-content/plugins/paid-memberships-pro/
|
||||
publicwww-query: /wp-content/plugins/paid-memberships-pro/
|
||||
google-query: inurl:"/wp-content/plugins/paid-memberships-pro"
|
||||
tags: time-based,cve2021,cve,wp-plugin,wp,sqli,paid-memberships-pro,wpscan,wordpress,strangerstudios
|
||||
tags: time-based-sqli,cve2021,cve,wp-plugin,wp,sqli,paid-memberships-pro,wpscan,wordpress,strangerstudios
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -31,7 +31,7 @@ info:
|
|||
- html:"AURALL"
|
||||
- http.html:"aurall"
|
||||
fofa-query: body="aurall"
|
||||
tags: time-based,cve2021,cve,sqli,void,aurall
|
||||
tags: time-based-sqli,cve2021,cve,sqli,void,aurall
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -27,7 +27,7 @@ info:
|
|||
max-request: 1
|
||||
vendor: doctor_appointment_system_project
|
||||
product: doctor_appointment_system
|
||||
tags: time-based,cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project
|
||||
tags: time-based-sqli,cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -27,7 +27,7 @@ info:
|
|||
max-request: 1
|
||||
vendor: doctor_appointment_system_project
|
||||
product: doctor_appointment_system
|
||||
tags: time-based,cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project
|
||||
tags: time-based-sqli,cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -27,7 +27,7 @@ info:
|
|||
max-request: 1
|
||||
vendor: doctor_appointment_system_project
|
||||
product: doctor_appointment_system
|
||||
tags: time-based,cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project
|
||||
tags: time-based-sqli,cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -27,7 +27,7 @@ info:
|
|||
max-request: 1
|
||||
vendor: doctor_appointment_system_project
|
||||
product: doctor_appointment_system
|
||||
tags: time-based,cve2021,cve,packetstorm,sqli,doctor-appointment-system,doctor_appointment_system_project
|
||||
tags: time-based-sqli,cve2021,cve,packetstorm,sqli,doctor-appointment-system,doctor_appointment_system_project
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -27,7 +27,7 @@ info:
|
|||
max-request: 1
|
||||
vendor: doctor_appointment_system_project
|
||||
product: doctor_appointment_system
|
||||
tags: time-based,cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project
|
||||
tags: time-based-sqli,cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: prestashop
|
||||
product: prestashop
|
||||
shodan-query: cpe:"cpe:2.3:a:prestashop:prestashop"
|
||||
tags: time-based,cve,cve2021,sqli,prestshop,edb,prestashop
|
||||
tags: time-based-sqli,cve,cve2021,sqli,prestshop,edb,prestashop
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -31,7 +31,7 @@ info:
|
|||
product: cachet
|
||||
shodan-query: http.favicon.hash:-1606065523
|
||||
fofa-query: icon_hash=-1606065523
|
||||
tags: time-based,cve,cve2021,cachet,sqli,chachethq
|
||||
tags: time-based-sqli,cve,cve2021,cachet,sqli,chachethq
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -29,7 +29,7 @@ info:
|
|||
shodan-query: http.html:/wp-content/plugins/popup-builder/
|
||||
fofa-query: body=/wp-content/plugins/popup-builder/
|
||||
publicwww-query: /wp-content/plugins/popup-builder/
|
||||
tags: time-based,cve2022,cve,wordpress,wp-plugin,wp,wpscan,popup-builder,sygnoos,sqli
|
||||
tags: time-based-sqli,cve2022,cve,wordpress,wp-plugin,wp,wpscan,popup-builder,sygnoos,sqli
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: wpdeveloper
|
||||
product: notificationx
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2022,wordpress,wp-plugin,wp,sqli,notificationx,wpscan,wpdeveloper
|
||||
tags: time-based-sqli,cve,cve2022,wordpress,wp-plugin,wp,sqli,notificationx,wpscan,wpdeveloper
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: templateinvaders
|
||||
product: ti_woocommerce_wishlist
|
||||
framework: wordpress
|
||||
tags: time-based,cve2022,cve,sqli,ti-woocommerce-wishlist,wpscan,woocommerce,wordpress,wp-plugin,wp,templateinvaders
|
||||
tags: time-based-sqli,cve2022,cve,sqli,ti-woocommerce-wishlist,wpscan,woocommerce,wordpress,wp-plugin,wp,templateinvaders
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -31,7 +31,7 @@ info:
|
|||
fofa-query: body=/wp-content/plugins/wp-statistics/
|
||||
publicwww-query: /wp-content/plugins/wp-statistics/
|
||||
google-query: inurl:/wp-content/plugins/wp-statistics
|
||||
tags: time-based,cve,cve2022,sqli,wp,wordpress,wp-plugin,wp-statistics,veronalabs
|
||||
tags: time-based-sqli,cve,cve2022,sqli,wp,wordpress,wp-plugin,wp-statistics,veronalabs
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -27,7 +27,7 @@ info:
|
|||
product: commonsbooking
|
||||
framework: wordpress
|
||||
google-query: inurl:/wp-content/plugin/commonsbooking/
|
||||
tags: time-based,cve,cve2022,wordpress,wp-plugin,wp,commonsbooking,sqli,wpscan,wielebenwir
|
||||
tags: time-based-sqli,cve,cve2022,wordpress,wp-plugin,wp,commonsbooking,sqli,wpscan,wielebenwir
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: devbunch
|
||||
product: master_elements
|
||||
framework: wordpress
|
||||
tags: time-based,cve2022,cve,unauth,wpscan,wp-plugin,wp,sqli,wordpress,master-elements,devbunch
|
||||
tags: time-based-sqli,cve2022,cve,unauth,wpscan,wp-plugin,wp,sqli,wordpress,master-elements,devbunch
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -29,7 +29,7 @@ info:
|
|||
vendor: quantumcloud
|
||||
product: infographic_maker
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2022,sqli,wordpress,wp-plugin,wp,infographic-and-list-builder-ilist,wpscan,quantumcloud
|
||||
tags: time-based-sqli,cve,cve2022,sqli,wordpress,wp-plugin,wp,infographic-and-list-builder-ilist,wpscan,quantumcloud
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: quantumcloud
|
||||
product: simple_link_directory
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2022,sqli,wordpress,wp-plugin,wp,simple-link-directory,unauth,wpscan,quantumcloud
|
||||
tags: time-based-sqli,cve,cve2022,sqli,wordpress,wp-plugin,wp,simple-link-directory,unauth,wpscan,quantumcloud
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: usersultra
|
||||
product: users_ultra
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2022,wp,users-ultra,wpscan,sqli,wordpress,wp-plugin,usersultra
|
||||
tags: time-based-sqli,cve,cve2022,wp,users-ultra,wpscan,sqli,wordpress,wp-plugin,usersultra
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -28,7 +28,7 @@ info:
|
|||
vendor: documentor_project
|
||||
product: documentor
|
||||
framework: wordpress
|
||||
tags: time-based,cve2022,cve,unauth,sqli,wp-plugin,wp,documentor-lite,wpscan,wordpress,documentor_project
|
||||
tags: time-based-sqli,cve2022,cve,unauth,sqli,wp-plugin,wp,documentor-lite,wpscan,wordpress,documentor_project
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: title_experiments_free_project
|
||||
product: title_experiments_free
|
||||
framework: wordpress
|
||||
tags: time-based,cve2022,cve,wpscan,wp-plugin,wp,sqli,wp-experiments-free,unauth,wordpress,title_experiments_free_project
|
||||
tags: time-based-sqli,cve2022,cve,wpscan,wp-plugin,wp,sqli,wp-experiments-free,unauth,wordpress,title_experiments_free_project
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: daily_prayer_time_project
|
||||
product: daily_prayer_time
|
||||
framework: wordpress
|
||||
tags: time-based,cve2022,cve,sqli,wordpress,wp-plugin,unauth,daily-prayer-time-for-mosques,wpscan,wp,daily_prayer_time_project
|
||||
tags: time-based-sqli,cve2022,cve,sqli,wordpress,wp-plugin,unauth,daily-prayer-time-for-mosques,wpscan,wp,daily_prayer_time_project
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: iqonic
|
||||
product: kivicare
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2022,sqli,kivicare-clinic-management-system,unauth,wordpress,wp-plugin,wp,wpscan,iqonic
|
||||
tags: time-based-sqli,cve,cve2022,sqli,kivicare-clinic-management-system,unauth,wordpress,wp-plugin,wp,wpscan,iqonic
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -26,7 +26,7 @@ info:
|
|||
vendor: limit_login_attempts_project
|
||||
product: limit_login_attempts
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2022,wpscan,sqli,wordpress,wp-plugin,wp,wp-limit-failed-login-attempts,limit_login_attempts_project
|
||||
tags: time-based-sqli,cve,cve2022,wpscan,sqli,wordpress,wp-plugin,wp,wp-limit-failed-login-attempts,limit_login_attempts_project
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: wpmet
|
||||
product: wp_fundraising_donation_and_crowdfunding_platform
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2022,sqli,wordpress,wp-plugin,wp,wp-fundraising-donation,unauth,wpscan,wpmet
|
||||
tags: time-based-sqli,cve,cve2022,sqli,wordpress,wp-plugin,wp,wp-fundraising-donation,unauth,wpscan,wpmet
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: wp-video-gallery-free_project
|
||||
product: wp-video-gallery-free
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2022,wp-plugin,wpscan,wordpress,wp,sqli,wp-video-gallery-free,unauth,wp-video-gallery-free_project
|
||||
tags: time-based-sqli,cve,cve2022,wp-plugin,wpscan,wordpress,wp,sqli,wp-video-gallery-free,unauth,wp-video-gallery-free_project
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: presspage
|
||||
product: bestbooks
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,bestbooks,unauthenticated,presspage
|
||||
tags: time-based-sqli,cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,bestbooks,unauthenticated,presspage
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -29,7 +29,7 @@ info:
|
|||
vendor: speakout\!_email_petitions_project
|
||||
product: speakout\!_email_petitions
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2022,wordpress,wp-plugin,wp,unauth,wpscan,sqli,speakout,speakout-email-petitions,speakout\!_email_petitions_project
|
||||
tags: time-based-sqli,cve,cve2022,wordpress,wp-plugin,wp,unauth,wpscan,sqli,speakout,speakout-email-petitions,speakout\!_email_petitions_project
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: reputeinfosystems
|
||||
product: pricing_table
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2022,unauth,wp,wordpress,wp-plugin,arprice-responsive-pricing-table,sqli,wpscan,reputeinfosystems
|
||||
tags: time-based-sqli,cve,cve2022,unauth,wp,wordpress,wp-plugin,arprice-responsive-pricing-table,sqli,wpscan,reputeinfosystems
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: pluginbazaar
|
||||
product: order_listener_for_woocommerce
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2022,wp,unauth,sqli,woc-order-alert,wpscan,wordpress,wp-plugin,pluginbazaar
|
||||
tags: time-based-sqli,cve,cve2022,wp,unauth,sqli,woc-order-alert,wpscan,wordpress,wp-plugin,pluginbazaar
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -29,7 +29,7 @@ info:
|
|||
vendor: stopbadbots
|
||||
product: block_and_stop_bad_bots
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2022,stopbadbots,wp-plugin,wp,unauth,wpscan,sqli,wordpress
|
||||
tags: time-based-sqli,cve,cve2022,stopbadbots,wp-plugin,wp,unauth,wpscan,sqli,wordpress
|
||||
variables:
|
||||
IP: '{{rand_ip("1.1.1.0/24")}}'
|
||||
|
||||
|
|
|
@ -29,7 +29,7 @@ info:
|
|||
vendor: ays-pro
|
||||
product: personal_dictionary
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2022,wp,unauth,wpscan,sqli,wordpress,wp-plugin,personal-dictionary,ays-pro
|
||||
tags: time-based-sqli,cve,cve2022,wp,unauth,wpscan,sqli,wordpress,wp-plugin,personal-dictionary,ays-pro
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: varktech
|
||||
product: pricing_deals_for_woocommerce
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,pricing-deals-for-woocommerce,unauth,varktech
|
||||
tags: time-based-sqli,cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,pricing-deals-for-woocommerce,unauth,varktech
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: carrcommunications
|
||||
product: rsvpmaker
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2022,wordpress,wp-plugin,wp,sqli,rsvpmaker,carrcommunications
|
||||
tags: time-based-sqli,cve,cve2022,wordpress,wp-plugin,wp,sqli,rsvpmaker,carrcommunications
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -28,7 +28,7 @@ info:
|
|||
max-request: 1
|
||||
vendor: camptocamp
|
||||
product: terraboard
|
||||
tags: time-based,cve,cve2022,terraboard,sqli,huntr,camptocamp
|
||||
tags: time-based-sqli,cve,cve2022,terraboard,sqli,huntr,camptocamp
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -31,7 +31,7 @@ info:
|
|||
shodan-query:
|
||||
- "http.component:\"Prestashop\""
|
||||
- http.component:"prestashop"
|
||||
tags: time-based,cve,cve2022,packetstorm,prestashop,sqli,unauth,apollotheme
|
||||
tags: time-based-sqli,cve,cve2022,packetstorm,prestashop,sqli,unauth,apollotheme
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -28,7 +28,7 @@ info:
|
|||
max-request: 1
|
||||
vendor: thedigitalcraft
|
||||
product: atomcms
|
||||
tags: time-based,cve,cve2022,packetstorm,sqli,atom,cms,thedigitalcraft
|
||||
tags: time-based-sqli,cve,cve2022,packetstorm,sqli,atom,cms,thedigitalcraft
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -29,7 +29,7 @@ info:
|
|||
max-request: 2
|
||||
vendor: cuppacms
|
||||
product: cuppacms
|
||||
tags: time-based,cve2022,cve,sqli,cuppa,authenticated,cuppacms
|
||||
tags: time-based-sqli,cve2022,cve,sqli,cuppa,authenticated,cuppacms
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -29,7 +29,7 @@ info:
|
|||
max-request: 2
|
||||
vendor: cuppacms
|
||||
product: cuppacms
|
||||
tags: time-based,cve,cve2022,sqli,cuppa,authenticated,cuppacms
|
||||
tags: time-based-sqli,cve,cve2022,sqli,cuppa,authenticated,cuppacms
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -27,7 +27,7 @@ info:
|
|||
max-request: 1
|
||||
vendor: garage_management_system_project
|
||||
product: garage_management_system
|
||||
tags: time-based,cve,cve2022,sourcecodester,garagemanagementsystem,sqli,garage_management_system_project
|
||||
tags: time-based-sqli,cve,cve2022,sourcecodester,garagemanagementsystem,sqli,garage_management_system_project
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -31,7 +31,7 @@ info:
|
|||
fofa-query: body=/wp-content/plugins/wp-statistics/
|
||||
publicwww-query: /wp-content/plugins/wp-statistics/
|
||||
google-query: inurl:/wp-content/plugins/wp-statistics
|
||||
tags: time-based,cve,cve2022,packetstorm,sqli,wpscan,wordpress,wp-plugin,wp,wp-statistics,veronalabs
|
||||
tags: time-based-sqli,cve,cve2022,packetstorm,sqli,wpscan,wordpress,wp-plugin,wp,wp-statistics,veronalabs
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
fofa-query: body=/wp-content/plugins/wp-statistics/
|
||||
publicwww-query: "/wp-content/plugins/wp-statistics/"
|
||||
google-query: inurl:/wp-content/plugins/wp-statistics
|
||||
tags: time-based,cve2022,cve,sqli,wpscan,wordpress,wp-plugin,wp,wp-statistics,veronalabs
|
||||
tags: time-based-sqli,cve2022,cve,sqli,wpscan,wordpress,wp-plugin,wp,wp-statistics,veronalabs
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -28,7 +28,7 @@ info:
|
|||
max-request: 2
|
||||
vendor: cuppacms
|
||||
product: cuppacms
|
||||
tags: time-based,cve,cve2022,sqli,cuppa,authenticated,cuppacms
|
||||
tags: time-based-sqli,cve,cve2022,sqli,cuppa,authenticated,cuppacms
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -27,7 +27,7 @@ info:
|
|||
max-request: 1
|
||||
vendor: thedigitalcraft
|
||||
product: atomcms
|
||||
tags: time-based,cve,cve2022,sqli,atom,cms,thedigitalcraft
|
||||
tags: time-based-sqli,cve,cve2022,sqli,atom,cms,thedigitalcraft
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
shodan-query: http.html:/wp-content/plugins/nex-forms-express-wp-form-builder/
|
||||
fofa-query: body=/wp-content/plugins/nex-forms-express-wp-form-builder/
|
||||
publicwww-query: /wp-content/plugins/nex-forms-express-wp-form-builder/
|
||||
tags: time-based,cve,cve2022,wpscan,packetstorm,wordpress,sqli,wp-plugin,wp,authenticated,basixonline
|
||||
tags: time-based-sqli,cve,cve2022,wpscan,packetstorm,wordpress,sqli,wp-plugin,wp,authenticated,basixonline
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -39,7 +39,7 @@ info:
|
|||
google-query:
|
||||
- intitle:"linear emerge"
|
||||
- intitle:"emerge"
|
||||
tags: time-based,cve,cve2022,packetstorm,emerge,rce,nortekcontrol
|
||||
tags: time-based-sqli,cve,cve2022,packetstorm,emerge,rce,nortekcontrol
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -27,7 +27,7 @@ info:
|
|||
max-request: 1
|
||||
vendor: online_fire_reporting_system_project
|
||||
product: online_fire_reporting_system
|
||||
tags: time-based,cve,cve2022,sqli,online-fire-reporting,online_fire_reporting_system_project
|
||||
tags: time-based-sqli,cve,cve2022,sqli,online-fire-reporting,online_fire_reporting_system_project
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -27,7 +27,7 @@ info:
|
|||
max-request: 1
|
||||
vendor: online_fire_reporting_system_project
|
||||
product: online_fire_reporting_system
|
||||
tags: time-based,cve,cve2022,sqli,online-fire-reporting,online_fire_reporting_system_project
|
||||
tags: time-based-sqli,cve,cve2022,sqli,online-fire-reporting,online_fire_reporting_system_project
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -27,7 +27,7 @@ info:
|
|||
max-request: 1
|
||||
vendor: online_fire_reporting_system_project
|
||||
product: online_fire_reporting_system
|
||||
tags: time-based,cve,cve2022,sqli,online-fire-reporting,online_fire_reporting_system_project
|
||||
tags: time-based-sqli,cve,cve2022,sqli,online-fire-reporting,online_fire_reporting_system_project
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -33,7 +33,7 @@ info:
|
|||
shodan-query: http.html:"wp-stats-manager"
|
||||
fofa-query: body="wp-stats-manager"
|
||||
google-query: inurl:"/wp-content/plugins/wp-stats-manager"
|
||||
tags: time-based,cve2022,cve,wordpress,wp-plugin,wp,unauth,sqli,wp-stats-manager,plugins-market
|
||||
tags: time-based-sqli,cve2022,cve,wordpress,wp-plugin,wp,unauth,sqli,wp-stats-manager,plugins-market
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -29,7 +29,7 @@ info:
|
|||
vendor: wpsmartcontracts
|
||||
product: wpsmartcontracts
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2022,wp-smart-contracts,wpscan,wp-plugin,sqli,wordpress,wp,authenticated,wpsmartcontracts
|
||||
tags: time-based-sqli,cve,cve2022,wp-smart-contracts,wpscan,wp-plugin,sqli,wordpress,wp,authenticated,wpsmartcontracts
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -27,7 +27,7 @@ info:
|
|||
max-request: 1
|
||||
vendor: ibax
|
||||
product: go-ibax
|
||||
tags: time-based,cve2022,cve,ibax,go-ibax,sqli
|
||||
tags: time-based-sqli,cve2022,cve,ibax,go-ibax,sqli
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -25,7 +25,7 @@ info:
|
|||
max-request: 1
|
||||
vendor: simple_task_managing_system_project
|
||||
product: simple_task_managing_system
|
||||
tags: time-based,cve,cve2022,packetstorm,simple-task,stms,sqli,simple_task_managing_system_project
|
||||
tags: time-based-sqli,cve,cve2022,packetstorm,simple-task,stms,sqli,simple_task_managing_system_project
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -28,7 +28,7 @@ info:
|
|||
shodan-query: http.html:/wp-content/plugins/wp-user/
|
||||
fofa-query: body=/wp-content/plugins/wp-user/
|
||||
publicwww-query: /wp-content/plugins/wp-user/
|
||||
tags: time-based,cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,wp-user,unauth,wp_user_project
|
||||
tags: time-based-sqli,cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,wp-user,unauth,wp_user_project
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: beardev
|
||||
product: joomsport
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2022,wpscan,wp-plugin,wp,joomsport-sports-league-results-management,wordpress,sqli,unauth,beardev
|
||||
tags: time-based-sqli,cve,cve2022,wpscan,wp-plugin,wp,joomsport-sports-league-results-management,wordpress,sqli,unauth,beardev
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -28,7 +28,7 @@ info:
|
|||
shodan-query: http.html:/wp-content/plugins/cryptocurrency-widgets-pack/
|
||||
fofa-query: body=/wp-content/plugins/cryptocurrency-widgets-pack/
|
||||
publicwww-query: /wp-content/plugins/cryptocurrency-widgets-pack/
|
||||
tags: time-based,cve,cve2022,wp,wp-plugin,wordpress,wpscan,sqli,blocksera
|
||||
tags: time-based-sqli,cve,cve2022,wp,wp-plugin,wordpress,wpscan,sqli,blocksera
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: iws-geo-form-fields_project
|
||||
product: iws-geo-form-fields
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2022,sqli,wordpress,wp-plugin,wp,iws-geo-form-fields,wpscan,iws-geo-form-fields_project
|
||||
tags: time-based-sqli,cve,cve2022,sqli,wordpress,wp-plugin,wp,iws-geo-form-fields,wpscan,iws-geo-form-fields_project
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -24,7 +24,7 @@ info:
|
|||
max-request: 2
|
||||
vendor: webtareas_project
|
||||
product: webtareas
|
||||
tags: time-based,cve,cve2022,sqli,webtareas,authenticated,intrusive,webtareas_project
|
||||
tags: time-based-sqli,cve,cve2022,sqli,webtareas,authenticated,intrusive,webtareas_project
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -24,7 +24,7 @@ info:
|
|||
max-request: 2
|
||||
vendor: webtareas_project
|
||||
product: webtareas
|
||||
tags: time-based,cve,cve2022,sqli,webtareas,authenticated,intrusive,webtareas_project
|
||||
tags: time-based-sqli,cve,cve2022,sqli,webtareas,authenticated,intrusive,webtareas_project
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -29,7 +29,7 @@ info:
|
|||
vendor: paytm
|
||||
product: payment_gateway
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2022,sqli,wordpress,wp-plugin,wp,paytm-payments,authenticated,paytm
|
||||
tags: time-based-sqli,cve,cve2022,sqli,wordpress,wp-plugin,wp,paytm-payments,authenticated,paytm
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -28,7 +28,7 @@ info:
|
|||
vendor: ljapps
|
||||
product: wp_tripadvisor_review_slider
|
||||
framework: wordpress
|
||||
tags: time-based,cve2023,cve,wordpress,wp,wp-tripadvisor-review-slider,auth,sqli,wp-plugin,wpscan,ljapps
|
||||
tags: time-based-sqli,cve2023,cve,wordpress,wp,wp-tripadvisor-review-slider,auth,sqli,wp-plugin,wpscan,ljapps
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -29,7 +29,7 @@ info:
|
|||
fofa-query: body="wp-stats-manager"
|
||||
google-query: inurl:"/wp-content/plugins/wp-stats-manager"
|
||||
public-www: /wp-content/plugins/wp-stats-manager/
|
||||
tags: time-based,cve,cve2023,wp,wp-plugin,wordpress,wpscan,unauth,wp-stats-manager,sqli,plugins-market
|
||||
tags: time-based-sqli,cve,cve2023,wp,wp-plugin,wordpress,wpscan,unauth,wp-stats-manager,sqli,plugins-market
|
||||
variables:
|
||||
str: '{{rand_int(100000, 999999)}}'
|
||||
|
||||
|
|
|
@ -29,7 +29,7 @@ info:
|
|||
vendor: wp-slimstat
|
||||
product: slimstat_analytics
|
||||
framework: wordpress
|
||||
tags: time-based,cve2023,cve,wpscan,wp-slimstat,wp,wp-plugin,sqli,wordpress,authenticated
|
||||
tags: time-based-sqli,cve2023,cve,wpscan,wp-slimstat,wp,wp-plugin,sqli,wordpress,authenticated
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -27,7 +27,7 @@ info:
|
|||
shodan-query: http.html:wp-content/plugins/ap-pricing-tables-lite
|
||||
fofa-query: body=wp-content/plugins/ap-pricing-tables-lite
|
||||
publicwww-query: "wp-content/plugins/ap-pricing-tables-lite"
|
||||
tags: time-based,cve2023,cve,sqli,wordpress,wp-plugin,wp,authenticated,wpscan,ap-pricing-tables-lite,wpdevart
|
||||
tags: time-based-sqli,cve2023,cve,sqli,wordpress,wp-plugin,wp,authenticated,wpscan,ap-pricing-tables-lite,wpdevart
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -27,7 +27,7 @@ info:
|
|||
shodan-query: http.html:/wp-content/plugins/video-list-manager/
|
||||
fofa-query: body=/wp-content/plugins/video-list-manager/
|
||||
publicwww-query: /wp-content/plugins/video-list-manager/
|
||||
tags: time-based,cve,cve2023,wpscan,sqli,wordpress,wp-plugin,wp,authenticated,video_list_manager_project
|
||||
tags: time-based-sqli,cve,cve2023,wpscan,sqli,wordpress,wp-plugin,wp,authenticated,video_list_manager_project
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -28,7 +28,7 @@ info:
|
|||
vendor: supportcandy
|
||||
product: supportcandy
|
||||
framework: wordpress
|
||||
tags: time-based,cve2023,cve,sqli,wpscan,wordpress,supportcandy,unauth
|
||||
tags: time-based-sqli,cve2023,cve,sqli,wpscan,wordpress,supportcandy,unauth
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -29,7 +29,7 @@ info:
|
|||
max-request: 1
|
||||
vendor: purchase_order_management_system_project
|
||||
product: purchase_order_management_system
|
||||
tags: time-based,cve2023,cve,sqli,purchase-order-management-system,purchase_order_management_system_project
|
||||
tags: time-based-sqli,cve2023,cve,sqli,purchase-order-management-system,purchase_order_management_system_project
|
||||
|
||||
http:
|
||||
- method: GET
|
||||
|
|
|
@ -34,7 +34,7 @@ info:
|
|||
fofa-query: body=/wp-content/plugins/paid-memberships-pro/
|
||||
publicwww-query: /wp-content/plugins/paid-memberships-pro/
|
||||
google-query: inurl:"/wp-content/plugins/paid-memberships-pro"
|
||||
tags: time-based,cve2023,cve,paid-memberships-pro,wordpress,tenable,packetstorm,wp-plugin,sqli,wp,strangerstudios
|
||||
tags: time-based-sqli,cve2023,cve,paid-memberships-pro,wordpress,tenable,packetstorm,wp-plugin,sqli,wp,strangerstudios
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
vendor: sandhillsdev
|
||||
product: easy_digital_downloads
|
||||
framework: wordpress
|
||||
tags: time-based,cve,cve2023,easy-digital-downloads,unauth,wpscan,wordpress,wp,wp-plugin,sqli,tenable,sandhillsdev
|
||||
tags: time-based-sqli,cve,cve2023,easy-digital-downloads,unauth,wpscan,wordpress,wp,wp-plugin,sqli,tenable,sandhillsdev
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -24,7 +24,7 @@ info:
|
|||
product: "popup_module_\\(on_entering\\,_exit_popup\\,_add_product\\)_and_newsletter"
|
||||
framework: prestashop
|
||||
shodan-query: "http.component:\"prestashop\""
|
||||
tags: time-based,cve,cve2023,sqli,prestashop,advancedpopupcreator,idnovate
|
||||
tags: time-based-sqli,cve,cve2023,sqli,prestashop,advancedpopupcreator,idnovate
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -29,7 +29,7 @@ info:
|
|||
vendor: joommasters
|
||||
product: jms_blog
|
||||
framework: prestashop
|
||||
tags: time-based,cve2023,cve,prestashop,prestashop-module,sqli,intrusive,joommasters
|
||||
tags: time-based-sqli,cve2023,cve,prestashop,prestashop-module,sqli,intrusive,joommasters
|
||||
|
||||
flow: http(1) && http(2)
|
||||
|
||||
|
|
|
@ -24,7 +24,7 @@ info:
|
|||
framework: prestashop
|
||||
shodan-query: html:"/xipblog"
|
||||
fofa-query: app="Prestashop"
|
||||
tags: time-based,cve,cve2023,prestashop,sqli,xipblog
|
||||
tags: time-based-sqli,cve,cve2023,prestashop,sqli,xipblog
|
||||
|
||||
flow: http(1) && http(2)
|
||||
|
||||
|
|
|
@ -30,7 +30,7 @@ info:
|
|||
framework: wordpress
|
||||
shodan-query: http.html:"/wp-content/plugins/gift-voucher/"
|
||||
fofa-query: "body=\"/wp-content/plugins/gift-voucher/\""
|
||||
tags: time-based,cve,cve2023,wordpress,wp,wp-plugin,sqli,unauth,gift-voucher,codemenschen
|
||||
tags: time-based-sqli,cve,cve2023,wordpress,wp,wp-plugin,sqli,unauth,gift-voucher,codemenschen
|
||||
flow: http(1) && http(2)
|
||||
|
||||
http:
|
||||
|
|
|
@ -32,7 +32,7 @@ info:
|
|||
shodan-query:
|
||||
- http.component:"Prestashop"
|
||||
- http.component:"prestashop"
|
||||
tags: time-based,cve2023,cve,prestashop,sqli,leotheme
|
||||
tags: time-based-sqli,cve2023,cve,prestashop,sqli,leotheme
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -29,7 +29,7 @@ info:
|
|||
publicwww-query: "/wp-content/plugins/mstore-api/"
|
||||
shodan-query: http.html:/wp-content/plugins/mstore-api/
|
||||
fofa-query: body=/wp-content/plugins/mstore-api/
|
||||
tags: time-based,cve,cve2023,wpscan,wordpress,wp-plugin,wp,mstore-api,sqli,inspireui
|
||||
tags: time-based-sqli,cve,cve2023,wpscan,wordpress,wp-plugin,wp,mstore-api,sqli,inspireui
|
||||
flow: http(1) && http(2)
|
||||
|
||||
http:
|
||||
|
|
|
@ -26,7 +26,7 @@ info:
|
|||
fofa-query:
|
||||
- "Powered by bloofoxCMS"
|
||||
- powered by bloofoxcms
|
||||
tags: time-based,cve2023,cve,sqli,bloofox,authenticated
|
||||
tags: time-based-sqli,cve2023,cve,sqli,bloofox,authenticated
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -28,7 +28,7 @@ info:
|
|||
fofa-query:
|
||||
- "Powered by bloofoxCMS"
|
||||
- powered by bloofoxcms
|
||||
tags: time-based,cve,cve2023,sqli,bloofox,authenticated
|
||||
tags: time-based-sqli,cve,cve2023,sqli,bloofox,authenticated
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
|
@ -26,7 +26,7 @@ info:
|
|||
fofa-query:
|
||||
- "Powered by bloofoxCMS"
|
||||
- powered by bloofoxcms
|
||||
tags: time-based,cve,cve2023,sqli,bloofox,authenticated
|
||||
tags: time-based-sqli,cve,cve2023,sqli,bloofox,authenticated
|
||||
|
||||
http:
|
||||
- raw:
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue