updated to time-based-sqli

patch-12
Prince Chaddha 2024-10-15 17:27:37 +07:00
parent 3f531519ce
commit 31de443bd6
170 changed files with 170 additions and 170 deletions

View File

@ -6,7 +6,7 @@ info:
severity: critical
description: |
This Template detects time-based Blind SQL Injection vulnerability
tags: time-based,sqli,dast,time-based,blind
tags: time-based-sqli,sqli,dast,time-based-sqli,blind
flow: http(1) && http(2)

View File

@ -28,7 +28,7 @@ info:
vendor: web-dorado
product: spider_calendar
framework: wordpress
tags: time-based,cve2015,cve,wordpress,wp,sqli,wpscan,wp-plugin,spider-event-calendar,unauth,edb,web-dorado
tags: time-based-sqli,cve2015,cve,wordpress,wp,sqli,wpscan,wp-plugin,spider-event-calendar,unauth,edb,web-dorado
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
vendor: newstatpress_project
product: newstatpress
framework: wordpress
tags: time-based,cve2015,cve,authenticated,sqli,wp-plugin,newstatpress,packetstorm,wordpress,wp,newstatpress_project
tags: time-based-sqli,cve2015,cve,authenticated,sqli,wp-plugin,newstatpress,packetstorm,wordpress,wp,newstatpress_project
http:
- raw:

View File

@ -29,7 +29,7 @@ info:
vendor: duckdev
product: 404_to_301
framework: wordpress
tags: time-based,cve2015,cve,404-to-301,sqli,wpscan,wp-plugin,wp,wordpress,authenticated,duckdev
tags: time-based-sqli,cve2015,cve,404-to-301,sqli,wpscan,wp-plugin,wp,wordpress,authenticated,duckdev
http:
- raw:

View File

@ -31,7 +31,7 @@ info:
framework: wordpress
shodan-query: http.html:"/wp-content/plugins/gift-voucher/"
fofa-query: body="/wp-content/plugins/gift-voucher/"
tags: time-based,cve,cve2018,sqli,wordpress,unauth,wp,gift-voucher,edb,wpscan,wp-plugin,codemenschen
tags: time-based-sqli,cve,cve2018,sqli,wordpress,unauth,wp,gift-voucher,edb,wpscan,wp-plugin,codemenschen
http:
- raw:

View File

@ -31,7 +31,7 @@ info:
fofa-query: title="printmonitor"
google-query: intitle:"printmonitor"
product": printmonitor
tags: time-based,cve2018,cve,sqli,printmonitor,unauth,titool
tags: time-based-sqli,cve2018,cve,sqli,printmonitor,unauth,titool
variables:
username: "{{rand_base(6)}}"
password: "{{rand_base(8)}}"

View File

@ -32,7 +32,7 @@ info:
- http.component:"Magento"
- cpe:"cpe:2.3:a:magento:magento"
- http.component:"magento"
tags: time-based,cve,cve2019,sqli,magento
tags: time-based-sqli,cve,cve2019,sqli,magento
flow: http(1) && http(2)

View File

@ -30,7 +30,7 @@ info:
vendor: idangero
product: chop_slider
framework: wordpress
tags: time-based,cve,cve2020,wpscan,seclists,sqli,wordpress,wp-plugin,wp,chopslider,unauth,idangero
tags: time-based-sqli,cve,cve2020,wpscan,seclists,sqli,wordpress,wp-plugin,wp,chopslider,unauth,idangero
http:
- raw:

View File

@ -31,7 +31,7 @@ info:
shodan-query: http.title:"fuel cms"
fofa-query: title="fuel cms"
google-query: intitle:"fuel cms"
tags: time-based,cve,cve2020,packetstorm,sqli,fuel-cms,kev,thedaylightstudio
tags: time-based-sqli,cve,cve2020,packetstorm,sqli,fuel-cms,kev,thedaylightstudio
http:
- raw:

View File

@ -29,7 +29,7 @@ info:
vendor: prestashop
product: productcomments
framework: prestashop
tags: time-based,cve,cve2020,packetstorm,sqli,prestshop,prestashop
tags: time-based-sqli,cve,cve2020,packetstorm,sqli,prestshop,prestashop
http:
- raw:

View File

@ -27,7 +27,7 @@ info:
vendor: goodlayers
product: good_learning_management_system
framework: wordpress
tags: time-based,cve,cve2020,goodlayerslms,sqli,wpscan,goodlayers,wordpress
tags: time-based-sqli,cve,cve2020,goodlayerslms,sqli,wpscan,goodlayers,wordpress
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
fofa-query: body=/wp-content/plugins/wp-statistics/
publicwww-query: /wp-content/plugins/wp-statistics/
google-query: inurl:/wp-content/plugins/wp-statistics
tags: time-based,cve2021,cve,wp-plugin,unauth,wpscan,wordpress,sqli,blind,edb,veronalabs
tags: time-based-sqli,cve2021,cve,wp-plugin,unauth,wpscan,wordpress,sqli,blind,edb,veronalabs
http:
- raw:

View File

@ -28,7 +28,7 @@ info:
shodan-query: http.html:/wp-content/plugins/polls-widget/
fofa-query: body=/wp-content/plugins/polls-widget/
publicwww-query: "/wp-content/plugins/polls-widget/"
tags: time-based,wpscan,cve,cve2021,wp,wp-plugin,wordpress,polls-widget,sqli,wpdevart
tags: time-based-sqli,wpscan,cve,cve2021,wp,wp-plugin,wordpress,polls-widget,sqli,wpdevart
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
vendor: freelancetoindia
product: paytm-pay
framework: wordpress
tags: time-based,cve,cve2021,sqli,wordpress,wp-plugin,wp,wp-paytm-pay,wpscan,freelancetoindia
tags: time-based-sqli,cve,cve2021,sqli,wordpress,wp-plugin,wp,wp-paytm-pay,wpscan,freelancetoindia
http:
- raw:

View File

@ -27,7 +27,7 @@ info:
vendor: genetechsolutions
product: pie_register
framework: wordpress
tags: time-based,cve,cve2021,sqli,wpscan,wordpress,wp-plugin,wp,pie-register,unauth,genetechsolutions
tags: time-based-sqli,cve,cve2021,sqli,wpscan,wordpress,wp-plugin,wp,pie-register,unauth,genetechsolutions
http:
- raw:

View File

@ -28,7 +28,7 @@ info:
vendor: getperfectsurvey
product: perfect_survey
framework: wordpress
tags: time-based,cve2021,cve,wpscan,sqli,wp,wordpress,wp-plugin,edb,getperfectsurvey
tags: time-based-sqli,cve2021,cve,wpscan,sqli,wp,wordpress,wp-plugin,edb,getperfectsurvey
http:
- raw:

View File

@ -26,7 +26,7 @@ info:
product: header_footer_code_manager
framework: wordpress
google-query: inurl:"/wp-content/plugins/wp-custom-pages/"
tags: time-based,cve2021,cve,wpscan,sqli,wp,wordpress,wp-plugin,authenticated,header-footer-code-manager,draftpress
tags: time-based-sqli,cve2021,cve,wpscan,sqli,wp,wordpress,wp-plugin,authenticated,header-footer-code-manager,draftpress
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
vendor: asgaros
product: asgaros_forum
framework: wordpress
tags: time-based,cve2021,cve,wp-plugin,asgaros-forum,unauth,wpscan,wordpress,wp,sqli,asgaros
tags: time-based-sqli,cve2021,cve,wp-plugin,asgaros-forum,unauth,wpscan,wordpress,wp,sqli,asgaros
http:
- raw:

View File

@ -28,7 +28,7 @@ info:
shodan-query: http.html:/wp-content/plugins/wc-multivendor-marketplace
fofa-query: body=/wp-content/plugins/wc-multivendor-marketplace
publicwww-query: "/wp-content/plugins/wc-multivendor-marketplace"
tags: time-based,wpscan,cve,cve2021,wp,wp-plugin,wordpress,wc-multivendor-marketplace,sqli,wclovers
tags: time-based-sqli,wpscan,cve,cve2021,wp,wp-plugin,wordpress,wc-multivendor-marketplace,sqli,wclovers
flow: http(1) && http(2)
http:

View File

@ -29,7 +29,7 @@ info:
vendor: metagauss
product: registrationmagic
framework: wordpress
tags: time-based,cve,cve2021,wpscan,wp-plugin,wordpress,wp,registrationmagic,sqli,authenticated,packetstorm,metagauss
tags: time-based-sqli,cve,cve2021,wpscan,wp-plugin,wordpress,wp,registrationmagic,sqli,authenticated,packetstorm,metagauss
http:
- raw:

View File

@ -28,7 +28,7 @@ info:
vendor: ays-pro
product: secure_copy_content_protection_and_content_locking
framework: wordpress
tags: time-based,cve2021,cve,wp-plugin,wp,packetstorm,unauth,wpscan,sqli,wordpress,secure-copy-content-protection,ays-pro
tags: time-based-sqli,cve2021,cve,wp-plugin,wp,packetstorm,unauth,wpscan,sqli,wordpress,secure-copy-content-protection,ays-pro
http:
- raw:

View File

@ -28,7 +28,7 @@ info:
shodan-query: http.html:/wp-content/plugins/registrations-for-the-events-calendar/
fofa-query: body=/wp-content/plugins/registrations-for-the-events-calendar/
publicwww-query: "/wp-content/plugins/registrations-for-the-events-calendar/"
tags: time-based,wpscan,cve,cve2021,wp,wp-plugin,wordpress,sqli,registrations-for-the-events-calendar,roundupwp
tags: time-based-sqli,wpscan,cve,cve2021,wp,wp-plugin,wordpress,sqli,registrations-for-the-events-calendar,roundupwp
variables:
text: "{{rand_base(5)}}"

View File

@ -30,7 +30,7 @@ info:
vendor: webnus
product: modern_events_calendar_lite
framework: wordpress
tags: time-based,cve2021,cve,sqli,packetstorm,wp,wp-plugin,unauth,wpscan,modern-events-calendar-lite,wordpress,webnus
tags: time-based-sqli,cve2021,cve,sqli,packetstorm,wp,wp-plugin,unauth,wpscan,modern-events-calendar-lite,wordpress,webnus
http:
- raw:

View File

@ -34,7 +34,7 @@ info:
fofa-query: body=/wp-content/plugins/paid-memberships-pro/
publicwww-query: /wp-content/plugins/paid-memberships-pro/
google-query: inurl:"/wp-content/plugins/paid-memberships-pro"
tags: time-based,cve2021,cve,wp-plugin,wp,sqli,paid-memberships-pro,wpscan,wordpress,strangerstudios
tags: time-based-sqli,cve2021,cve,wp-plugin,wp,sqli,paid-memberships-pro,wpscan,wordpress,strangerstudios
http:
- raw:

View File

@ -31,7 +31,7 @@ info:
- html:"AURALL"
- http.html:"aurall"
fofa-query: body="aurall"
tags: time-based,cve2021,cve,sqli,void,aurall
tags: time-based-sqli,cve2021,cve,sqli,void,aurall
http:
- raw:

View File

@ -27,7 +27,7 @@ info:
max-request: 1
vendor: doctor_appointment_system_project
product: doctor_appointment_system
tags: time-based,cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project
tags: time-based-sqli,cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project
http:
- raw:

View File

@ -27,7 +27,7 @@ info:
max-request: 1
vendor: doctor_appointment_system_project
product: doctor_appointment_system
tags: time-based,cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project
tags: time-based-sqli,cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project
http:
- raw:

View File

@ -27,7 +27,7 @@ info:
max-request: 1
vendor: doctor_appointment_system_project
product: doctor_appointment_system
tags: time-based,cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project
tags: time-based-sqli,cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project
http:
- raw:

View File

@ -27,7 +27,7 @@ info:
max-request: 1
vendor: doctor_appointment_system_project
product: doctor_appointment_system
tags: time-based,cve2021,cve,packetstorm,sqli,doctor-appointment-system,doctor_appointment_system_project
tags: time-based-sqli,cve2021,cve,packetstorm,sqli,doctor-appointment-system,doctor_appointment_system_project
http:
- raw:

View File

@ -27,7 +27,7 @@ info:
max-request: 1
vendor: doctor_appointment_system_project
product: doctor_appointment_system
tags: time-based,cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project
tags: time-based-sqli,cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
vendor: prestashop
product: prestashop
shodan-query: cpe:"cpe:2.3:a:prestashop:prestashop"
tags: time-based,cve,cve2021,sqli,prestshop,edb,prestashop
tags: time-based-sqli,cve,cve2021,sqli,prestshop,edb,prestashop
http:
- raw:

View File

@ -31,7 +31,7 @@ info:
product: cachet
shodan-query: http.favicon.hash:-1606065523
fofa-query: icon_hash=-1606065523
tags: time-based,cve,cve2021,cachet,sqli,chachethq
tags: time-based-sqli,cve,cve2021,cachet,sqli,chachethq
http:
- raw:

View File

@ -29,7 +29,7 @@ info:
shodan-query: http.html:/wp-content/plugins/popup-builder/
fofa-query: body=/wp-content/plugins/popup-builder/
publicwww-query: /wp-content/plugins/popup-builder/
tags: time-based,cve2022,cve,wordpress,wp-plugin,wp,wpscan,popup-builder,sygnoos,sqli
tags: time-based-sqli,cve2022,cve,wordpress,wp-plugin,wp,wpscan,popup-builder,sygnoos,sqli
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
vendor: wpdeveloper
product: notificationx
framework: wordpress
tags: time-based,cve,cve2022,wordpress,wp-plugin,wp,sqli,notificationx,wpscan,wpdeveloper
tags: time-based-sqli,cve,cve2022,wordpress,wp-plugin,wp,sqli,notificationx,wpscan,wpdeveloper
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
vendor: templateinvaders
product: ti_woocommerce_wishlist
framework: wordpress
tags: time-based,cve2022,cve,sqli,ti-woocommerce-wishlist,wpscan,woocommerce,wordpress,wp-plugin,wp,templateinvaders
tags: time-based-sqli,cve2022,cve,sqli,ti-woocommerce-wishlist,wpscan,woocommerce,wordpress,wp-plugin,wp,templateinvaders
http:
- raw:

View File

@ -31,7 +31,7 @@ info:
fofa-query: body=/wp-content/plugins/wp-statistics/
publicwww-query: /wp-content/plugins/wp-statistics/
google-query: inurl:/wp-content/plugins/wp-statistics
tags: time-based,cve,cve2022,sqli,wp,wordpress,wp-plugin,wp-statistics,veronalabs
tags: time-based-sqli,cve,cve2022,sqli,wp,wordpress,wp-plugin,wp-statistics,veronalabs
http:
- raw:

View File

@ -27,7 +27,7 @@ info:
product: commonsbooking
framework: wordpress
google-query: inurl:/wp-content/plugin/commonsbooking/
tags: time-based,cve,cve2022,wordpress,wp-plugin,wp,commonsbooking,sqli,wpscan,wielebenwir
tags: time-based-sqli,cve,cve2022,wordpress,wp-plugin,wp,commonsbooking,sqli,wpscan,wielebenwir
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
vendor: devbunch
product: master_elements
framework: wordpress
tags: time-based,cve2022,cve,unauth,wpscan,wp-plugin,wp,sqli,wordpress,master-elements,devbunch
tags: time-based-sqli,cve2022,cve,unauth,wpscan,wp-plugin,wp,sqli,wordpress,master-elements,devbunch
http:
- raw:

View File

@ -29,7 +29,7 @@ info:
vendor: quantumcloud
product: infographic_maker
framework: wordpress
tags: time-based,cve,cve2022,sqli,wordpress,wp-plugin,wp,infographic-and-list-builder-ilist,wpscan,quantumcloud
tags: time-based-sqli,cve,cve2022,sqli,wordpress,wp-plugin,wp,infographic-and-list-builder-ilist,wpscan,quantumcloud
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
vendor: quantumcloud
product: simple_link_directory
framework: wordpress
tags: time-based,cve,cve2022,sqli,wordpress,wp-plugin,wp,simple-link-directory,unauth,wpscan,quantumcloud
tags: time-based-sqli,cve,cve2022,sqli,wordpress,wp-plugin,wp,simple-link-directory,unauth,wpscan,quantumcloud
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
vendor: usersultra
product: users_ultra
framework: wordpress
tags: time-based,cve,cve2022,wp,users-ultra,wpscan,sqli,wordpress,wp-plugin,usersultra
tags: time-based-sqli,cve,cve2022,wp,users-ultra,wpscan,sqli,wordpress,wp-plugin,usersultra
http:
- raw:

View File

@ -28,7 +28,7 @@ info:
vendor: documentor_project
product: documentor
framework: wordpress
tags: time-based,cve2022,cve,unauth,sqli,wp-plugin,wp,documentor-lite,wpscan,wordpress,documentor_project
tags: time-based-sqli,cve2022,cve,unauth,sqli,wp-plugin,wp,documentor-lite,wpscan,wordpress,documentor_project
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
vendor: title_experiments_free_project
product: title_experiments_free
framework: wordpress
tags: time-based,cve2022,cve,wpscan,wp-plugin,wp,sqli,wp-experiments-free,unauth,wordpress,title_experiments_free_project
tags: time-based-sqli,cve2022,cve,wpscan,wp-plugin,wp,sqli,wp-experiments-free,unauth,wordpress,title_experiments_free_project
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
vendor: daily_prayer_time_project
product: daily_prayer_time
framework: wordpress
tags: time-based,cve2022,cve,sqli,wordpress,wp-plugin,unauth,daily-prayer-time-for-mosques,wpscan,wp,daily_prayer_time_project
tags: time-based-sqli,cve2022,cve,sqli,wordpress,wp-plugin,unauth,daily-prayer-time-for-mosques,wpscan,wp,daily_prayer_time_project
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
vendor: iqonic
product: kivicare
framework: wordpress
tags: time-based,cve,cve2022,sqli,kivicare-clinic-management-system,unauth,wordpress,wp-plugin,wp,wpscan,iqonic
tags: time-based-sqli,cve,cve2022,sqli,kivicare-clinic-management-system,unauth,wordpress,wp-plugin,wp,wpscan,iqonic
http:
- raw:

View File

@ -26,7 +26,7 @@ info:
vendor: limit_login_attempts_project
product: limit_login_attempts
framework: wordpress
tags: time-based,cve,cve2022,wpscan,sqli,wordpress,wp-plugin,wp,wp-limit-failed-login-attempts,limit_login_attempts_project
tags: time-based-sqli,cve,cve2022,wpscan,sqli,wordpress,wp-plugin,wp,wp-limit-failed-login-attempts,limit_login_attempts_project
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
vendor: wpmet
product: wp_fundraising_donation_and_crowdfunding_platform
framework: wordpress
tags: time-based,cve,cve2022,sqli,wordpress,wp-plugin,wp,wp-fundraising-donation,unauth,wpscan,wpmet
tags: time-based-sqli,cve,cve2022,sqli,wordpress,wp-plugin,wp,wp-fundraising-donation,unauth,wpscan,wpmet
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
vendor: wp-video-gallery-free_project
product: wp-video-gallery-free
framework: wordpress
tags: time-based,cve,cve2022,wp-plugin,wpscan,wordpress,wp,sqli,wp-video-gallery-free,unauth,wp-video-gallery-free_project
tags: time-based-sqli,cve,cve2022,wp-plugin,wpscan,wordpress,wp,sqli,wp-video-gallery-free,unauth,wp-video-gallery-free_project
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
vendor: presspage
product: bestbooks
framework: wordpress
tags: time-based,cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,bestbooks,unauthenticated,presspage
tags: time-based-sqli,cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,bestbooks,unauthenticated,presspage
http:
- raw:

View File

@ -29,7 +29,7 @@ info:
vendor: speakout\!_email_petitions_project
product: speakout\!_email_petitions
framework: wordpress
tags: time-based,cve,cve2022,wordpress,wp-plugin,wp,unauth,wpscan,sqli,speakout,speakout-email-petitions,speakout\!_email_petitions_project
tags: time-based-sqli,cve,cve2022,wordpress,wp-plugin,wp,unauth,wpscan,sqli,speakout,speakout-email-petitions,speakout\!_email_petitions_project
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
vendor: reputeinfosystems
product: pricing_table
framework: wordpress
tags: time-based,cve,cve2022,unauth,wp,wordpress,wp-plugin,arprice-responsive-pricing-table,sqli,wpscan,reputeinfosystems
tags: time-based-sqli,cve,cve2022,unauth,wp,wordpress,wp-plugin,arprice-responsive-pricing-table,sqli,wpscan,reputeinfosystems
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
vendor: pluginbazaar
product: order_listener_for_woocommerce
framework: wordpress
tags: time-based,cve,cve2022,wp,unauth,sqli,woc-order-alert,wpscan,wordpress,wp-plugin,pluginbazaar
tags: time-based-sqli,cve,cve2022,wp,unauth,sqli,woc-order-alert,wpscan,wordpress,wp-plugin,pluginbazaar
http:
- raw:

View File

@ -29,7 +29,7 @@ info:
vendor: stopbadbots
product: block_and_stop_bad_bots
framework: wordpress
tags: time-based,cve,cve2022,stopbadbots,wp-plugin,wp,unauth,wpscan,sqli,wordpress
tags: time-based-sqli,cve,cve2022,stopbadbots,wp-plugin,wp,unauth,wpscan,sqli,wordpress
variables:
IP: '{{rand_ip("1.1.1.0/24")}}'

View File

@ -29,7 +29,7 @@ info:
vendor: ays-pro
product: personal_dictionary
framework: wordpress
tags: time-based,cve,cve2022,wp,unauth,wpscan,sqli,wordpress,wp-plugin,personal-dictionary,ays-pro
tags: time-based-sqli,cve,cve2022,wp,unauth,wpscan,sqli,wordpress,wp-plugin,personal-dictionary,ays-pro
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
vendor: varktech
product: pricing_deals_for_woocommerce
framework: wordpress
tags: time-based,cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,pricing-deals-for-woocommerce,unauth,varktech
tags: time-based-sqli,cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,pricing-deals-for-woocommerce,unauth,varktech
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
vendor: carrcommunications
product: rsvpmaker
framework: wordpress
tags: time-based,cve,cve2022,wordpress,wp-plugin,wp,sqli,rsvpmaker,carrcommunications
tags: time-based-sqli,cve,cve2022,wordpress,wp-plugin,wp,sqli,rsvpmaker,carrcommunications
http:
- raw:

View File

@ -28,7 +28,7 @@ info:
max-request: 1
vendor: camptocamp
product: terraboard
tags: time-based,cve,cve2022,terraboard,sqli,huntr,camptocamp
tags: time-based-sqli,cve,cve2022,terraboard,sqli,huntr,camptocamp
http:
- raw:

View File

@ -31,7 +31,7 @@ info:
shodan-query:
- "http.component:\"Prestashop\""
- http.component:"prestashop"
tags: time-based,cve,cve2022,packetstorm,prestashop,sqli,unauth,apollotheme
tags: time-based-sqli,cve,cve2022,packetstorm,prestashop,sqli,unauth,apollotheme
http:
- raw:

View File

@ -28,7 +28,7 @@ info:
max-request: 1
vendor: thedigitalcraft
product: atomcms
tags: time-based,cve,cve2022,packetstorm,sqli,atom,cms,thedigitalcraft
tags: time-based-sqli,cve,cve2022,packetstorm,sqli,atom,cms,thedigitalcraft
http:
- raw:

View File

@ -29,7 +29,7 @@ info:
max-request: 2
vendor: cuppacms
product: cuppacms
tags: time-based,cve2022,cve,sqli,cuppa,authenticated,cuppacms
tags: time-based-sqli,cve2022,cve,sqli,cuppa,authenticated,cuppacms
http:
- raw:

View File

@ -29,7 +29,7 @@ info:
max-request: 2
vendor: cuppacms
product: cuppacms
tags: time-based,cve,cve2022,sqli,cuppa,authenticated,cuppacms
tags: time-based-sqli,cve,cve2022,sqli,cuppa,authenticated,cuppacms
http:
- raw:

View File

@ -27,7 +27,7 @@ info:
max-request: 1
vendor: garage_management_system_project
product: garage_management_system
tags: time-based,cve,cve2022,sourcecodester,garagemanagementsystem,sqli,garage_management_system_project
tags: time-based-sqli,cve,cve2022,sourcecodester,garagemanagementsystem,sqli,garage_management_system_project
http:
- raw:

View File

@ -31,7 +31,7 @@ info:
fofa-query: body=/wp-content/plugins/wp-statistics/
publicwww-query: /wp-content/plugins/wp-statistics/
google-query: inurl:/wp-content/plugins/wp-statistics
tags: time-based,cve,cve2022,packetstorm,sqli,wpscan,wordpress,wp-plugin,wp,wp-statistics,veronalabs
tags: time-based-sqli,cve,cve2022,packetstorm,sqli,wpscan,wordpress,wp-plugin,wp,wp-statistics,veronalabs
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
fofa-query: body=/wp-content/plugins/wp-statistics/
publicwww-query: "/wp-content/plugins/wp-statistics/"
google-query: inurl:/wp-content/plugins/wp-statistics
tags: time-based,cve2022,cve,sqli,wpscan,wordpress,wp-plugin,wp,wp-statistics,veronalabs
tags: time-based-sqli,cve2022,cve,sqli,wpscan,wordpress,wp-plugin,wp,wp-statistics,veronalabs
http:
- raw:

View File

@ -28,7 +28,7 @@ info:
max-request: 2
vendor: cuppacms
product: cuppacms
tags: time-based,cve,cve2022,sqli,cuppa,authenticated,cuppacms
tags: time-based-sqli,cve,cve2022,sqli,cuppa,authenticated,cuppacms
http:
- raw:

View File

@ -27,7 +27,7 @@ info:
max-request: 1
vendor: thedigitalcraft
product: atomcms
tags: time-based,cve,cve2022,sqli,atom,cms,thedigitalcraft
tags: time-based-sqli,cve,cve2022,sqli,atom,cms,thedigitalcraft
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
shodan-query: http.html:/wp-content/plugins/nex-forms-express-wp-form-builder/
fofa-query: body=/wp-content/plugins/nex-forms-express-wp-form-builder/
publicwww-query: /wp-content/plugins/nex-forms-express-wp-form-builder/
tags: time-based,cve,cve2022,wpscan,packetstorm,wordpress,sqli,wp-plugin,wp,authenticated,basixonline
tags: time-based-sqli,cve,cve2022,wpscan,packetstorm,wordpress,sqli,wp-plugin,wp,authenticated,basixonline
http:
- raw:

View File

@ -39,7 +39,7 @@ info:
google-query:
- intitle:"linear emerge"
- intitle:"emerge"
tags: time-based,cve,cve2022,packetstorm,emerge,rce,nortekcontrol
tags: time-based-sqli,cve,cve2022,packetstorm,emerge,rce,nortekcontrol
http:
- raw:

View File

@ -27,7 +27,7 @@ info:
max-request: 1
vendor: online_fire_reporting_system_project
product: online_fire_reporting_system
tags: time-based,cve,cve2022,sqli,online-fire-reporting,online_fire_reporting_system_project
tags: time-based-sqli,cve,cve2022,sqli,online-fire-reporting,online_fire_reporting_system_project
http:
- raw:

View File

@ -27,7 +27,7 @@ info:
max-request: 1
vendor: online_fire_reporting_system_project
product: online_fire_reporting_system
tags: time-based,cve,cve2022,sqli,online-fire-reporting,online_fire_reporting_system_project
tags: time-based-sqli,cve,cve2022,sqli,online-fire-reporting,online_fire_reporting_system_project
http:
- raw:

View File

@ -27,7 +27,7 @@ info:
max-request: 1
vendor: online_fire_reporting_system_project
product: online_fire_reporting_system
tags: time-based,cve,cve2022,sqli,online-fire-reporting,online_fire_reporting_system_project
tags: time-based-sqli,cve,cve2022,sqli,online-fire-reporting,online_fire_reporting_system_project
http:
- raw:

View File

@ -33,7 +33,7 @@ info:
shodan-query: http.html:"wp-stats-manager"
fofa-query: body="wp-stats-manager"
google-query: inurl:"/wp-content/plugins/wp-stats-manager"
tags: time-based,cve2022,cve,wordpress,wp-plugin,wp,unauth,sqli,wp-stats-manager,plugins-market
tags: time-based-sqli,cve2022,cve,wordpress,wp-plugin,wp,unauth,sqli,wp-stats-manager,plugins-market
http:
- raw:

View File

@ -29,7 +29,7 @@ info:
vendor: wpsmartcontracts
product: wpsmartcontracts
framework: wordpress
tags: time-based,cve,cve2022,wp-smart-contracts,wpscan,wp-plugin,sqli,wordpress,wp,authenticated,wpsmartcontracts
tags: time-based-sqli,cve,cve2022,wp-smart-contracts,wpscan,wp-plugin,sqli,wordpress,wp,authenticated,wpsmartcontracts
http:
- raw:

View File

@ -27,7 +27,7 @@ info:
max-request: 1
vendor: ibax
product: go-ibax
tags: time-based,cve2022,cve,ibax,go-ibax,sqli
tags: time-based-sqli,cve2022,cve,ibax,go-ibax,sqli
http:
- raw:

View File

@ -25,7 +25,7 @@ info:
max-request: 1
vendor: simple_task_managing_system_project
product: simple_task_managing_system
tags: time-based,cve,cve2022,packetstorm,simple-task,stms,sqli,simple_task_managing_system_project
tags: time-based-sqli,cve,cve2022,packetstorm,simple-task,stms,sqli,simple_task_managing_system_project
http:
- raw:

View File

@ -28,7 +28,7 @@ info:
shodan-query: http.html:/wp-content/plugins/wp-user/
fofa-query: body=/wp-content/plugins/wp-user/
publicwww-query: /wp-content/plugins/wp-user/
tags: time-based,cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,wp-user,unauth,wp_user_project
tags: time-based-sqli,cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,wp-user,unauth,wp_user_project
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
vendor: beardev
product: joomsport
framework: wordpress
tags: time-based,cve,cve2022,wpscan,wp-plugin,wp,joomsport-sports-league-results-management,wordpress,sqli,unauth,beardev
tags: time-based-sqli,cve,cve2022,wpscan,wp-plugin,wp,joomsport-sports-league-results-management,wordpress,sqli,unauth,beardev
http:
- raw:

View File

@ -28,7 +28,7 @@ info:
shodan-query: http.html:/wp-content/plugins/cryptocurrency-widgets-pack/
fofa-query: body=/wp-content/plugins/cryptocurrency-widgets-pack/
publicwww-query: /wp-content/plugins/cryptocurrency-widgets-pack/
tags: time-based,cve,cve2022,wp,wp-plugin,wordpress,wpscan,sqli,blocksera
tags: time-based-sqli,cve,cve2022,wp,wp-plugin,wordpress,wpscan,sqli,blocksera
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
vendor: iws-geo-form-fields_project
product: iws-geo-form-fields
framework: wordpress
tags: time-based,cve,cve2022,sqli,wordpress,wp-plugin,wp,iws-geo-form-fields,wpscan,iws-geo-form-fields_project
tags: time-based-sqli,cve,cve2022,sqli,wordpress,wp-plugin,wp,iws-geo-form-fields,wpscan,iws-geo-form-fields_project
http:
- raw:

View File

@ -24,7 +24,7 @@ info:
max-request: 2
vendor: webtareas_project
product: webtareas
tags: time-based,cve,cve2022,sqli,webtareas,authenticated,intrusive,webtareas_project
tags: time-based-sqli,cve,cve2022,sqli,webtareas,authenticated,intrusive,webtareas_project
http:
- raw:

View File

@ -24,7 +24,7 @@ info:
max-request: 2
vendor: webtareas_project
product: webtareas
tags: time-based,cve,cve2022,sqli,webtareas,authenticated,intrusive,webtareas_project
tags: time-based-sqli,cve,cve2022,sqli,webtareas,authenticated,intrusive,webtareas_project
http:
- raw:

View File

@ -29,7 +29,7 @@ info:
vendor: paytm
product: payment_gateway
framework: wordpress
tags: time-based,cve,cve2022,sqli,wordpress,wp-plugin,wp,paytm-payments,authenticated,paytm
tags: time-based-sqli,cve,cve2022,sqli,wordpress,wp-plugin,wp,paytm-payments,authenticated,paytm
http:
- raw:

View File

@ -28,7 +28,7 @@ info:
vendor: ljapps
product: wp_tripadvisor_review_slider
framework: wordpress
tags: time-based,cve2023,cve,wordpress,wp,wp-tripadvisor-review-slider,auth,sqli,wp-plugin,wpscan,ljapps
tags: time-based-sqli,cve2023,cve,wordpress,wp,wp-tripadvisor-review-slider,auth,sqli,wp-plugin,wpscan,ljapps
http:
- raw:

View File

@ -29,7 +29,7 @@ info:
fofa-query: body="wp-stats-manager"
google-query: inurl:"/wp-content/plugins/wp-stats-manager"
public-www: /wp-content/plugins/wp-stats-manager/
tags: time-based,cve,cve2023,wp,wp-plugin,wordpress,wpscan,unauth,wp-stats-manager,sqli,plugins-market
tags: time-based-sqli,cve,cve2023,wp,wp-plugin,wordpress,wpscan,unauth,wp-stats-manager,sqli,plugins-market
variables:
str: '{{rand_int(100000, 999999)}}'

View File

@ -29,7 +29,7 @@ info:
vendor: wp-slimstat
product: slimstat_analytics
framework: wordpress
tags: time-based,cve2023,cve,wpscan,wp-slimstat,wp,wp-plugin,sqli,wordpress,authenticated
tags: time-based-sqli,cve2023,cve,wpscan,wp-slimstat,wp,wp-plugin,sqli,wordpress,authenticated
http:
- raw:

View File

@ -27,7 +27,7 @@ info:
shodan-query: http.html:wp-content/plugins/ap-pricing-tables-lite
fofa-query: body=wp-content/plugins/ap-pricing-tables-lite
publicwww-query: "wp-content/plugins/ap-pricing-tables-lite"
tags: time-based,cve2023,cve,sqli,wordpress,wp-plugin,wp,authenticated,wpscan,ap-pricing-tables-lite,wpdevart
tags: time-based-sqli,cve2023,cve,sqli,wordpress,wp-plugin,wp,authenticated,wpscan,ap-pricing-tables-lite,wpdevart
http:
- raw:

View File

@ -27,7 +27,7 @@ info:
shodan-query: http.html:/wp-content/plugins/video-list-manager/
fofa-query: body=/wp-content/plugins/video-list-manager/
publicwww-query: /wp-content/plugins/video-list-manager/
tags: time-based,cve,cve2023,wpscan,sqli,wordpress,wp-plugin,wp,authenticated,video_list_manager_project
tags: time-based-sqli,cve,cve2023,wpscan,sqli,wordpress,wp-plugin,wp,authenticated,video_list_manager_project
http:
- raw:

View File

@ -28,7 +28,7 @@ info:
vendor: supportcandy
product: supportcandy
framework: wordpress
tags: time-based,cve2023,cve,sqli,wpscan,wordpress,supportcandy,unauth
tags: time-based-sqli,cve2023,cve,sqli,wpscan,wordpress,supportcandy,unauth
http:
- raw:

View File

@ -29,7 +29,7 @@ info:
max-request: 1
vendor: purchase_order_management_system_project
product: purchase_order_management_system
tags: time-based,cve2023,cve,sqli,purchase-order-management-system,purchase_order_management_system_project
tags: time-based-sqli,cve2023,cve,sqli,purchase-order-management-system,purchase_order_management_system_project
http:
- method: GET

View File

@ -34,7 +34,7 @@ info:
fofa-query: body=/wp-content/plugins/paid-memberships-pro/
publicwww-query: /wp-content/plugins/paid-memberships-pro/
google-query: inurl:"/wp-content/plugins/paid-memberships-pro"
tags: time-based,cve2023,cve,paid-memberships-pro,wordpress,tenable,packetstorm,wp-plugin,sqli,wp,strangerstudios
tags: time-based-sqli,cve2023,cve,paid-memberships-pro,wordpress,tenable,packetstorm,wp-plugin,sqli,wp,strangerstudios
http:
- raw:

View File

@ -30,7 +30,7 @@ info:
vendor: sandhillsdev
product: easy_digital_downloads
framework: wordpress
tags: time-based,cve,cve2023,easy-digital-downloads,unauth,wpscan,wordpress,wp,wp-plugin,sqli,tenable,sandhillsdev
tags: time-based-sqli,cve,cve2023,easy-digital-downloads,unauth,wpscan,wordpress,wp,wp-plugin,sqli,tenable,sandhillsdev
http:
- raw:

View File

@ -24,7 +24,7 @@ info:
product: "popup_module_\\(on_entering\\,_exit_popup\\,_add_product\\)_and_newsletter"
framework: prestashop
shodan-query: "http.component:\"prestashop\""
tags: time-based,cve,cve2023,sqli,prestashop,advancedpopupcreator,idnovate
tags: time-based-sqli,cve,cve2023,sqli,prestashop,advancedpopupcreator,idnovate
http:
- raw:

View File

@ -29,7 +29,7 @@ info:
vendor: joommasters
product: jms_blog
framework: prestashop
tags: time-based,cve2023,cve,prestashop,prestashop-module,sqli,intrusive,joommasters
tags: time-based-sqli,cve2023,cve,prestashop,prestashop-module,sqli,intrusive,joommasters
flow: http(1) && http(2)

View File

@ -24,7 +24,7 @@ info:
framework: prestashop
shodan-query: html:"/xipblog"
fofa-query: app="Prestashop"
tags: time-based,cve,cve2023,prestashop,sqli,xipblog
tags: time-based-sqli,cve,cve2023,prestashop,sqli,xipblog
flow: http(1) && http(2)

View File

@ -30,7 +30,7 @@ info:
framework: wordpress
shodan-query: http.html:"/wp-content/plugins/gift-voucher/"
fofa-query: "body=\"/wp-content/plugins/gift-voucher/\""
tags: time-based,cve,cve2023,wordpress,wp,wp-plugin,sqli,unauth,gift-voucher,codemenschen
tags: time-based-sqli,cve,cve2023,wordpress,wp,wp-plugin,sqli,unauth,gift-voucher,codemenschen
flow: http(1) && http(2)
http:

View File

@ -32,7 +32,7 @@ info:
shodan-query:
- http.component:"Prestashop"
- http.component:"prestashop"
tags: time-based,cve2023,cve,prestashop,sqli,leotheme
tags: time-based-sqli,cve2023,cve,prestashop,sqli,leotheme
http:
- raw:

View File

@ -29,7 +29,7 @@ info:
publicwww-query: "/wp-content/plugins/mstore-api/"
shodan-query: http.html:/wp-content/plugins/mstore-api/
fofa-query: body=/wp-content/plugins/mstore-api/
tags: time-based,cve,cve2023,wpscan,wordpress,wp-plugin,wp,mstore-api,sqli,inspireui
tags: time-based-sqli,cve,cve2023,wpscan,wordpress,wp-plugin,wp,mstore-api,sqli,inspireui
flow: http(1) && http(2)
http:

View File

@ -26,7 +26,7 @@ info:
fofa-query:
- "Powered by bloofoxCMS"
- powered by bloofoxcms
tags: time-based,cve2023,cve,sqli,bloofox,authenticated
tags: time-based-sqli,cve2023,cve,sqli,bloofox,authenticated
http:
- raw:

View File

@ -28,7 +28,7 @@ info:
fofa-query:
- "Powered by bloofoxCMS"
- powered by bloofoxcms
tags: time-based,cve,cve2023,sqli,bloofox,authenticated
tags: time-based-sqli,cve,cve2023,sqli,bloofox,authenticated
http:
- raw:

View File

@ -26,7 +26,7 @@ info:
fofa-query:
- "Powered by bloofoxCMS"
- powered by bloofoxcms
tags: time-based,cve,cve2023,sqli,bloofox,authenticated
tags: time-based-sqli,cve,cve2023,sqli,bloofox,authenticated
http:
- raw:

Some files were not shown because too many files have changed in this diff Show More