diff --git a/http/cves/2024/CVE-2024-28397.yaml b/http/cves/2024/CVE-2024-28397.yaml
index 8332c540ea..cf60386126 100644
--- a/http/cves/2024/CVE-2024-28397.yaml
+++ b/http/cves/2024/CVE-2024-28397.yaml
@@ -21,17 +21,9 @@ info:
     max-request: 1
     vendor: pyload
     product: pyload
-    shodan-query:
-      - http.title:"login - pyload"
-      - http.html:"pyload"
-      - http.title:"pyload"
-    fofa-query:
-      - body="pyload"
-      - title="login - pyload"
-      - title="pyload"
-    google-query:
-      - intitle:"pyload"
-      - intitle:"login - pyload"
+    shodan-query: http.html:"pyload"
+    fofa-query: body="pyload"
+    google-query: intitle:"pyload"
     zoomeye-query: app:"pyload"
   tags: cve,cve2024,pyload,js2py,rce,oast