diff --git a/dast/vulnerabilities/sqli/time-based-sqli.yaml b/dast/vulnerabilities/sqli/time-based-sqli.yaml index 3b7946edbf..e659b7f2d9 100644 --- a/dast/vulnerabilities/sqli/time-based-sqli.yaml +++ b/dast/vulnerabilities/sqli/time-based-sqli.yaml @@ -6,7 +6,7 @@ info: severity: critical description: | This Template detects time-based Blind SQL Injection vulnerability - tags: sqli,dast,time-based,blind + tags: time-based,sqli,dast,time-based,blind flow: http(1) && http(2) diff --git a/http/cves/2015/CVE-2015-2196.yaml b/http/cves/2015/CVE-2015-2196.yaml index 7e901fa40c..20bae87ce5 100644 --- a/http/cves/2015/CVE-2015-2196.yaml +++ b/http/cves/2015/CVE-2015-2196.yaml @@ -28,7 +28,7 @@ info: vendor: web-dorado product: spider_calendar framework: wordpress - tags: cve2015,cve,wordpress,wp,sqli,wpscan,wp-plugin,spider-event-calendar,unauth,edb,web-dorado + tags: time-based,cve2015,cve,wordpress,wp,sqli,wpscan,wp-plugin,spider-event-calendar,unauth,edb,web-dorado http: - raw: diff --git a/http/cves/2015/CVE-2015-4062.yaml b/http/cves/2015/CVE-2015-4062.yaml index 0d48f5a430..2ff30e4f32 100644 --- a/http/cves/2015/CVE-2015-4062.yaml +++ b/http/cves/2015/CVE-2015-4062.yaml @@ -30,7 +30,7 @@ info: vendor: newstatpress_project product: newstatpress framework: wordpress - tags: cve2015,cve,authenticated,sqli,wp-plugin,newstatpress,packetstorm,wordpress,wp,newstatpress_project + tags: time-based,cve2015,cve,authenticated,sqli,wp-plugin,newstatpress,packetstorm,wordpress,wp,newstatpress_project http: - raw: diff --git a/http/cves/2015/CVE-2015-9323.yaml b/http/cves/2015/CVE-2015-9323.yaml index e3d78373a4..17c3be3d27 100644 --- a/http/cves/2015/CVE-2015-9323.yaml +++ b/http/cves/2015/CVE-2015-9323.yaml @@ -29,7 +29,7 @@ info: vendor: duckdev product: 404_to_301 framework: wordpress - tags: cve2015,cve,404-to-301,sqli,wpscan,wp-plugin,wp,wordpress,authenticated,duckdev + tags: time-based,cve2015,cve,404-to-301,sqli,wpscan,wp-plugin,wp,wordpress,authenticated,duckdev http: - raw: diff --git a/http/cves/2018/CVE-2018-16159.yaml b/http/cves/2018/CVE-2018-16159.yaml index 94f72485c7..e45a3367df 100644 --- a/http/cves/2018/CVE-2018-16159.yaml +++ b/http/cves/2018/CVE-2018-16159.yaml @@ -31,7 +31,7 @@ info: framework: wordpress shodan-query: http.html:"/wp-content/plugins/gift-voucher/" fofa-query: body="/wp-content/plugins/gift-voucher/" - tags: cve,cve2018,sqli,wordpress,unauth,wp,gift-voucher,edb,wpscan,wp-plugin,codemenschen + tags: time-based,cve,cve2018,sqli,wordpress,unauth,wp,gift-voucher,edb,wpscan,wp-plugin,codemenschen http: - raw: diff --git a/http/cves/2018/CVE-2018-7282.yaml b/http/cves/2018/CVE-2018-7282.yaml index 5827e2264a..7a0be7e458 100644 --- a/http/cves/2018/CVE-2018-7282.yaml +++ b/http/cves/2018/CVE-2018-7282.yaml @@ -31,7 +31,7 @@ info: fofa-query: title="printmonitor" google-query: intitle:"printmonitor" product": printmonitor - tags: cve2018,cve,sqli,printmonitor,unauth,titool + tags: time-based,cve2018,cve,sqli,printmonitor,unauth,titool variables: username: "{{rand_base(6)}}" password: "{{rand_base(8)}}" diff --git a/http/cves/2019/CVE-2019-7139.yaml b/http/cves/2019/CVE-2019-7139.yaml index 6d805e6ae3..83ee6bc127 100644 --- a/http/cves/2019/CVE-2019-7139.yaml +++ b/http/cves/2019/CVE-2019-7139.yaml @@ -32,7 +32,7 @@ info: - http.component:"Magento" - cpe:"cpe:2.3:a:magento:magento" - http.component:"magento" - tags: cve,cve2019,sqli,magento + tags: time-based,cve,cve2019,sqli,magento flow: http(1) && http(2) diff --git a/http/cves/2020/CVE-2020-11530.yaml b/http/cves/2020/CVE-2020-11530.yaml index 563a6aea87..49e61d4230 100644 --- a/http/cves/2020/CVE-2020-11530.yaml +++ b/http/cves/2020/CVE-2020-11530.yaml @@ -30,7 +30,7 @@ info: vendor: idangero product: chop_slider framework: wordpress - tags: cve,cve2020,wpscan,seclists,sqli,wordpress,wp-plugin,wp,chopslider,unauth,idangero + tags: time-based,cve,cve2020,wpscan,seclists,sqli,wordpress,wp-plugin,wp,chopslider,unauth,idangero http: - raw: diff --git a/http/cves/2020/CVE-2020-17463.yaml b/http/cves/2020/CVE-2020-17463.yaml index be557f5a60..84344bbe03 100644 --- a/http/cves/2020/CVE-2020-17463.yaml +++ b/http/cves/2020/CVE-2020-17463.yaml @@ -31,7 +31,7 @@ info: shodan-query: http.title:"fuel cms" fofa-query: title="fuel cms" google-query: intitle:"fuel cms" - tags: cve,cve2020,packetstorm,sqli,fuel-cms,kev,thedaylightstudio + tags: time-based,cve,cve2020,packetstorm,sqli,fuel-cms,kev,thedaylightstudio http: - raw: diff --git a/http/cves/2020/CVE-2020-26248.yaml b/http/cves/2020/CVE-2020-26248.yaml index 98be999570..3d08387878 100644 --- a/http/cves/2020/CVE-2020-26248.yaml +++ b/http/cves/2020/CVE-2020-26248.yaml @@ -29,7 +29,7 @@ info: vendor: prestashop product: productcomments framework: prestashop - tags: cve,cve2020,packetstorm,sqli,prestshop,prestashop + tags: time-based,cve,cve2020,packetstorm,sqli,prestshop,prestashop http: - raw: diff --git a/http/cves/2020/CVE-2020-27481.yaml b/http/cves/2020/CVE-2020-27481.yaml index d697b3fbac..43c0ae2c7f 100644 --- a/http/cves/2020/CVE-2020-27481.yaml +++ b/http/cves/2020/CVE-2020-27481.yaml @@ -27,7 +27,7 @@ info: vendor: goodlayers product: good_learning_management_system framework: wordpress - tags: cve,cve2020,goodlayerslms,sqli,wpscan,goodlayers,wordpress + tags: time-based,cve,cve2020,goodlayerslms,sqli,wpscan,goodlayers,wordpress http: - raw: diff --git a/http/cves/2021/CVE-2021-24340.yaml b/http/cves/2021/CVE-2021-24340.yaml index 39c1dd22aa..f1df9c40a3 100644 --- a/http/cves/2021/CVE-2021-24340.yaml +++ b/http/cves/2021/CVE-2021-24340.yaml @@ -30,7 +30,7 @@ info: fofa-query: body=/wp-content/plugins/wp-statistics/ publicwww-query: /wp-content/plugins/wp-statistics/ google-query: inurl:/wp-content/plugins/wp-statistics - tags: cve2021,cve,wp-plugin,unauth,wpscan,wordpress,sqli,blind,edb,veronalabs + tags: time-based,cve2021,cve,wp-plugin,unauth,wpscan,wordpress,sqli,blind,edb,veronalabs http: - raw: diff --git a/http/cves/2021/CVE-2021-24442.yaml b/http/cves/2021/CVE-2021-24442.yaml index 7c58ab2792..ab9b394ac2 100644 --- a/http/cves/2021/CVE-2021-24442.yaml +++ b/http/cves/2021/CVE-2021-24442.yaml @@ -28,7 +28,7 @@ info: shodan-query: http.html:/wp-content/plugins/polls-widget/ fofa-query: body=/wp-content/plugins/polls-widget/ publicwww-query: "/wp-content/plugins/polls-widget/" - tags: wpscan,cve,cve2021,wp,wp-plugin,wordpress,polls-widget,sqli,wpdevart + tags: time-based,wpscan,cve,cve2021,wp,wp-plugin,wordpress,polls-widget,sqli,wpdevart http: - raw: diff --git a/http/cves/2021/CVE-2021-24554.yaml b/http/cves/2021/CVE-2021-24554.yaml index 42fafa94e4..b805ade23f 100644 --- a/http/cves/2021/CVE-2021-24554.yaml +++ b/http/cves/2021/CVE-2021-24554.yaml @@ -30,7 +30,7 @@ info: vendor: freelancetoindia product: paytm-pay framework: wordpress - tags: cve,cve2021,sqli,wordpress,wp-plugin,wp,wp-paytm-pay,wpscan,freelancetoindia + tags: time-based,cve,cve2021,sqli,wordpress,wp-plugin,wp,wp-paytm-pay,wpscan,freelancetoindia http: - raw: diff --git a/http/cves/2021/CVE-2021-24731.yaml b/http/cves/2021/CVE-2021-24731.yaml index b642376aba..ca38b8ab64 100644 --- a/http/cves/2021/CVE-2021-24731.yaml +++ b/http/cves/2021/CVE-2021-24731.yaml @@ -27,7 +27,7 @@ info: vendor: genetechsolutions product: pie_register framework: wordpress - tags: cve,cve2021,sqli,wpscan,wordpress,wp-plugin,wp,pie-register,unauth,genetechsolutions + tags: time-based,cve,cve2021,sqli,wpscan,wordpress,wp-plugin,wp,pie-register,unauth,genetechsolutions http: - raw: diff --git a/http/cves/2021/CVE-2021-24762.yaml b/http/cves/2021/CVE-2021-24762.yaml index 38901f4239..a71caf93c7 100644 --- a/http/cves/2021/CVE-2021-24762.yaml +++ b/http/cves/2021/CVE-2021-24762.yaml @@ -28,7 +28,7 @@ info: vendor: getperfectsurvey product: perfect_survey framework: wordpress - tags: cve2021,cve,wpscan,sqli,wp,wordpress,wp-plugin,edb,getperfectsurvey + tags: time-based,cve2021,cve,wpscan,sqli,wp,wordpress,wp-plugin,edb,getperfectsurvey http: - raw: diff --git a/http/cves/2021/CVE-2021-24791.yaml b/http/cves/2021/CVE-2021-24791.yaml index f883fd42cc..1f08bbcc55 100644 --- a/http/cves/2021/CVE-2021-24791.yaml +++ b/http/cves/2021/CVE-2021-24791.yaml @@ -26,7 +26,7 @@ info: product: header_footer_code_manager framework: wordpress google-query: inurl:"/wp-content/plugins/wp-custom-pages/" - tags: cve2021,cve,wpscan,sqli,wp,wordpress,wp-plugin,authenticated,header-footer-code-manager,draftpress + tags: time-based,cve2021,cve,wpscan,sqli,wp,wordpress,wp-plugin,authenticated,header-footer-code-manager,draftpress http: - raw: diff --git a/http/cves/2021/CVE-2021-24827.yaml b/http/cves/2021/CVE-2021-24827.yaml index 7925cbc88c..fde59625e3 100644 --- a/http/cves/2021/CVE-2021-24827.yaml +++ b/http/cves/2021/CVE-2021-24827.yaml @@ -30,7 +30,7 @@ info: vendor: asgaros product: asgaros_forum framework: wordpress - tags: cve2021,cve,wp-plugin,asgaros-forum,unauth,wpscan,wordpress,wp,sqli,asgaros + tags: time-based,cve2021,cve,wp-plugin,asgaros-forum,unauth,wpscan,wordpress,wp,sqli,asgaros http: - raw: diff --git a/http/cves/2021/CVE-2021-24849.yaml b/http/cves/2021/CVE-2021-24849.yaml index 2eb2ddf359..2d72a46c4c 100644 --- a/http/cves/2021/CVE-2021-24849.yaml +++ b/http/cves/2021/CVE-2021-24849.yaml @@ -28,7 +28,7 @@ info: shodan-query: http.html:/wp-content/plugins/wc-multivendor-marketplace fofa-query: body=/wp-content/plugins/wc-multivendor-marketplace publicwww-query: "/wp-content/plugins/wc-multivendor-marketplace" - tags: wpscan,cve,cve2021,wp,wp-plugin,wordpress,wc-multivendor-marketplace,sqli,wclovers + tags: time-based,wpscan,cve,cve2021,wp,wp-plugin,wordpress,wc-multivendor-marketplace,sqli,wclovers flow: http(1) && http(2) http: diff --git a/http/cves/2021/CVE-2021-24862.yaml b/http/cves/2021/CVE-2021-24862.yaml index f9bb6eb8ce..ba6db346e0 100644 --- a/http/cves/2021/CVE-2021-24862.yaml +++ b/http/cves/2021/CVE-2021-24862.yaml @@ -29,7 +29,7 @@ info: vendor: metagauss product: registrationmagic framework: wordpress - tags: cve,cve2021,wpscan,wp-plugin,wordpress,wp,registrationmagic,sqli,authenticated,packetstorm,metagauss + tags: time-based,cve,cve2021,wpscan,wp-plugin,wordpress,wp,registrationmagic,sqli,authenticated,packetstorm,metagauss http: - raw: diff --git a/http/cves/2021/CVE-2021-24931.yaml b/http/cves/2021/CVE-2021-24931.yaml index 83aacd167d..819d02cb85 100644 --- a/http/cves/2021/CVE-2021-24931.yaml +++ b/http/cves/2021/CVE-2021-24931.yaml @@ -28,7 +28,7 @@ info: vendor: ays-pro product: secure_copy_content_protection_and_content_locking framework: wordpress - tags: cve2021,cve,wp-plugin,wp,packetstorm,unauth,wpscan,sqli,wordpress,secure-copy-content-protection,ays-pro + tags: time-based,cve2021,cve,wp-plugin,wp,packetstorm,unauth,wpscan,sqli,wordpress,secure-copy-content-protection,ays-pro http: - raw: diff --git a/http/cves/2021/CVE-2021-24943.yaml b/http/cves/2021/CVE-2021-24943.yaml index 8e3f4b39e3..ad8b050d79 100644 --- a/http/cves/2021/CVE-2021-24943.yaml +++ b/http/cves/2021/CVE-2021-24943.yaml @@ -28,7 +28,7 @@ info: shodan-query: http.html:/wp-content/plugins/registrations-for-the-events-calendar/ fofa-query: body=/wp-content/plugins/registrations-for-the-events-calendar/ publicwww-query: "/wp-content/plugins/registrations-for-the-events-calendar/" - tags: wpscan,cve,cve2021,wp,wp-plugin,wordpress,sqli,registrations-for-the-events-calendar,roundupwp + tags: time-based,wpscan,cve,cve2021,wp,wp-plugin,wordpress,sqli,registrations-for-the-events-calendar,roundupwp variables: text: "{{rand_base(5)}}" diff --git a/http/cves/2021/CVE-2021-24946.yaml b/http/cves/2021/CVE-2021-24946.yaml index ebcb0c2ff1..d7b6faaf85 100644 --- a/http/cves/2021/CVE-2021-24946.yaml +++ b/http/cves/2021/CVE-2021-24946.yaml @@ -30,7 +30,7 @@ info: vendor: webnus product: modern_events_calendar_lite framework: wordpress - tags: cve2021,cve,sqli,packetstorm,wp,wp-plugin,unauth,wpscan,modern-events-calendar-lite,wordpress,webnus + tags: time-based,cve2021,cve,sqli,packetstorm,wp,wp-plugin,unauth,wpscan,modern-events-calendar-lite,wordpress,webnus http: - raw: diff --git a/http/cves/2021/CVE-2021-25114.yaml b/http/cves/2021/CVE-2021-25114.yaml index 2510917b72..b36b3d3c3a 100644 --- a/http/cves/2021/CVE-2021-25114.yaml +++ b/http/cves/2021/CVE-2021-25114.yaml @@ -34,7 +34,7 @@ info: fofa-query: body=/wp-content/plugins/paid-memberships-pro/ publicwww-query: /wp-content/plugins/paid-memberships-pro/ google-query: inurl:"/wp-content/plugins/paid-memberships-pro" - tags: cve2021,cve,wp-plugin,wp,sqli,paid-memberships-pro,wpscan,wordpress,strangerstudios + tags: time-based,cve2021,cve,wp-plugin,wp,sqli,paid-memberships-pro,wpscan,wordpress,strangerstudios http: - raw: diff --git a/http/cves/2021/CVE-2021-25899.yaml b/http/cves/2021/CVE-2021-25899.yaml index 045514b774..8c5121af45 100644 --- a/http/cves/2021/CVE-2021-25899.yaml +++ b/http/cves/2021/CVE-2021-25899.yaml @@ -31,7 +31,7 @@ info: - html:"AURALL" - http.html:"aurall" fofa-query: body="aurall" - tags: cve2021,cve,sqli,void,aurall + tags: time-based,cve2021,cve,sqli,void,aurall http: - raw: diff --git a/http/cves/2021/CVE-2021-27314.yaml b/http/cves/2021/CVE-2021-27314.yaml index 597ac7088b..97ff095d00 100644 --- a/http/cves/2021/CVE-2021-27314.yaml +++ b/http/cves/2021/CVE-2021-27314.yaml @@ -27,7 +27,7 @@ info: max-request: 1 vendor: doctor_appointment_system_project product: doctor_appointment_system - tags: cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project + tags: time-based,cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project http: - raw: diff --git a/http/cves/2021/CVE-2021-27315.yaml b/http/cves/2021/CVE-2021-27315.yaml index 29c3843bb7..3ae5a8dde8 100644 --- a/http/cves/2021/CVE-2021-27315.yaml +++ b/http/cves/2021/CVE-2021-27315.yaml @@ -27,7 +27,7 @@ info: max-request: 1 vendor: doctor_appointment_system_project product: doctor_appointment_system - tags: cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project + tags: time-based,cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project http: - raw: diff --git a/http/cves/2021/CVE-2021-27316.yaml b/http/cves/2021/CVE-2021-27316.yaml index f88a3dea84..3d52672e27 100644 --- a/http/cves/2021/CVE-2021-27316.yaml +++ b/http/cves/2021/CVE-2021-27316.yaml @@ -27,7 +27,7 @@ info: max-request: 1 vendor: doctor_appointment_system_project product: doctor_appointment_system - tags: cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project + tags: time-based,cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project http: - raw: diff --git a/http/cves/2021/CVE-2021-27319.yaml b/http/cves/2021/CVE-2021-27319.yaml index adb48b1905..22fb0694ab 100644 --- a/http/cves/2021/CVE-2021-27319.yaml +++ b/http/cves/2021/CVE-2021-27319.yaml @@ -27,7 +27,7 @@ info: max-request: 1 vendor: doctor_appointment_system_project product: doctor_appointment_system - tags: cve2021,cve,packetstorm,sqli,doctor-appointment-system,doctor_appointment_system_project + tags: time-based,cve2021,cve,packetstorm,sqli,doctor-appointment-system,doctor_appointment_system_project http: - raw: diff --git a/http/cves/2021/CVE-2021-27320.yaml b/http/cves/2021/CVE-2021-27320.yaml index fa759aecbd..e1e8dc5737 100644 --- a/http/cves/2021/CVE-2021-27320.yaml +++ b/http/cves/2021/CVE-2021-27320.yaml @@ -27,7 +27,7 @@ info: max-request: 1 vendor: doctor_appointment_system_project product: doctor_appointment_system - tags: cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project + tags: time-based,cve2021,cve,sqli,doctor-appointment-system,packetstorm,doctor_appointment_system_project http: - raw: diff --git a/http/cves/2021/CVE-2021-3110.yaml b/http/cves/2021/CVE-2021-3110.yaml index 556fd5a61d..fff87abf57 100644 --- a/http/cves/2021/CVE-2021-3110.yaml +++ b/http/cves/2021/CVE-2021-3110.yaml @@ -30,7 +30,7 @@ info: vendor: prestashop product: prestashop shodan-query: cpe:"cpe:2.3:a:prestashop:prestashop" - tags: cve,cve2021,sqli,prestshop,edb,prestashop + tags: time-based,cve,cve2021,sqli,prestshop,edb,prestashop http: - raw: diff --git a/http/cves/2021/CVE-2021-39165.yaml b/http/cves/2021/CVE-2021-39165.yaml index 71a29b1fb2..b4c8ed01e2 100644 --- a/http/cves/2021/CVE-2021-39165.yaml +++ b/http/cves/2021/CVE-2021-39165.yaml @@ -31,7 +31,7 @@ info: product: cachet shodan-query: http.favicon.hash:-1606065523 fofa-query: icon_hash=-1606065523 - tags: cve,cve2021,cachet,sqli,chachethq + tags: time-based,cve,cve2021,cachet,sqli,chachethq http: - raw: diff --git a/http/cves/2022/CVE-2022-0228.yaml b/http/cves/2022/CVE-2022-0228.yaml index 6eff669250..f3d606df33 100644 --- a/http/cves/2022/CVE-2022-0228.yaml +++ b/http/cves/2022/CVE-2022-0228.yaml @@ -29,7 +29,7 @@ info: shodan-query: http.html:/wp-content/plugins/popup-builder/ fofa-query: body=/wp-content/plugins/popup-builder/ publicwww-query: /wp-content/plugins/popup-builder/ - tags: cve2022,cve,wordpress,wp-plugin,wp,wpscan,popup-builder,sygnoos,sqli + tags: time-based,cve2022,cve,wordpress,wp-plugin,wp,wpscan,popup-builder,sygnoos,sqli http: - raw: diff --git a/http/cves/2022/CVE-2022-0349.yaml b/http/cves/2022/CVE-2022-0349.yaml index 0e34f8719d..746c28c42d 100644 --- a/http/cves/2022/CVE-2022-0349.yaml +++ b/http/cves/2022/CVE-2022-0349.yaml @@ -30,7 +30,7 @@ info: vendor: wpdeveloper product: notificationx framework: wordpress - tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,notificationx,wpscan,wpdeveloper + tags: time-based,cve,cve2022,wordpress,wp-plugin,wp,sqli,notificationx,wpscan,wpdeveloper http: - raw: diff --git a/http/cves/2022/CVE-2022-0412.yaml b/http/cves/2022/CVE-2022-0412.yaml index 7237f85616..e6534841d9 100644 --- a/http/cves/2022/CVE-2022-0412.yaml +++ b/http/cves/2022/CVE-2022-0412.yaml @@ -30,7 +30,7 @@ info: vendor: templateinvaders product: ti_woocommerce_wishlist framework: wordpress - tags: cve2022,cve,sqli,ti-woocommerce-wishlist,wpscan,woocommerce,wordpress,wp-plugin,wp,templateinvaders + tags: time-based,cve2022,cve,sqli,ti-woocommerce-wishlist,wpscan,woocommerce,wordpress,wp-plugin,wp,templateinvaders http: - raw: diff --git a/http/cves/2022/CVE-2022-0651.yaml b/http/cves/2022/CVE-2022-0651.yaml index 42e88e0bba..ee05a34997 100644 --- a/http/cves/2022/CVE-2022-0651.yaml +++ b/http/cves/2022/CVE-2022-0651.yaml @@ -31,7 +31,7 @@ info: fofa-query: body=/wp-content/plugins/wp-statistics/ publicwww-query: /wp-content/plugins/wp-statistics/ google-query: inurl:/wp-content/plugins/wp-statistics - tags: cve,cve2022,sqli,wp,wordpress,wp-plugin,wp-statistics,veronalabs + tags: time-based,cve,cve2022,sqli,wp,wordpress,wp-plugin,wp-statistics,veronalabs http: - raw: diff --git a/http/cves/2022/CVE-2022-0658.yaml b/http/cves/2022/CVE-2022-0658.yaml index f256e9836c..b714517af1 100644 --- a/http/cves/2022/CVE-2022-0658.yaml +++ b/http/cves/2022/CVE-2022-0658.yaml @@ -27,7 +27,7 @@ info: product: commonsbooking framework: wordpress google-query: inurl:/wp-content/plugin/commonsbooking/ - tags: cve,cve2022,wordpress,wp-plugin,wp,commonsbooking,sqli,wpscan,wielebenwir + tags: time-based,cve,cve2022,wordpress,wp-plugin,wp,commonsbooking,sqli,wpscan,wielebenwir http: - raw: diff --git a/http/cves/2022/CVE-2022-0693.yaml b/http/cves/2022/CVE-2022-0693.yaml index c90a2d731c..c3bf42b592 100644 --- a/http/cves/2022/CVE-2022-0693.yaml +++ b/http/cves/2022/CVE-2022-0693.yaml @@ -30,7 +30,7 @@ info: vendor: devbunch product: master_elements framework: wordpress - tags: cve2022,cve,unauth,wpscan,wp-plugin,wp,sqli,wordpress,master-elements,devbunch + tags: time-based,cve2022,cve,unauth,wpscan,wp-plugin,wp,sqli,wordpress,master-elements,devbunch http: - raw: diff --git a/http/cves/2022/CVE-2022-0747.yaml b/http/cves/2022/CVE-2022-0747.yaml index 91dc1bd0c2..04f54f4175 100644 --- a/http/cves/2022/CVE-2022-0747.yaml +++ b/http/cves/2022/CVE-2022-0747.yaml @@ -29,7 +29,7 @@ info: vendor: quantumcloud product: infographic_maker framework: wordpress - tags: cve,cve2022,sqli,wordpress,wp-plugin,wp,infographic-and-list-builder-ilist,wpscan,quantumcloud + tags: time-based,cve,cve2022,sqli,wordpress,wp-plugin,wp,infographic-and-list-builder-ilist,wpscan,quantumcloud http: - raw: diff --git a/http/cves/2022/CVE-2022-0760.yaml b/http/cves/2022/CVE-2022-0760.yaml index 1d9a8d2123..3ea68cc374 100644 --- a/http/cves/2022/CVE-2022-0760.yaml +++ b/http/cves/2022/CVE-2022-0760.yaml @@ -30,7 +30,7 @@ info: vendor: quantumcloud product: simple_link_directory framework: wordpress - tags: cve,cve2022,sqli,wordpress,wp-plugin,wp,simple-link-directory,unauth,wpscan,quantumcloud + tags: time-based,cve,cve2022,sqli,wordpress,wp-plugin,wp,simple-link-directory,unauth,wpscan,quantumcloud http: - raw: diff --git a/http/cves/2022/CVE-2022-0769.yaml b/http/cves/2022/CVE-2022-0769.yaml index bcd8a6a5d5..122e57dc11 100644 --- a/http/cves/2022/CVE-2022-0769.yaml +++ b/http/cves/2022/CVE-2022-0769.yaml @@ -30,7 +30,7 @@ info: vendor: usersultra product: users_ultra framework: wordpress - tags: cve,cve2022,wp,users-ultra,wpscan,sqli,wordpress,wp-plugin,usersultra + tags: time-based,cve,cve2022,wp,users-ultra,wpscan,sqli,wordpress,wp-plugin,usersultra http: - raw: diff --git a/http/cves/2022/CVE-2022-0773.yaml b/http/cves/2022/CVE-2022-0773.yaml index 466a26aa73..dac85971a4 100644 --- a/http/cves/2022/CVE-2022-0773.yaml +++ b/http/cves/2022/CVE-2022-0773.yaml @@ -28,7 +28,7 @@ info: vendor: documentor_project product: documentor framework: wordpress - tags: cve2022,cve,unauth,sqli,wp-plugin,wp,documentor-lite,wpscan,wordpress,documentor_project + tags: time-based,cve2022,cve,unauth,sqli,wp-plugin,wp,documentor-lite,wpscan,wordpress,documentor_project http: - raw: diff --git a/http/cves/2022/CVE-2022-0784.yaml b/http/cves/2022/CVE-2022-0784.yaml index 9dd5ab1005..a126d03354 100644 --- a/http/cves/2022/CVE-2022-0784.yaml +++ b/http/cves/2022/CVE-2022-0784.yaml @@ -30,7 +30,7 @@ info: vendor: title_experiments_free_project product: title_experiments_free framework: wordpress - tags: cve2022,cve,wpscan,wp-plugin,wp,sqli,wp-experiments-free,unauth,wordpress,title_experiments_free_project + tags: time-based,cve2022,cve,wpscan,wp-plugin,wp,sqli,wp-experiments-free,unauth,wordpress,title_experiments_free_project http: - raw: diff --git a/http/cves/2022/CVE-2022-0785.yaml b/http/cves/2022/CVE-2022-0785.yaml index 60f114071f..1ea38cad7e 100644 --- a/http/cves/2022/CVE-2022-0785.yaml +++ b/http/cves/2022/CVE-2022-0785.yaml @@ -30,7 +30,7 @@ info: vendor: daily_prayer_time_project product: daily_prayer_time framework: wordpress - tags: cve2022,cve,sqli,wordpress,wp-plugin,unauth,daily-prayer-time-for-mosques,wpscan,wp,daily_prayer_time_project + tags: time-based,cve2022,cve,sqli,wordpress,wp-plugin,unauth,daily-prayer-time-for-mosques,wpscan,wp,daily_prayer_time_project http: - raw: diff --git a/http/cves/2022/CVE-2022-0786.yaml b/http/cves/2022/CVE-2022-0786.yaml index 937ff593aa..3ac92d8cc3 100644 --- a/http/cves/2022/CVE-2022-0786.yaml +++ b/http/cves/2022/CVE-2022-0786.yaml @@ -30,7 +30,7 @@ info: vendor: iqonic product: kivicare framework: wordpress - tags: cve,cve2022,sqli,kivicare-clinic-management-system,unauth,wordpress,wp-plugin,wp,wpscan,iqonic + tags: time-based,cve,cve2022,sqli,kivicare-clinic-management-system,unauth,wordpress,wp-plugin,wp,wpscan,iqonic http: - raw: diff --git a/http/cves/2022/CVE-2022-0787.yaml b/http/cves/2022/CVE-2022-0787.yaml index a727c46818..e34b703e26 100644 --- a/http/cves/2022/CVE-2022-0787.yaml +++ b/http/cves/2022/CVE-2022-0787.yaml @@ -26,7 +26,7 @@ info: vendor: limit_login_attempts_project product: limit_login_attempts framework: wordpress - tags: cve,cve2022,wpscan,sqli,wordpress,wp-plugin,wp,wp-limit-failed-login-attempts,limit_login_attempts_project + tags: time-based,cve,cve2022,wpscan,sqli,wordpress,wp-plugin,wp,wp-limit-failed-login-attempts,limit_login_attempts_project http: - raw: diff --git a/http/cves/2022/CVE-2022-0788.yaml b/http/cves/2022/CVE-2022-0788.yaml index fc98b5ed2a..1264ca0b5c 100644 --- a/http/cves/2022/CVE-2022-0788.yaml +++ b/http/cves/2022/CVE-2022-0788.yaml @@ -30,7 +30,7 @@ info: vendor: wpmet product: wp_fundraising_donation_and_crowdfunding_platform framework: wordpress - tags: cve,cve2022,sqli,wordpress,wp-plugin,wp,wp-fundraising-donation,unauth,wpscan,wpmet + tags: time-based,cve,cve2022,sqli,wordpress,wp-plugin,wp,wp-fundraising-donation,unauth,wpscan,wpmet http: - raw: diff --git a/http/cves/2022/CVE-2022-0826.yaml b/http/cves/2022/CVE-2022-0826.yaml index 9e3163229f..27db049a13 100644 --- a/http/cves/2022/CVE-2022-0826.yaml +++ b/http/cves/2022/CVE-2022-0826.yaml @@ -30,7 +30,7 @@ info: vendor: wp-video-gallery-free_project product: wp-video-gallery-free framework: wordpress - tags: cve,cve2022,wp-plugin,wpscan,wordpress,wp,sqli,wp-video-gallery-free,unauth,wp-video-gallery-free_project + tags: time-based,cve,cve2022,wp-plugin,wpscan,wordpress,wp,sqli,wp-video-gallery-free,unauth,wp-video-gallery-free_project http: - raw: diff --git a/http/cves/2022/CVE-2022-0827.yaml b/http/cves/2022/CVE-2022-0827.yaml index 8703340f0b..1167fc435d 100644 --- a/http/cves/2022/CVE-2022-0827.yaml +++ b/http/cves/2022/CVE-2022-0827.yaml @@ -30,7 +30,7 @@ info: vendor: presspage product: bestbooks framework: wordpress - tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,bestbooks,unauthenticated,presspage + tags: time-based,cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,bestbooks,unauthenticated,presspage http: - raw: diff --git a/http/cves/2022/CVE-2022-0846.yaml b/http/cves/2022/CVE-2022-0846.yaml index 9d8b1a34bf..9b5a838ab7 100644 --- a/http/cves/2022/CVE-2022-0846.yaml +++ b/http/cves/2022/CVE-2022-0846.yaml @@ -29,7 +29,7 @@ info: vendor: speakout\!_email_petitions_project product: speakout\!_email_petitions framework: wordpress - tags: cve,cve2022,wordpress,wp-plugin,wp,unauth,wpscan,sqli,speakout,speakout-email-petitions,speakout\!_email_petitions_project + tags: time-based,cve,cve2022,wordpress,wp-plugin,wp,unauth,wpscan,sqli,speakout,speakout-email-petitions,speakout\!_email_petitions_project http: - raw: diff --git a/http/cves/2022/CVE-2022-0867.yaml b/http/cves/2022/CVE-2022-0867.yaml index c320da682e..a65f4a5701 100644 --- a/http/cves/2022/CVE-2022-0867.yaml +++ b/http/cves/2022/CVE-2022-0867.yaml @@ -30,7 +30,7 @@ info: vendor: reputeinfosystems product: pricing_table framework: wordpress - tags: cve,cve2022,unauth,wp,wordpress,wp-plugin,arprice-responsive-pricing-table,sqli,wpscan,reputeinfosystems + tags: time-based,cve,cve2022,unauth,wp,wordpress,wp-plugin,arprice-responsive-pricing-table,sqli,wpscan,reputeinfosystems http: - raw: diff --git a/http/cves/2022/CVE-2022-0948.yaml b/http/cves/2022/CVE-2022-0948.yaml index b34f57ff86..e4fc9db00a 100644 --- a/http/cves/2022/CVE-2022-0948.yaml +++ b/http/cves/2022/CVE-2022-0948.yaml @@ -30,7 +30,7 @@ info: vendor: pluginbazaar product: order_listener_for_woocommerce framework: wordpress - tags: cve,cve2022,wp,unauth,sqli,woc-order-alert,wpscan,wordpress,wp-plugin,pluginbazaar + tags: time-based,cve,cve2022,wp,unauth,sqli,woc-order-alert,wpscan,wordpress,wp-plugin,pluginbazaar http: - raw: diff --git a/http/cves/2022/CVE-2022-0949.yaml b/http/cves/2022/CVE-2022-0949.yaml index 5893e57577..591fc55360 100644 --- a/http/cves/2022/CVE-2022-0949.yaml +++ b/http/cves/2022/CVE-2022-0949.yaml @@ -29,7 +29,7 @@ info: vendor: stopbadbots product: block_and_stop_bad_bots framework: wordpress - tags: cve,cve2022,stopbadbots,wp-plugin,wp,unauth,wpscan,sqli,wordpress + tags: time-based,cve,cve2022,stopbadbots,wp-plugin,wp,unauth,wpscan,sqli,wordpress variables: IP: '{{rand_ip("1.1.1.0/24")}}' diff --git a/http/cves/2022/CVE-2022-1013.yaml b/http/cves/2022/CVE-2022-1013.yaml index bfd1c9bd18..6ec84641ec 100644 --- a/http/cves/2022/CVE-2022-1013.yaml +++ b/http/cves/2022/CVE-2022-1013.yaml @@ -29,7 +29,7 @@ info: vendor: ays-pro product: personal_dictionary framework: wordpress - tags: cve,cve2022,wp,unauth,wpscan,sqli,wordpress,wp-plugin,personal-dictionary,ays-pro + tags: time-based,cve,cve2022,wp,unauth,wpscan,sqli,wordpress,wp-plugin,personal-dictionary,ays-pro http: - raw: diff --git a/http/cves/2022/CVE-2022-1057.yaml b/http/cves/2022/CVE-2022-1057.yaml index b2038f69ec..1c58978fd4 100644 --- a/http/cves/2022/CVE-2022-1057.yaml +++ b/http/cves/2022/CVE-2022-1057.yaml @@ -30,7 +30,7 @@ info: vendor: varktech product: pricing_deals_for_woocommerce framework: wordpress - tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,pricing-deals-for-woocommerce,unauth,varktech + tags: time-based,cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,pricing-deals-for-woocommerce,unauth,varktech http: - raw: diff --git a/http/cves/2022/CVE-2022-1768.yaml b/http/cves/2022/CVE-2022-1768.yaml index a8ade8e791..c07e4ef97f 100644 --- a/http/cves/2022/CVE-2022-1768.yaml +++ b/http/cves/2022/CVE-2022-1768.yaml @@ -30,7 +30,7 @@ info: vendor: carrcommunications product: rsvpmaker framework: wordpress - tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,rsvpmaker,carrcommunications + tags: time-based,cve,cve2022,wordpress,wp-plugin,wp,sqli,rsvpmaker,carrcommunications http: - raw: diff --git a/http/cves/2022/CVE-2022-1883.yaml b/http/cves/2022/CVE-2022-1883.yaml index 1c1062c2fb..21846e5778 100644 --- a/http/cves/2022/CVE-2022-1883.yaml +++ b/http/cves/2022/CVE-2022-1883.yaml @@ -28,7 +28,7 @@ info: max-request: 1 vendor: camptocamp product: terraboard - tags: cve,cve2022,terraboard,sqli,huntr,camptocamp + tags: time-based,cve,cve2022,terraboard,sqli,huntr,camptocamp http: - raw: diff --git a/http/cves/2022/CVE-2022-22897.yaml b/http/cves/2022/CVE-2022-22897.yaml index a09ca65c2e..3da520ec18 100644 --- a/http/cves/2022/CVE-2022-22897.yaml +++ b/http/cves/2022/CVE-2022-22897.yaml @@ -31,7 +31,7 @@ info: shodan-query: - "http.component:\"Prestashop\"" - http.component:"prestashop" - tags: cve,cve2022,packetstorm,prestashop,sqli,unauth,apollotheme + tags: time-based,cve,cve2022,packetstorm,prestashop,sqli,unauth,apollotheme http: - raw: diff --git a/http/cves/2022/CVE-2022-24223.yaml b/http/cves/2022/CVE-2022-24223.yaml index 50d11c14b2..8a6b4070e9 100644 --- a/http/cves/2022/CVE-2022-24223.yaml +++ b/http/cves/2022/CVE-2022-24223.yaml @@ -28,7 +28,7 @@ info: max-request: 1 vendor: thedigitalcraft product: atomcms - tags: cve,cve2022,packetstorm,sqli,atom,cms,thedigitalcraft + tags: time-based,cve,cve2022,packetstorm,sqli,atom,cms,thedigitalcraft http: - raw: diff --git a/http/cves/2022/CVE-2022-24265.yaml b/http/cves/2022/CVE-2022-24265.yaml index 9fb0696a2e..04d0a672c1 100644 --- a/http/cves/2022/CVE-2022-24265.yaml +++ b/http/cves/2022/CVE-2022-24265.yaml @@ -29,7 +29,7 @@ info: max-request: 2 vendor: cuppacms product: cuppacms - tags: cve2022,cve,sqli,cuppa,authenticated,cuppacms + tags: time-based,cve2022,cve,sqli,cuppa,authenticated,cuppacms http: - raw: diff --git a/http/cves/2022/CVE-2022-24266.yaml b/http/cves/2022/CVE-2022-24266.yaml index 26669ff40e..1ae7115add 100644 --- a/http/cves/2022/CVE-2022-24266.yaml +++ b/http/cves/2022/CVE-2022-24266.yaml @@ -29,7 +29,7 @@ info: max-request: 2 vendor: cuppacms product: cuppacms - tags: cve,cve2022,sqli,cuppa,authenticated,cuppacms + tags: time-based,cve,cve2022,sqli,cuppa,authenticated,cuppacms http: - raw: diff --git a/http/cves/2022/CVE-2022-2467.yaml b/http/cves/2022/CVE-2022-2467.yaml index 17675e9e2e..823773f984 100644 --- a/http/cves/2022/CVE-2022-2467.yaml +++ b/http/cves/2022/CVE-2022-2467.yaml @@ -27,7 +27,7 @@ info: max-request: 1 vendor: garage_management_system_project product: garage_management_system - tags: cve,cve2022,sourcecodester,garagemanagementsystem,sqli,garage_management_system_project + tags: time-based,cve,cve2022,sourcecodester,garagemanagementsystem,sqli,garage_management_system_project http: - raw: diff --git a/http/cves/2022/CVE-2022-25148.yaml b/http/cves/2022/CVE-2022-25148.yaml index 909a8a147d..10389dd1b5 100644 --- a/http/cves/2022/CVE-2022-25148.yaml +++ b/http/cves/2022/CVE-2022-25148.yaml @@ -31,7 +31,7 @@ info: fofa-query: body=/wp-content/plugins/wp-statistics/ publicwww-query: /wp-content/plugins/wp-statistics/ google-query: inurl:/wp-content/plugins/wp-statistics - tags: cve,cve2022,packetstorm,sqli,wpscan,wordpress,wp-plugin,wp,wp-statistics,veronalabs + tags: time-based,cve,cve2022,packetstorm,sqli,wpscan,wordpress,wp-plugin,wp,wp-statistics,veronalabs http: - raw: diff --git a/http/cves/2022/CVE-2022-25149.yaml b/http/cves/2022/CVE-2022-25149.yaml index d9afc94118..1c279e67a5 100644 --- a/http/cves/2022/CVE-2022-25149.yaml +++ b/http/cves/2022/CVE-2022-25149.yaml @@ -30,7 +30,7 @@ info: fofa-query: body=/wp-content/plugins/wp-statistics/ publicwww-query: "/wp-content/plugins/wp-statistics/" google-query: inurl:/wp-content/plugins/wp-statistics - tags: cve2022,cve,sqli,wpscan,wordpress,wp-plugin,wp,wp-statistics,veronalabs + tags: time-based,cve2022,cve,sqli,wpscan,wordpress,wp-plugin,wp,wp-statistics,veronalabs http: - raw: diff --git a/http/cves/2022/CVE-2022-27984.yaml b/http/cves/2022/CVE-2022-27984.yaml index de2ed356b9..3f7f52f5df 100644 --- a/http/cves/2022/CVE-2022-27984.yaml +++ b/http/cves/2022/CVE-2022-27984.yaml @@ -28,7 +28,7 @@ info: max-request: 2 vendor: cuppacms product: cuppacms - tags: cve,cve2022,sqli,cuppa,authenticated,cuppacms + tags: time-based,cve,cve2022,sqli,cuppa,authenticated,cuppacms http: - raw: diff --git a/http/cves/2022/CVE-2022-28032.yaml b/http/cves/2022/CVE-2022-28032.yaml index 0284ea0ab6..879e3277ac 100644 --- a/http/cves/2022/CVE-2022-28032.yaml +++ b/http/cves/2022/CVE-2022-28032.yaml @@ -27,7 +27,7 @@ info: max-request: 1 vendor: thedigitalcraft product: atomcms - tags: cve,cve2022,sqli,atom,cms,thedigitalcraft + tags: time-based,cve,cve2022,sqli,atom,cms,thedigitalcraft http: - raw: diff --git a/http/cves/2022/CVE-2022-3142.yaml b/http/cves/2022/CVE-2022-3142.yaml index 5f038f7eac..9ecc5024f5 100644 --- a/http/cves/2022/CVE-2022-3142.yaml +++ b/http/cves/2022/CVE-2022-3142.yaml @@ -30,7 +30,7 @@ info: shodan-query: http.html:/wp-content/plugins/nex-forms-express-wp-form-builder/ fofa-query: body=/wp-content/plugins/nex-forms-express-wp-form-builder/ publicwww-query: /wp-content/plugins/nex-forms-express-wp-form-builder/ - tags: cve,cve2022,wpscan,packetstorm,wordpress,sqli,wp-plugin,wp,authenticated,basixonline + tags: time-based,cve,cve2022,wpscan,packetstorm,wordpress,sqli,wp-plugin,wp,authenticated,basixonline http: - raw: diff --git a/http/cves/2022/CVE-2022-31499.yaml b/http/cves/2022/CVE-2022-31499.yaml index 40f3c340af..fbadaa25a8 100644 --- a/http/cves/2022/CVE-2022-31499.yaml +++ b/http/cves/2022/CVE-2022-31499.yaml @@ -39,7 +39,7 @@ info: google-query: - intitle:"linear emerge" - intitle:"emerge" - tags: cve,cve2022,packetstorm,emerge,rce,nortekcontrol + tags: time-based,cve,cve2022,packetstorm,emerge,rce,nortekcontrol http: - raw: diff --git a/http/cves/2022/CVE-2022-31976.yaml b/http/cves/2022/CVE-2022-31976.yaml index ec141727a6..57fdd25599 100644 --- a/http/cves/2022/CVE-2022-31976.yaml +++ b/http/cves/2022/CVE-2022-31976.yaml @@ -27,7 +27,7 @@ info: max-request: 1 vendor: online_fire_reporting_system_project product: online_fire_reporting_system - tags: cve,cve2022,sqli,online-fire-reporting,online_fire_reporting_system_project + tags: time-based,cve,cve2022,sqli,online-fire-reporting,online_fire_reporting_system_project http: - raw: diff --git a/http/cves/2022/CVE-2022-31977.yaml b/http/cves/2022/CVE-2022-31977.yaml index 3c709a5b58..6efc570904 100644 --- a/http/cves/2022/CVE-2022-31977.yaml +++ b/http/cves/2022/CVE-2022-31977.yaml @@ -27,7 +27,7 @@ info: max-request: 1 vendor: online_fire_reporting_system_project product: online_fire_reporting_system - tags: cve,cve2022,sqli,online-fire-reporting,online_fire_reporting_system_project + tags: time-based,cve,cve2022,sqli,online-fire-reporting,online_fire_reporting_system_project http: - raw: diff --git a/http/cves/2022/CVE-2022-31978.yaml b/http/cves/2022/CVE-2022-31978.yaml index 7130952dc8..f9bbd3fe98 100644 --- a/http/cves/2022/CVE-2022-31978.yaml +++ b/http/cves/2022/CVE-2022-31978.yaml @@ -27,7 +27,7 @@ info: max-request: 1 vendor: online_fire_reporting_system_project product: online_fire_reporting_system - tags: cve,cve2022,sqli,online-fire-reporting,online_fire_reporting_system_project + tags: time-based,cve,cve2022,sqli,online-fire-reporting,online_fire_reporting_system_project http: - raw: diff --git a/http/cves/2022/CVE-2022-33965.yaml b/http/cves/2022/CVE-2022-33965.yaml index 416ca1f8f6..2701aef218 100644 --- a/http/cves/2022/CVE-2022-33965.yaml +++ b/http/cves/2022/CVE-2022-33965.yaml @@ -33,7 +33,7 @@ info: shodan-query: http.html:"wp-stats-manager" fofa-query: body="wp-stats-manager" google-query: inurl:"/wp-content/plugins/wp-stats-manager" - tags: cve2022,cve,wordpress,wp-plugin,wp,unauth,sqli,wp-stats-manager,plugins-market + tags: time-based,cve2022,cve,wordpress,wp-plugin,wp,unauth,sqli,wp-stats-manager,plugins-market http: - raw: diff --git a/http/cves/2022/CVE-2022-3768.yaml b/http/cves/2022/CVE-2022-3768.yaml index 1ef5966e7a..100346d080 100644 --- a/http/cves/2022/CVE-2022-3768.yaml +++ b/http/cves/2022/CVE-2022-3768.yaml @@ -29,7 +29,7 @@ info: vendor: wpsmartcontracts product: wpsmartcontracts framework: wordpress - tags: cve,cve2022,wp-smart-contracts,wpscan,wp-plugin,sqli,wordpress,wp,authenticated,wpsmartcontracts + tags: time-based,cve,cve2022,wp-smart-contracts,wpscan,wp-plugin,sqli,wordpress,wp,authenticated,wpsmartcontracts http: - raw: diff --git a/http/cves/2022/CVE-2022-3800.yaml b/http/cves/2022/CVE-2022-3800.yaml index 4e9e42ac93..7d0914e32b 100644 --- a/http/cves/2022/CVE-2022-3800.yaml +++ b/http/cves/2022/CVE-2022-3800.yaml @@ -27,7 +27,7 @@ info: max-request: 1 vendor: ibax product: go-ibax - tags: cve2022,cve,ibax,go-ibax,sqli + tags: time-based,cve2022,cve,ibax,go-ibax,sqli http: - raw: diff --git a/http/cves/2022/CVE-2022-40032.yaml b/http/cves/2022/CVE-2022-40032.yaml index efebcce6f1..dbd896729d 100644 --- a/http/cves/2022/CVE-2022-40032.yaml +++ b/http/cves/2022/CVE-2022-40032.yaml @@ -25,7 +25,7 @@ info: max-request: 1 vendor: simple_task_managing_system_project product: simple_task_managing_system - tags: cve,cve2022,packetstorm,simple-task,stms,sqli,simple_task_managing_system_project + tags: time-based,cve,cve2022,packetstorm,simple-task,stms,sqli,simple_task_managing_system_project http: - raw: diff --git a/http/cves/2022/CVE-2022-4049.yaml b/http/cves/2022/CVE-2022-4049.yaml index d7de9e0abc..4a37fb4b28 100644 --- a/http/cves/2022/CVE-2022-4049.yaml +++ b/http/cves/2022/CVE-2022-4049.yaml @@ -28,7 +28,7 @@ info: shodan-query: http.html:/wp-content/plugins/wp-user/ fofa-query: body=/wp-content/plugins/wp-user/ publicwww-query: /wp-content/plugins/wp-user/ - tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,wp-user,unauth,wp_user_project + tags: time-based,cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,wp-user,unauth,wp_user_project http: - raw: diff --git a/http/cves/2022/CVE-2022-4050.yaml b/http/cves/2022/CVE-2022-4050.yaml index ab421f05e9..12de61acfe 100644 --- a/http/cves/2022/CVE-2022-4050.yaml +++ b/http/cves/2022/CVE-2022-4050.yaml @@ -30,7 +30,7 @@ info: vendor: beardev product: joomsport framework: wordpress - tags: cve,cve2022,wpscan,wp-plugin,wp,joomsport-sports-league-results-management,wordpress,sqli,unauth,beardev + tags: time-based,cve,cve2022,wpscan,wp-plugin,wp,joomsport-sports-league-results-management,wordpress,sqli,unauth,beardev http: - raw: diff --git a/http/cves/2022/CVE-2022-4059.yaml b/http/cves/2022/CVE-2022-4059.yaml index 146a1d075b..e8cb84f659 100644 --- a/http/cves/2022/CVE-2022-4059.yaml +++ b/http/cves/2022/CVE-2022-4059.yaml @@ -28,7 +28,7 @@ info: shodan-query: http.html:/wp-content/plugins/cryptocurrency-widgets-pack/ fofa-query: body=/wp-content/plugins/cryptocurrency-widgets-pack/ publicwww-query: /wp-content/plugins/cryptocurrency-widgets-pack/ - tags: cve,cve2022,wp,wp-plugin,wordpress,wpscan,sqli,blocksera + tags: time-based,cve,cve2022,wp,wp-plugin,wordpress,wpscan,sqli,blocksera http: - raw: diff --git a/http/cves/2022/CVE-2022-4117.yaml b/http/cves/2022/CVE-2022-4117.yaml index 6396ed4103..ca6e099de9 100644 --- a/http/cves/2022/CVE-2022-4117.yaml +++ b/http/cves/2022/CVE-2022-4117.yaml @@ -30,7 +30,7 @@ info: vendor: iws-geo-form-fields_project product: iws-geo-form-fields framework: wordpress - tags: cve,cve2022,sqli,wordpress,wp-plugin,wp,iws-geo-form-fields,wpscan,iws-geo-form-fields_project + tags: time-based,cve,cve2022,sqli,wordpress,wp-plugin,wp,iws-geo-form-fields,wpscan,iws-geo-form-fields_project http: - raw: diff --git a/http/cves/2022/CVE-2022-44290.yaml b/http/cves/2022/CVE-2022-44290.yaml index 9900d63e5b..deedd1396a 100644 --- a/http/cves/2022/CVE-2022-44290.yaml +++ b/http/cves/2022/CVE-2022-44290.yaml @@ -24,7 +24,7 @@ info: max-request: 2 vendor: webtareas_project product: webtareas - tags: cve,cve2022,sqli,webtareas,authenticated,intrusive,webtareas_project + tags: time-based,cve,cve2022,sqli,webtareas,authenticated,intrusive,webtareas_project http: - raw: diff --git a/http/cves/2022/CVE-2022-44291.yaml b/http/cves/2022/CVE-2022-44291.yaml index 945f09a011..eb926999cb 100644 --- a/http/cves/2022/CVE-2022-44291.yaml +++ b/http/cves/2022/CVE-2022-44291.yaml @@ -24,7 +24,7 @@ info: max-request: 2 vendor: webtareas_project product: webtareas - tags: cve,cve2022,sqli,webtareas,authenticated,intrusive,webtareas_project + tags: time-based,cve,cve2022,sqli,webtareas,authenticated,intrusive,webtareas_project http: - raw: diff --git a/http/cves/2022/CVE-2022-45805.yaml b/http/cves/2022/CVE-2022-45805.yaml index 1f6eaad2f3..d4887a6353 100644 --- a/http/cves/2022/CVE-2022-45805.yaml +++ b/http/cves/2022/CVE-2022-45805.yaml @@ -29,7 +29,7 @@ info: vendor: paytm product: payment_gateway framework: wordpress - tags: cve,cve2022,sqli,wordpress,wp-plugin,wp,paytm-payments,authenticated,paytm + tags: time-based,cve,cve2022,sqli,wordpress,wp-plugin,wp,paytm-payments,authenticated,paytm http: - raw: diff --git a/http/cves/2023/CVE-2023-0261.yaml b/http/cves/2023/CVE-2023-0261.yaml index 2dce0985c1..fdeeec8675 100644 --- a/http/cves/2023/CVE-2023-0261.yaml +++ b/http/cves/2023/CVE-2023-0261.yaml @@ -28,7 +28,7 @@ info: vendor: ljapps product: wp_tripadvisor_review_slider framework: wordpress - tags: cve2023,cve,wordpress,wp,wp-tripadvisor-review-slider,auth,sqli,wp-plugin,wpscan,ljapps + tags: time-based,cve2023,cve,wordpress,wp,wp-tripadvisor-review-slider,auth,sqli,wp-plugin,wpscan,ljapps http: - raw: diff --git a/http/cves/2023/CVE-2023-0600.yaml b/http/cves/2023/CVE-2023-0600.yaml index 9d026d71d6..38a169edc1 100644 --- a/http/cves/2023/CVE-2023-0600.yaml +++ b/http/cves/2023/CVE-2023-0600.yaml @@ -29,7 +29,7 @@ info: fofa-query: body="wp-stats-manager" google-query: inurl:"/wp-content/plugins/wp-stats-manager" public-www: /wp-content/plugins/wp-stats-manager/ - tags: cve,cve2023,wp,wp-plugin,wordpress,wpscan,unauth,wp-stats-manager,sqli,plugins-market + tags: time-based,cve,cve2023,wp,wp-plugin,wordpress,wpscan,unauth,wp-stats-manager,sqli,plugins-market variables: str: '{{rand_int(100000, 999999)}}' diff --git a/http/cves/2023/CVE-2023-0630.yaml b/http/cves/2023/CVE-2023-0630.yaml index 6fc2d09aea..d9a32e13b5 100644 --- a/http/cves/2023/CVE-2023-0630.yaml +++ b/http/cves/2023/CVE-2023-0630.yaml @@ -29,7 +29,7 @@ info: vendor: wp-slimstat product: slimstat_analytics framework: wordpress - tags: cve2023,cve,wpscan,wp-slimstat,wp,wp-plugin,sqli,wordpress,authenticated + tags: time-based,cve2023,cve,wpscan,wp-slimstat,wp,wp-plugin,sqli,wordpress,authenticated http: - raw: diff --git a/http/cves/2023/CVE-2023-0900.yaml b/http/cves/2023/CVE-2023-0900.yaml index f57e933394..1c61c675ed 100644 --- a/http/cves/2023/CVE-2023-0900.yaml +++ b/http/cves/2023/CVE-2023-0900.yaml @@ -27,7 +27,7 @@ info: shodan-query: http.html:wp-content/plugins/ap-pricing-tables-lite fofa-query: body=wp-content/plugins/ap-pricing-tables-lite publicwww-query: "wp-content/plugins/ap-pricing-tables-lite" - tags: cve2023,cve,sqli,wordpress,wp-plugin,wp,authenticated,wpscan,ap-pricing-tables-lite,wpdevart + tags: time-based,cve2023,cve,sqli,wordpress,wp-plugin,wp,authenticated,wpscan,ap-pricing-tables-lite,wpdevart http: - raw: diff --git a/http/cves/2023/CVE-2023-1408.yaml b/http/cves/2023/CVE-2023-1408.yaml index d62b8d443c..01358f2b22 100644 --- a/http/cves/2023/CVE-2023-1408.yaml +++ b/http/cves/2023/CVE-2023-1408.yaml @@ -27,7 +27,7 @@ info: shodan-query: http.html:/wp-content/plugins/video-list-manager/ fofa-query: body=/wp-content/plugins/video-list-manager/ publicwww-query: /wp-content/plugins/video-list-manager/ - tags: cve,cve2023,wpscan,sqli,wordpress,wp-plugin,wp,authenticated,video_list_manager_project + tags: time-based,cve,cve2023,wpscan,sqli,wordpress,wp-plugin,wp,authenticated,video_list_manager_project http: - raw: diff --git a/http/cves/2023/CVE-2023-1730.yaml b/http/cves/2023/CVE-2023-1730.yaml index fcc7040049..bcf0192be4 100644 --- a/http/cves/2023/CVE-2023-1730.yaml +++ b/http/cves/2023/CVE-2023-1730.yaml @@ -28,7 +28,7 @@ info: vendor: supportcandy product: supportcandy framework: wordpress - tags: cve2023,cve,sqli,wpscan,wordpress,supportcandy,unauth + tags: time-based,cve2023,cve,sqli,wpscan,wordpress,supportcandy,unauth http: - raw: diff --git a/http/cves/2023/CVE-2023-2130.yaml b/http/cves/2023/CVE-2023-2130.yaml index 6056d6df45..8ee1ca8409 100644 --- a/http/cves/2023/CVE-2023-2130.yaml +++ b/http/cves/2023/CVE-2023-2130.yaml @@ -29,7 +29,7 @@ info: max-request: 1 vendor: purchase_order_management_system_project product: purchase_order_management_system - tags: cve2023,cve,sqli,purchase-order-management-system,purchase_order_management_system_project + tags: time-based,cve2023,cve,sqli,purchase-order-management-system,purchase_order_management_system_project http: - method: GET diff --git a/http/cves/2023/CVE-2023-23488.yaml b/http/cves/2023/CVE-2023-23488.yaml index 9c9afb6f06..821ca78714 100644 --- a/http/cves/2023/CVE-2023-23488.yaml +++ b/http/cves/2023/CVE-2023-23488.yaml @@ -34,7 +34,7 @@ info: fofa-query: body=/wp-content/plugins/paid-memberships-pro/ publicwww-query: /wp-content/plugins/paid-memberships-pro/ google-query: inurl:"/wp-content/plugins/paid-memberships-pro" - tags: cve2023,cve,paid-memberships-pro,wordpress,tenable,packetstorm,wp-plugin,sqli,wp,strangerstudios + tags: time-based,cve2023,cve,paid-memberships-pro,wordpress,tenable,packetstorm,wp-plugin,sqli,wp,strangerstudios http: - raw: diff --git a/http/cves/2023/CVE-2023-23489.yaml b/http/cves/2023/CVE-2023-23489.yaml index 3238ae18db..a983c62260 100644 --- a/http/cves/2023/CVE-2023-23489.yaml +++ b/http/cves/2023/CVE-2023-23489.yaml @@ -30,7 +30,7 @@ info: vendor: sandhillsdev product: easy_digital_downloads framework: wordpress - tags: cve,cve2023,easy-digital-downloads,unauth,wpscan,wordpress,wp,wp-plugin,sqli,tenable,sandhillsdev + tags: time-based,cve,cve2023,easy-digital-downloads,unauth,wpscan,wordpress,wp,wp-plugin,sqli,tenable,sandhillsdev http: - raw: diff --git a/http/cves/2023/CVE-2023-27032.yaml b/http/cves/2023/CVE-2023-27032.yaml index 56fdaaaecf..119c1d8d5e 100644 --- a/http/cves/2023/CVE-2023-27032.yaml +++ b/http/cves/2023/CVE-2023-27032.yaml @@ -24,7 +24,7 @@ info: product: "popup_module_\\(on_entering\\,_exit_popup\\,_add_product\\)_and_newsletter" framework: prestashop shodan-query: "http.component:\"prestashop\"" - tags: cve,cve2023,sqli,prestashop,advancedpopupcreator,idnovate + tags: time-based,cve,cve2023,sqli,prestashop,advancedpopupcreator,idnovate http: - raw: diff --git a/http/cves/2023/CVE-2023-27034.yaml b/http/cves/2023/CVE-2023-27034.yaml index 1c43b95c37..beec74393e 100644 --- a/http/cves/2023/CVE-2023-27034.yaml +++ b/http/cves/2023/CVE-2023-27034.yaml @@ -29,7 +29,7 @@ info: vendor: joommasters product: jms_blog framework: prestashop - tags: cve2023,cve,prestashop,prestashop-module,sqli,intrusive,joommasters + tags: time-based,cve2023,cve,prestashop,prestashop-module,sqli,intrusive,joommasters flow: http(1) && http(2) diff --git a/http/cves/2023/CVE-2023-27847.yaml b/http/cves/2023/CVE-2023-27847.yaml index 4b9cc991fe..6b1df7cc96 100644 --- a/http/cves/2023/CVE-2023-27847.yaml +++ b/http/cves/2023/CVE-2023-27847.yaml @@ -24,7 +24,7 @@ info: framework: prestashop shodan-query: html:"/xipblog" fofa-query: app="Prestashop" - tags: cve,cve2023,prestashop,sqli,xipblog + tags: time-based,cve,cve2023,prestashop,sqli,xipblog flow: http(1) && http(2) diff --git a/http/cves/2023/CVE-2023-28662.yaml b/http/cves/2023/CVE-2023-28662.yaml index 77b6da0e2a..77078b1491 100644 --- a/http/cves/2023/CVE-2023-28662.yaml +++ b/http/cves/2023/CVE-2023-28662.yaml @@ -30,7 +30,7 @@ info: framework: wordpress shodan-query: http.html:"/wp-content/plugins/gift-voucher/" fofa-query: "body=\"/wp-content/plugins/gift-voucher/\"" - tags: cve,cve2023,wordpress,wp,wp-plugin,sqli,unauth,gift-voucher,codemenschen + tags: time-based,cve,cve2023,wordpress,wp,wp-plugin,sqli,unauth,gift-voucher,codemenschen flow: http(1) && http(2) http: diff --git a/http/cves/2023/CVE-2023-30150.yaml b/http/cves/2023/CVE-2023-30150.yaml index 81aa17dc39..89dd0742b0 100644 --- a/http/cves/2023/CVE-2023-30150.yaml +++ b/http/cves/2023/CVE-2023-30150.yaml @@ -32,7 +32,7 @@ info: shodan-query: - http.component:"Prestashop" - http.component:"prestashop" - tags: cve2023,cve,prestashop,sqli,leotheme + tags: time-based,cve2023,cve,prestashop,sqli,leotheme http: - raw: diff --git a/http/cves/2023/CVE-2023-3077.yaml b/http/cves/2023/CVE-2023-3077.yaml index 8af1e6891f..2ace47fb43 100644 --- a/http/cves/2023/CVE-2023-3077.yaml +++ b/http/cves/2023/CVE-2023-3077.yaml @@ -29,7 +29,7 @@ info: publicwww-query: "/wp-content/plugins/mstore-api/" shodan-query: http.html:/wp-content/plugins/mstore-api/ fofa-query: body=/wp-content/plugins/mstore-api/ - tags: cve,cve2023,wpscan,wordpress,wp-plugin,wp,mstore-api,sqli,inspireui + tags: time-based,cve,cve2023,wpscan,wordpress,wp-plugin,wp,mstore-api,sqli,inspireui flow: http(1) && http(2) http: diff --git a/http/cves/2023/CVE-2023-34751.yaml b/http/cves/2023/CVE-2023-34751.yaml index 6660a05ef1..1a8035c6bc 100644 --- a/http/cves/2023/CVE-2023-34751.yaml +++ b/http/cves/2023/CVE-2023-34751.yaml @@ -26,7 +26,7 @@ info: fofa-query: - "Powered by bloofoxCMS" - powered by bloofoxcms - tags: cve2023,cve,sqli,bloofox,authenticated + tags: time-based,cve2023,cve,sqli,bloofox,authenticated http: - raw: diff --git a/http/cves/2023/CVE-2023-34752.yaml b/http/cves/2023/CVE-2023-34752.yaml index 3de67af58d..5b043d0923 100644 --- a/http/cves/2023/CVE-2023-34752.yaml +++ b/http/cves/2023/CVE-2023-34752.yaml @@ -28,7 +28,7 @@ info: fofa-query: - "Powered by bloofoxCMS" - powered by bloofoxcms - tags: cve,cve2023,sqli,bloofox,authenticated + tags: time-based,cve,cve2023,sqli,bloofox,authenticated http: - raw: diff --git a/http/cves/2023/CVE-2023-34753.yaml b/http/cves/2023/CVE-2023-34753.yaml index 060fa03f11..7f5f52b00a 100644 --- a/http/cves/2023/CVE-2023-34753.yaml +++ b/http/cves/2023/CVE-2023-34753.yaml @@ -26,7 +26,7 @@ info: fofa-query: - "Powered by bloofoxCMS" - powered by bloofoxcms - tags: cve,cve2023,sqli,bloofox,authenticated + tags: time-based,cve,cve2023,sqli,bloofox,authenticated http: - raw: diff --git a/http/cves/2023/CVE-2023-34754.yaml b/http/cves/2023/CVE-2023-34754.yaml index fec5916067..2c488596c8 100644 --- a/http/cves/2023/CVE-2023-34754.yaml +++ b/http/cves/2023/CVE-2023-34754.yaml @@ -26,7 +26,7 @@ info: verified: true vendor: bloofox product: bloofoxcms - tags: cve,cve2023,bloofox,sqli,authenticated + tags: time-based,cve,cve2023,bloofox,sqli,authenticated http: - raw: diff --git a/http/cves/2023/CVE-2023-34755.yaml b/http/cves/2023/CVE-2023-34755.yaml index 8f7c709f6b..54d90265f6 100644 --- a/http/cves/2023/CVE-2023-34755.yaml +++ b/http/cves/2023/CVE-2023-34755.yaml @@ -26,7 +26,7 @@ info: fofa-query: - "Powered by bloofoxCMS" - powered by bloofoxcms - tags: cve,cve2023,sqli,bloofox,authenticated + tags: time-based,cve,cve2023,sqli,bloofox,authenticated http: - raw: diff --git a/http/cves/2023/CVE-2023-34756.yaml b/http/cves/2023/CVE-2023-34756.yaml index 0f0b45fc1e..0a69d87c04 100644 --- a/http/cves/2023/CVE-2023-34756.yaml +++ b/http/cves/2023/CVE-2023-34756.yaml @@ -26,7 +26,7 @@ info: fofa-query: - "Powered by bloofoxCMS" - powered by bloofoxcms - tags: cve,cve2023,sqli,bloofox,authenticated + tags: time-based,cve,cve2023,sqli,bloofox,authenticated http: - raw: diff --git a/http/cves/2023/CVE-2023-36284.yaml b/http/cves/2023/CVE-2023-36284.yaml index 4cbd3f2e93..9e55c66836 100644 --- a/http/cves/2023/CVE-2023-36284.yaml +++ b/http/cves/2023/CVE-2023-36284.yaml @@ -29,7 +29,7 @@ info: fofa-query: - "title=\"QloApps\"" - title="qloapps" - tags: cve,cve2023,qloapps,sqli,webkul + tags: time-based,cve,cve2023,qloapps,sqli,webkul flow: http(1) && http(2) http: diff --git a/http/cves/2023/CVE-2023-39361.yaml b/http/cves/2023/CVE-2023-39361.yaml index 3ce5c7f525..6d2b4ecce7 100644 --- a/http/cves/2023/CVE-2023-39361.yaml +++ b/http/cves/2023/CVE-2023-39361.yaml @@ -39,7 +39,7 @@ info: google-query: - intitle:"cacti" - intitle:"login to cacti" - tags: cve2023,cve,cacti,sqli + tags: time-based,cve2023,cve,cacti,sqli http: - raw: diff --git a/http/cves/2023/CVE-2023-39650.yaml b/http/cves/2023/CVE-2023-39650.yaml index db4be9a9a9..610de931af 100644 --- a/http/cves/2023/CVE-2023-39650.yaml +++ b/http/cves/2023/CVE-2023-39650.yaml @@ -23,7 +23,7 @@ info: verified: true framework: prestashop shodan-query: html:"/tvcmsblog" - tags: cve,cve2023,prestashop,sqli,tvcmsblog + tags: time-based,cve,cve2023,prestashop,sqli,tvcmsblog http: - raw: diff --git a/http/cves/2023/CVE-2023-39796.yaml b/http/cves/2023/CVE-2023-39796.yaml index fc0d426099..9cc3f5b905 100644 --- a/http/cves/2023/CVE-2023-39796.yaml +++ b/http/cves/2023/CVE-2023-39796.yaml @@ -24,7 +24,7 @@ info: max-request: 1 vendor: wbce product: wbce_cms - tags: cve,cve2023,sqli,wbce,intrusive + tags: time-based,cve,cve2023,sqli,wbce,intrusive http: - raw: diff --git a/http/cves/2023/CVE-2023-43374.yaml b/http/cves/2023/CVE-2023-43374.yaml index 457caf0f3c..b9df11b85e 100644 --- a/http/cves/2023/CVE-2023-43374.yaml +++ b/http/cves/2023/CVE-2023-43374.yaml @@ -34,7 +34,7 @@ info: - title="hoteldruid" - icon_hash=-1521640213 google-query: intitle:"hoteldruid" - tags: cve,cve2023,hoteldruid,cms,sqli,digitaldruid + tags: time-based,cve,cve2023,hoteldruid,cms,sqli,digitaldruid flow: http(1) && http(2) http: diff --git a/http/cves/2023/CVE-2023-45375.yaml b/http/cves/2023/CVE-2023-45375.yaml index 4f4adf06c9..3367d97fc7 100644 --- a/http/cves/2023/CVE-2023-45375.yaml +++ b/http/cves/2023/CVE-2023-45375.yaml @@ -23,7 +23,7 @@ info: product: pireospay framework: prestashop shodan-query: "http.component:\"prestashop\"" - tags: cve,cve2023,sqli,prestashop,pireospay,01generator + tags: time-based,cve,cve2023,sqli,prestashop,pireospay,01generator flow: http(1) && http(2) http: diff --git a/http/cves/2023/CVE-2023-46347.yaml b/http/cves/2023/CVE-2023-46347.yaml index 11c56aa8e3..b4b51bdd3d 100644 --- a/http/cves/2023/CVE-2023-46347.yaml +++ b/http/cves/2023/CVE-2023-46347.yaml @@ -24,7 +24,7 @@ info: product: ndk_steppingpack framework: prestashop shodan-query: http.component:"prestashop" - tags: cve,cve2023,sqli,prestashop,ndk_steppingpack,ndkdesign + tags: time-based,cve,cve2023,sqli,prestashop,ndk_steppingpack,ndkdesign http: - raw: diff --git a/http/cves/2023/CVE-2023-48084.yaml b/http/cves/2023/CVE-2023-48084.yaml index b4790aa481..2e8fe811a6 100644 --- a/http/cves/2023/CVE-2023-48084.yaml +++ b/http/cves/2023/CVE-2023-48084.yaml @@ -34,7 +34,7 @@ info: - title="nagios xi" - app="nagios-xi" google-query: intitle:"nagios xi" - tags: cve,cve2023,nagiosxi,sqli,authenticated,nagios + tags: time-based,cve,cve2023,nagiosxi,sqli,authenticated,nagios http: - raw: diff --git a/http/cves/2023/CVE-2023-4974.yaml b/http/cves/2023/CVE-2023-4974.yaml index 696a10e377..69867467fb 100644 --- a/http/cves/2023/CVE-2023-4974.yaml +++ b/http/cves/2023/CVE-2023-4974.yaml @@ -29,7 +29,7 @@ info: - html:"Academy LMS" - http.html:"academy lms" fofa-query: body="academy lms" - tags: cve,cve2023,packetstorm,sqli,academy,lms,creativeitem + tags: time-based,cve,cve2023,packetstorm,sqli,academy,lms,creativeitem http: - raw: diff --git a/http/cves/2023/CVE-2023-6063.yaml b/http/cves/2023/CVE-2023-6063.yaml index 6f57adadde..95777bc871 100644 --- a/http/cves/2023/CVE-2023-6063.yaml +++ b/http/cves/2023/CVE-2023-6063.yaml @@ -29,7 +29,7 @@ info: shodan-query: "http.html:/wp-content/plugins/wp-fastest-cache/" fofa-query: "body=/wp-content/plugins/wp-fastest-cache/" publicwww-query: "/wp-content/plugins/wp-fastest-cache/" - tags: cve,cve2023,wp-fastest-cache,wpscan,wordpress,wp-plugin,sqli,wpfastestcache + tags: time-based,cve,cve2023,wp-fastest-cache,wpscan,wordpress,wp-plugin,sqli,wpfastestcache flow: | if (http(1)) { for (let i = 0; i < 2; i++) { diff --git a/http/cves/2023/CVE-2023-6567.yaml b/http/cves/2023/CVE-2023-6567.yaml index 7f3321d876..cad1da1aa3 100644 --- a/http/cves/2023/CVE-2023-6567.yaml +++ b/http/cves/2023/CVE-2023-6567.yaml @@ -30,7 +30,7 @@ info: shodan-query: http.html:/wp-content/plugins/learnpress fofa-query: body=/wp-content/plugins/learnpress publicwww-query: "/wp-content/plugins/learnpress" - tags: wpscan,cve,cve2023,wp,wp-plugin,wordpress,learnpress,sqli,thimpress + tags: time-based,wpscan,cve,cve2023,wp,wp-plugin,wordpress,learnpress,sqli,thimpress http: - raw: diff --git a/http/cves/2024/CVE-2024-1061.yaml b/http/cves/2024/CVE-2024-1061.yaml index cc63af51a8..9cf3c01a58 100644 --- a/http/cves/2024/CVE-2024-1061.yaml +++ b/http/cves/2024/CVE-2024-1061.yaml @@ -31,7 +31,7 @@ info: product: html5_video_player framework: wordpress fofa-query: "\"wordpress\" && body=\"html5-video-player\"" - tags: cve,cve2024,wp,wordpress,wp-plugin,sqli,html5-video-player,bplugins + tags: time-based,cve,cve2024,wp,wordpress,wp-plugin,sqli,html5-video-player,bplugins http: - raw: diff --git a/http/cves/2024/CVE-2024-1071.yaml b/http/cves/2024/CVE-2024-1071.yaml index 52178ca728..d28c323a36 100644 --- a/http/cves/2024/CVE-2024-1071.yaml +++ b/http/cves/2024/CVE-2024-1071.yaml @@ -30,7 +30,7 @@ info: zoomeye-query: app:"WordPress Ultimate Member Plugin" product: ultimate_member vendor: ultimatemember - tags: cve,cve2024,ultimate-member,wpscan,wordpress,wp-plugin,sqli + tags: time-based,cve,cve2024,ultimate-member,wpscan,wordpress,wp-plugin,sqli http: - raw: diff --git a/http/cves/2024/CVE-2024-1512.yaml b/http/cves/2024/CVE-2024-1512.yaml index db78801456..c0e1bc3e9c 100644 --- a/http/cves/2024/CVE-2024-1512.yaml +++ b/http/cves/2024/CVE-2024-1512.yaml @@ -25,7 +25,7 @@ info: product: masterstudy_lms framework: wordpress fofa-query: body="wp-content/plugins/masterstudy-lms-learning-management-system/" - tags: cve,cve2024,sqli,wp-plugin,wordpress + tags: time-based,cve,cve2024,sqli,wp-plugin,wordpress http: - raw: diff --git a/http/cves/2024/CVE-2024-1698.yaml b/http/cves/2024/CVE-2024-1698.yaml index 2db6a5063f..2086b636e4 100644 --- a/http/cves/2024/CVE-2024-1698.yaml +++ b/http/cves/2024/CVE-2024-1698.yaml @@ -25,7 +25,7 @@ info: fofa-query: body="/wp-content/plugins/notificationx" product: notificationx vendor: wpdeveloper - tags: cve,cve2024,wpscan,wordpress,wp-plugin,notificationx,sqli + tags: time-based,cve,cve2024,wpscan,wordpress,wp-plugin,notificationx,sqli http: - raw: diff --git a/http/cves/2024/CVE-2024-2621.yaml b/http/cves/2024/CVE-2024-2621.yaml index 72b9d76447..821bd10030 100644 --- a/http/cves/2024/CVE-2024-2621.yaml +++ b/http/cves/2024/CVE-2024-2621.yaml @@ -24,7 +24,7 @@ info: verified: true max-request: 1 fofa-query: body="app/structure/departments.php" || app="指挥调度管理平台" - tags: cve,cve2024,sqli,fujian,rce + tags: time-based,cve,cve2024,sqli,fujian,rce http: - raw: diff --git a/http/cves/2024/CVE-2024-27956.yaml b/http/cves/2024/CVE-2024-27956.yaml index bf14bf8963..090e13fced 100644 --- a/http/cves/2024/CVE-2024-27956.yaml +++ b/http/cves/2024/CVE-2024-27956.yaml @@ -25,7 +25,7 @@ info: verified: true max-request: 1 publicwww-query: "wp-content/plugins/wp-automatic" - tags: cve,cve2024,sqli,wordpress,wpscan,wp-automatic + tags: time-based,cve,cve2024,sqli,wordpress,wpscan,wp-automatic http: - raw: diff --git a/http/cves/2024/CVE-2024-2876.yaml b/http/cves/2024/CVE-2024-2876.yaml index 2f877347a2..ad04da61ec 100644 --- a/http/cves/2024/CVE-2024-2876.yaml +++ b/http/cves/2024/CVE-2024-2876.yaml @@ -13,7 +13,7 @@ info: verified: true max-request: 1 publicwww-query: "/wp-content/plugins/email-subscribers/" - tags: cve,cve2024,wp,wordpress,wp-plugin,sqli,email-subscribers,wpscan + tags: time-based,cve,cve2024,wp,wordpress,wp-plugin,sqli,email-subscribers,wpscan http: - raw: diff --git a/http/cves/2024/CVE-2024-2879.yaml b/http/cves/2024/CVE-2024-2879.yaml index 05ffbf675b..703662cf31 100644 --- a/http/cves/2024/CVE-2024-2879.yaml +++ b/http/cves/2024/CVE-2024-2879.yaml @@ -28,7 +28,7 @@ info: product: layerslider framework: wordpress publicwww-query: "/wp-content/plugins/LayerSlider/" - tags: cve,cve2024,wp-plugin,wp,wordpress,layerslider,sqli + tags: time-based,cve,cve2024,wp-plugin,wp,wordpress,layerslider,sqli flow: http(1) && http(2) http: diff --git a/http/cves/2024/CVE-2024-3552.yaml b/http/cves/2024/CVE-2024-3552.yaml index 1e03a14f8f..fd3ae7d78e 100644 --- a/http/cves/2024/CVE-2024-3552.yaml +++ b/http/cves/2024/CVE-2024-3552.yaml @@ -18,7 +18,7 @@ info: vendor: salephpscripts product: web_directory_free publicwww-query: "/wp-content/plugins/web-directory-free" - tags: cve,cve2024,wordpress,wp-plugin,wpscan,wp,web-directory-free + tags: time-based,cve,cve2024,wordpress,wp-plugin,wpscan,wp,web-directory-free flow: http(1) && http(2) http: diff --git a/http/cves/2024/CVE-2024-36412.yaml b/http/cves/2024/CVE-2024-36412.yaml index aa9c3b111b..06f6a29c25 100644 --- a/http/cves/2024/CVE-2024-36412.yaml +++ b/http/cves/2024/CVE-2024-36412.yaml @@ -24,7 +24,7 @@ info: product: suitecrm shodan-query: title:"SuiteCRM" fofa-query: title="SuiteCRM" - tags: cve,cve2024,suitecrm,sqli + tags: time-based,cve,cve2024,suitecrm,sqli http: - raw: diff --git a/http/cves/2024/CVE-2024-36683.yaml b/http/cves/2024/CVE-2024-36683.yaml index 52c11e7457..95428a3246 100644 --- a/http/cves/2024/CVE-2024-36683.yaml +++ b/http/cves/2024/CVE-2024-36683.yaml @@ -24,7 +24,7 @@ info: framework: prestashop shodan-query: html:"/productsalert" fofa-query: body="/productsalert" - tags: cve,cve2023,prestashop,sqli,productsalert + tags: time-based,cve,cve2023,prestashop,sqli,productsalert flow: http(1) && http(2) diff --git a/http/cves/2024/CVE-2024-3922.yaml b/http/cves/2024/CVE-2024-3922.yaml index 8ecf01486e..07147e2f37 100644 --- a/http/cves/2024/CVE-2024-3922.yaml +++ b/http/cves/2024/CVE-2024-3922.yaml @@ -21,7 +21,7 @@ info: vendor: wedevs product: dokan publicwww-query: "/wp-content/plugins/dokan-pro/" - tags: cve,cve2024,dokan,wp-plugin,wordpress,wp,dokan-pro,sqli + tags: time-based,cve,cve2024,dokan,wp-plugin,wordpress,wp,dokan-pro,sqli flow: http(1) && http(2) http: diff --git a/http/cves/2024/CVE-2024-4257.yaml b/http/cves/2024/CVE-2024-4257.yaml index 8864160a83..0c090fb037 100644 --- a/http/cves/2024/CVE-2024-4257.yaml +++ b/http/cves/2024/CVE-2024-4257.yaml @@ -21,7 +21,7 @@ info: verified: true max-request: 1 fofa-query: app="LANWON-临床浏览系统" - tags: cve,cve2024,sqli,blunet + tags: time-based,cve,cve2024,sqli,blunet flow: http(1) && http(2) diff --git a/http/cves/2024/CVE-2024-4295.yaml b/http/cves/2024/CVE-2024-4295.yaml index 666440d967..5db439ab70 100644 --- a/http/cves/2024/CVE-2024-4295.yaml +++ b/http/cves/2024/CVE-2024-4295.yaml @@ -29,7 +29,7 @@ info: max-request: 1 publicwww-query: "/wp-content/plugins/email-subscribers/" fofa-query: body="/wp-content/plugins/email-subscribers/" - tags: cve,cve2024,wordpress,wp-plugin,wp,email-subscribers,sqli + tags: time-based,cve,cve2024,wordpress,wp-plugin,wp,email-subscribers,sqli variables: contact_id: "{{contact_id}}" diff --git a/http/cves/2024/CVE-2024-43917.yaml b/http/cves/2024/CVE-2024-43917.yaml index 1d854f398b..3a93f0fde4 100644 --- a/http/cves/2024/CVE-2024-43917.yaml +++ b/http/cves/2024/CVE-2024-43917.yaml @@ -26,7 +26,7 @@ info: framework: wordpress fofa-query: body="/wp-content/plugins/ti-woocommerce-wishlist/" publicwww-query: "/wp-content/plugins/ti-woocommerce-wishlist/" - tags: cve,cve2024,wp,wordpress,ti-woocommerce-wishlist,wp-plugin,sqli + tags: time-based,cve,cve2024,wp,wordpress,ti-woocommerce-wishlist,wp-plugin,sqli flow: http(1) && http(2) && http(3) && http(4) diff --git a/http/cves/2024/CVE-2024-4443.yaml b/http/cves/2024/CVE-2024-4443.yaml index 5d3a0d684d..13b63b1f36 100644 --- a/http/cves/2024/CVE-2024-4443.yaml +++ b/http/cves/2024/CVE-2024-4443.yaml @@ -28,7 +28,7 @@ info: publicwww-query: "/wp-content/plugins/business-directory-plugin/" product: business_directory vendor: businessdirectoryplugin - tags: cve,cve2024,sqli,business-directory,wordpress,wp-plugin + tags: time-based,cve,cve2024,sqli,business-directory,wordpress,wp-plugin http: - raw: diff --git a/http/cves/2024/CVE-2024-5765.yaml b/http/cves/2024/CVE-2024-5765.yaml index a2de09f2a0..3f439e1897 100644 --- a/http/cves/2024/CVE-2024-5765.yaml +++ b/http/cves/2024/CVE-2024-5765.yaml @@ -17,7 +17,7 @@ info: max-request: 2 verified: true fofa-query: body="/plugins/wpstickybar-sticky-bar-sticky-header" - tags: cve,cve2024,sqli,wpscan,wordpress,wp-plugin,wp,wpstickybar,unauth + tags: time-based,cve,cve2024,sqli,wpscan,wordpress,wp-plugin,wp,wpstickybar,unauth flow: http(1) && http(2) diff --git a/http/cves/2024/CVE-2024-5975.yaml b/http/cves/2024/CVE-2024-5975.yaml index 4d7aacf0be..311e8778cc 100644 --- a/http/cves/2024/CVE-2024-5975.yaml +++ b/http/cves/2024/CVE-2024-5975.yaml @@ -21,7 +21,7 @@ info: product: cz-loan-management framework: wordpress publicwww-query: "/wp-content/plugins/cz-loan-management" - tags: cve,cve2024,wpscan,wp-plugin,wordpress,wp,cz-loan-management + tags: time-based,cve,cve2024,wpscan,wp-plugin,wordpress,wp,cz-loan-management flow: http(1) && http(2) diff --git a/http/cves/2024/CVE-2024-6028.yaml b/http/cves/2024/CVE-2024-6028.yaml index bc7fa6efc6..2af99dc66f 100644 --- a/http/cves/2024/CVE-2024-6028.yaml +++ b/http/cves/2024/CVE-2024-6028.yaml @@ -22,7 +22,7 @@ info: publicwww-query: "/wp-content/plugins/quiz-maker/" product: quiz_maker vendor: ays-pro - tags: cve,cve2024,wordpress,wp,wp-plugin,quiz-maker,sqli + tags: time-based,cve,cve2024,wordpress,wp,wp-plugin,quiz-maker,sqli http: - raw: diff --git a/http/cves/2024/CVE-2024-6159.yaml b/http/cves/2024/CVE-2024-6159.yaml index ba56bf995d..5b8425ef2b 100644 --- a/http/cves/2024/CVE-2024-6159.yaml +++ b/http/cves/2024/CVE-2024-6159.yaml @@ -18,7 +18,7 @@ info: max-request: 2 framework: wordpress publicwww-query: "/wp-content/plugins/push-notification-for-post-and-buddypress" - tags: cve,cve2024,wpscan,wp-plugin,wordpress,push-notification + tags: time-based,cve,cve2024,wpscan,wp-plugin,wordpress,push-notification flow: http(1) && http(2) diff --git a/http/cves/2024/CVE-2024-6205.yaml b/http/cves/2024/CVE-2024-6205.yaml index 5f06659d06..4052d6731a 100644 --- a/http/cves/2024/CVE-2024-6205.yaml +++ b/http/cves/2024/CVE-2024-6205.yaml @@ -24,7 +24,7 @@ info: product: payplus-payment-gateway framework: wordpress publicwww-query: "/wp-content/plugins/payplus-payment-gateway" - tags: wpscan,cve,cve2024,sqli,wordpress,wp-plugin,wp,payplus-payment + tags: time-based,wpscan,cve,cve2024,sqli,wordpress,wp-plugin,wp,payplus-payment http: - raw: diff --git a/http/cves/2024/CVE-2024-6924.yaml b/http/cves/2024/CVE-2024-6924.yaml index 1eccf7793e..aa0b72e06b 100644 --- a/http/cves/2024/CVE-2024-6924.yaml +++ b/http/cves/2024/CVE-2024-6924.yaml @@ -14,7 +14,7 @@ info: product: truebooker framework: wordpress publicwww-query: "/wp-content/plugins/truebooker-appointment-booking" - tags: wpscan,cve,cve2024,sqli,wp,wp-plugin,wordpress,truebooker + tags: time-based,wpscan,cve,cve2024,sqli,wp,wp-plugin,wordpress,truebooker flow: http(1) && http(2) diff --git a/http/cves/2024/CVE-2024-6926.yaml b/http/cves/2024/CVE-2024-6926.yaml index 444b56d600..dfda870be4 100644 --- a/http/cves/2024/CVE-2024-6926.yaml +++ b/http/cves/2024/CVE-2024-6926.yaml @@ -21,7 +21,7 @@ info: product: viral-signup framework: wordpress publicwww-query: "/wp-content/plugins/viral-signup" - tags: cve,cve2024,wpscan,wp-plugin,wordpress,viral-signup + tags: time-based,cve,cve2024,wpscan,wp-plugin,wordpress,viral-signup flow: http(1) && http(2) diff --git a/http/cves/2024/CVE-2024-6928.yaml b/http/cves/2024/CVE-2024-6928.yaml index 5fd7b6d4de..c05729ebcd 100644 --- a/http/cves/2024/CVE-2024-6928.yaml +++ b/http/cves/2024/CVE-2024-6928.yaml @@ -20,7 +20,7 @@ info: product: opti-marketing framework: wordpress publicwww-query: "/wp-content/plugins/opti-marketing" - tags: cve,cve2024,wpscan,wp-plugin,wp,wordpress,opti-marketing,sqli + tags: time-based,cve,cve2024,wpscan,wp-plugin,wp,wordpress,opti-marketing,sqli flow: http(1) && http(2) diff --git a/http/cves/2024/CVE-2024-7188.yaml b/http/cves/2024/CVE-2024-7188.yaml index 5a2ff4756f..e0b0e1a8a1 100644 --- a/http/cves/2024/CVE-2024-7188.yaml +++ b/http/cves/2024/CVE-2024-7188.yaml @@ -25,7 +25,7 @@ info: product: quicklancer shodan-query: http.favicon.hash:1099370896 fofa-query: icon_hash="1099370896" - tags: cve,cve2024,sqli,quicklancer + tags: time-based,cve,cve2024,sqli,quicklancer http: - raw: diff --git a/http/cves/2024/CVE-2024-7854.yaml b/http/cves/2024/CVE-2024-7854.yaml index 975acf0c61..726b654049 100644 --- a/http/cves/2024/CVE-2024-7854.yaml +++ b/http/cves/2024/CVE-2024-7854.yaml @@ -25,7 +25,7 @@ info: product: woo_inquiry framework: wordpress publicwww-query: "/wp-content/plugins/woo-inquiry" - tags: cve,cve2024,wp,wordpress,wp-plugin,sqli,woo-inquiry + tags: time-based,cve,cve2024,wp,wordpress,wp-plugin,sqli,woo-inquiry flow: http(1) && http(2) diff --git a/http/cves/2024/CVE-2024-8484.yaml b/http/cves/2024/CVE-2024-8484.yaml index f4fd5de3b0..e171eb8cab 100644 --- a/http/cves/2024/CVE-2024-8484.yaml +++ b/http/cves/2024/CVE-2024-8484.yaml @@ -26,7 +26,7 @@ info: product: rest-api-to-miniprogram framework: wordpress publicwww-query: "/wp-content/plugins/rest-api-to-miniprogram" - tags: cve,cve2024,wp,wp-plugin,wordpress,sqli,miniprogram + tags: time-based,cve,cve2024,wp,wp-plugin,wordpress,sqli,miniprogram flow: http(1) && http(2) diff --git a/http/cves/2024/CVE-2024-8503.yaml b/http/cves/2024/CVE-2024-8503.yaml index e82b494223..fdb6fd5d19 100644 --- a/http/cves/2024/CVE-2024-8503.yaml +++ b/http/cves/2024/CVE-2024-8503.yaml @@ -23,7 +23,7 @@ info: vendor: vicidial product: vicidial fofa-query: icon_hash="1375401192" - tags: cve,cve2024,vicidial,sqli + tags: time-based,cve,cve2024,vicidial,sqli flow: http(1) && http(2) diff --git a/http/cves/2024/CVE-2024-8522.yaml b/http/cves/2024/CVE-2024-8522.yaml index e1c1c60537..33fd461494 100644 --- a/http/cves/2024/CVE-2024-8522.yaml +++ b/http/cves/2024/CVE-2024-8522.yaml @@ -25,7 +25,7 @@ info: product: learnpress shodan-query: html:"/wp-content/plugins/learnpress" fofa-query: body="/wp-content/plugins/learnpress" - tags: cve,cve2024,learnpress,sqli,wp,wordpress,wp-plugin,authenticated + tags: time-based,cve,cve2024,learnpress,sqli,wp,wordpress,wp-plugin,authenticated flow: http(1) && http(2) diff --git a/http/cves/2024/CVE-2024-9465.yaml b/http/cves/2024/CVE-2024-9465.yaml index 8cdde03ee9..b79fa60746 100644 --- a/http/cves/2024/CVE-2024-9465.yaml +++ b/http/cves/2024/CVE-2024-9465.yaml @@ -24,7 +24,7 @@ info: vendor: paloaltonetworks product: expedition shodan-query: http.favicon.hash:1499876150 - tags: cve,cve2024,palo-alto,sqli + tags: time-based,cve,cve2024,palo-alto,sqli flow: http(1) && http(2) diff --git a/http/vulnerabilities/hjsoft/hjsoft-hcm-tb-sqli.yaml b/http/vulnerabilities/hjsoft/hjsoft-hcm-tb-sqli.yaml index 43e84fcbeb..58477c1d9c 100644 --- a/http/vulnerabilities/hjsoft/hjsoft-hcm-tb-sqli.yaml +++ b/http/vulnerabilities/hjsoft/hjsoft-hcm-tb-sqli.yaml @@ -12,7 +12,7 @@ info: verified: true max-request: 1 fofa-query: app="HJSOFT-HCM" - tags: sqli,hjsoft,management-system + tags: time-based,sqli,hjsoft,management-system http: - raw: diff --git a/http/vulnerabilities/other/applezeed-sqli.yaml b/http/vulnerabilities/other/applezeed-sqli.yaml index ff00246289..10fd9cebea 100644 --- a/http/vulnerabilities/other/applezeed-sqli.yaml +++ b/http/vulnerabilities/other/applezeed-sqli.yaml @@ -12,7 +12,7 @@ info: verified: true max-request: 1 google-query: intext:"Power BY applezeed.com" - tags: sqli,unauth,applezeed + tags: time-based,sqli,unauth,applezeed http: - raw: @@ -30,4 +30,4 @@ http: - 'status_code == 200' condition: and -# digest: 4b0a00483046022100dfd17937eeadee3d65e927bb9326dfd03627b9c1df57de47c1ce8a87805ea246022100dcb6fd585f503ee0b57ec45c6289753f1754e08023d53e06c94571ec75c047f1:922c64590222798bb761d5b6d8e72950 +# digest: 4b0a00483046022100dfd17937eeadee3d65e927bb9326dfd03627b9c1df57de47c1ce8a87805ea246022100dcb6fd585f503ee0b57ec45c6289753f1754e08023d53e06c94571ec75c047f1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/vulnerabilities/other/azon-dominator-sqli.yaml b/http/vulnerabilities/other/azon-dominator-sqli.yaml index 3af93968ba..4fc7ff9c8f 100644 --- a/http/vulnerabilities/other/azon-dominator-sqli.yaml +++ b/http/vulnerabilities/other/azon-dominator-sqli.yaml @@ -13,7 +13,7 @@ info: verified: true max-request: 1 fofa-query: "Azon Dominator" - tags: azon,dominator,sqli + tags: time-based,azon,dominator,sqli http: - raw: diff --git a/http/vulnerabilities/other/csz-cms-sqli.yaml b/http/vulnerabilities/other/csz-cms-sqli.yaml index eb09bc77f6..94f40c647b 100644 --- a/http/vulnerabilities/other/csz-cms-sqli.yaml +++ b/http/vulnerabilities/other/csz-cms-sqli.yaml @@ -11,7 +11,7 @@ info: metadata: verified: true max-request: 1 - tags: packetstorm,sqli,csz,cms + tags: time-based,packetstorm,sqli,csz,cms http: - raw: @@ -28,4 +28,4 @@ http: - 'contains(body, "CSZ CMS")' condition: and -# digest: 4a0a00473045022006993fcb25c049e956bf7b0ad9c725cc8d9558aabe9394aa669e94bee59d9489022100a1bd51fe83f16743a47530a19015ccad81dea74b907195083cf5563a808ebef6:922c64590222798bb761d5b6d8e72950 +# digest: 4a0a00473045022006993fcb25c049e956bf7b0ad9c725cc8d9558aabe9394aa669e94bee59d9489022100a1bd51fe83f16743a47530a19015ccad81dea74b907195083cf5563a808ebef6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/vulnerabilities/other/ecology-oa-file-sqli.yaml b/http/vulnerabilities/other/ecology-oa-file-sqli.yaml index 40cd614df2..8b53637888 100644 --- a/http/vulnerabilities/other/ecology-oa-file-sqli.yaml +++ b/http/vulnerabilities/other/ecology-oa-file-sqli.yaml @@ -17,7 +17,7 @@ info: product: e-cology shodan-query: ecology_JSessionid fofa-query: app="泛微-协同办公OA" - tags: ecology,ecology-oa,sqli + tags: time-based,ecology,ecology-oa,sqli http: - raw: diff --git a/http/vulnerabilities/other/fumengyun-sqli.yaml b/http/vulnerabilities/other/fumengyun-sqli.yaml index 197a50df8c..b24eccbfd3 100644 --- a/http/vulnerabilities/other/fumengyun-sqli.yaml +++ b/http/vulnerabilities/other/fumengyun-sqli.yaml @@ -22,7 +22,7 @@ info: max-request: 1 shodan-query: title:"孚盟云 " fofa-query: title="孚盟云 " - tags: fumasoft,sqli + tags: time-based,fumasoft,sqli flow: http(1) && http(2) diff --git a/http/vulnerabilities/other/groomify-sqli.yaml b/http/vulnerabilities/other/groomify-sqli.yaml index d44c74039a..3362474f32 100644 --- a/http/vulnerabilities/other/groomify-sqli.yaml +++ b/http/vulnerabilities/other/groomify-sqli.yaml @@ -12,7 +12,7 @@ info: metadata: verified: "true" max-request: 1 - tags: sqli,groomify,unauth + tags: time-based,sqli,groomify,unauth http: - raw: @@ -31,4 +31,4 @@ http: - contains(body, 'value=\"deneme') condition: and -# digest: 4b0a00483046022100fda9980ba40b20fb868d13705d7db4a186fc38bee4f6b9830a2be5fc925a49c2022100e4e368ed18b2edf18a26b2f062058ef20c8627510f6e800b2904103ce46e744b:922c64590222798bb761d5b6d8e72950 +# digest: 4b0a00483046022100fda9980ba40b20fb868d13705d7db4a186fc38bee4f6b9830a2be5fc925a49c2022100e4e368ed18b2edf18a26b2f062058ef20c8627510f6e800b2904103ce46e744b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/vulnerabilities/other/opencart-core-sqli.yaml b/http/vulnerabilities/other/opencart-core-sqli.yaml index 7ffbd28277..d86ec91230 100644 --- a/http/vulnerabilities/other/opencart-core-sqli.yaml +++ b/http/vulnerabilities/other/opencart-core-sqli.yaml @@ -17,7 +17,7 @@ info: fofa-query: icon_hash="-1443008128" product: opencart vendor: opencart - tags: opencart,sqli + tags: time-based,opencart,sqli flow: http(1) && http(2) http: diff --git a/http/vulnerabilities/other/pingsheng-electronic-sqli.yaml b/http/vulnerabilities/other/pingsheng-electronic-sqli.yaml index 1bd189e097..72ff9c11dd 100644 --- a/http/vulnerabilities/other/pingsheng-electronic-sqli.yaml +++ b/http/vulnerabilities/other/pingsheng-electronic-sqli.yaml @@ -13,7 +13,7 @@ info: verified: "true" max-request: 1 fofa-query: "js/PSExtend.js" - tags: sqli,pingsheng + tags: time-based,sqli,pingsheng http: - raw: diff --git a/http/vulnerabilities/other/pmb-sqli.yaml b/http/vulnerabilities/other/pmb-sqli.yaml index 20e7e32c57..3100008247 100644 --- a/http/vulnerabilities/other/pmb-sqli.yaml +++ b/http/vulnerabilities/other/pmb-sqli.yaml @@ -13,7 +13,7 @@ info: verified: true max-request: 1 google-query: inurl:"opac_css" - tags: sqli,unauth,pmb + tags: time-based,sqli,unauth,pmb http: - raw: diff --git a/http/vulnerabilities/other/readymade-unilevel-sqli.yaml b/http/vulnerabilities/other/readymade-unilevel-sqli.yaml index eb0de1cfc5..9bd17cd4c7 100644 --- a/http/vulnerabilities/other/readymade-unilevel-sqli.yaml +++ b/http/vulnerabilities/other/readymade-unilevel-sqli.yaml @@ -11,7 +11,7 @@ info: metadata: vendor: i-netsolution product: readymade-unilevel-ecommerce - tags: ecommerce,readymade,sqli + tags: time-based,ecommerce,readymade,sqli http: - raw: diff --git a/http/vulnerabilities/other/sitemap-sql-injection.yaml b/http/vulnerabilities/other/sitemap-sql-injection.yaml index e57911d416..cbf2f3dd36 100644 --- a/http/vulnerabilities/other/sitemap-sql-injection.yaml +++ b/http/vulnerabilities/other/sitemap-sql-injection.yaml @@ -9,7 +9,7 @@ info: metadata: max-request: 2 google-query: intext:"sitemap" filetype:txt, filetype:xml inurl:sitemap - tags: misconfig,sitemap,sqli + tags: time-based,misconfig,sitemap,sqli http: - raw: diff --git a/http/vulnerabilities/other/stackposts-sqli.yaml b/http/vulnerabilities/other/stackposts-sqli.yaml index 405d35ccf0..3f7fcf2def 100644 --- a/http/vulnerabilities/other/stackposts-sqli.yaml +++ b/http/vulnerabilities/other/stackposts-sqli.yaml @@ -14,7 +14,7 @@ info: verified: true max-request: 1 shodan-query: html:"stackposts" - tags: sqli,unauth,stackposts + tags: time-based,sqli,unauth,stackposts http: - raw: diff --git a/http/vulnerabilities/prestashop/prestashop-apmarketplace-sqli.yaml b/http/vulnerabilities/prestashop/prestashop-apmarketplace-sqli.yaml index e3c73ef8f1..15117013b6 100644 --- a/http/vulnerabilities/prestashop/prestashop-apmarketplace-sqli.yaml +++ b/http/vulnerabilities/prestashop/prestashop-apmarketplace-sqli.yaml @@ -11,7 +11,7 @@ info: metadata: verified: true shodan-query: http.component:"Prestashop" - tags: prestashop,sqli + tags: time-based,prestashop,sqli http: - raw: diff --git a/http/vulnerabilities/vbulletin/vbulletin-ajaxreg-sqli.yaml b/http/vulnerabilities/vbulletin/vbulletin-ajaxreg-sqli.yaml index 419d8d16a9..fb8bdcfe59 100644 --- a/http/vulnerabilities/vbulletin/vbulletin-ajaxreg-sqli.yaml +++ b/http/vulnerabilities/vbulletin/vbulletin-ajaxreg-sqli.yaml @@ -19,7 +19,7 @@ info: shodan-query: http.component:"vBulletin" product: vbulletin vendor: vbulletin - tags: packetstorm,vbulletin,ajaxreg,sqli + tags: time-based,packetstorm,vbulletin,ajaxreg,sqli http: - raw: diff --git a/http/vulnerabilities/wanhu/wanhu-documentedit-sqli.yaml b/http/vulnerabilities/wanhu/wanhu-documentedit-sqli.yaml index 4002fe7efe..b55d308b79 100755 --- a/http/vulnerabilities/wanhu/wanhu-documentedit-sqli.yaml +++ b/http/vulnerabilities/wanhu/wanhu-documentedit-sqli.yaml @@ -13,7 +13,7 @@ info: verified: true max-request: 1 fofa-query: app="万户网络-ezOFFICE" - tags: wanhu,sqli + tags: time-based,wanhu,sqli http: - raw: @@ -30,4 +30,4 @@ http: - 'contains_all(body, "iSignature", "DoYFSignature")' condition: and -# digest: 4a0a00473045022016f9af257412b4bfe0762314c3f3971596633859cfa90626787c8efea19e60a30221009eeccd9426f5c7a49e0d377e2335c4b191262964c243a24357babd9b63be858b:922c64590222798bb761d5b6d8e72950 +# digest: 4a0a00473045022016f9af257412b4bfe0762314c3f3971596633859cfa90626787c8efea19e60a30221009eeccd9426f5c7a49e0d377e2335c4b191262964c243a24357babd9b63be858b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/vulnerabilities/wordpress/advanced-booking-calendar-sqli.yaml b/http/vulnerabilities/wordpress/advanced-booking-calendar-sqli.yaml index b980b6b665..53910072bf 100644 --- a/http/vulnerabilities/wordpress/advanced-booking-calendar-sqli.yaml +++ b/http/vulnerabilities/wordpress/advanced-booking-calendar-sqli.yaml @@ -13,7 +13,7 @@ info: metadata: verified: true max-request: 1 - tags: sqli,wpscan,wordpress,wp-plugin,wp,advanced-booking-calendar,unauthenticated + tags: time-based,sqli,wpscan,wordpress,wp-plugin,wp,advanced-booking-calendar,unauthenticated http: - raw: @@ -34,4 +34,4 @@ http: - 'contains(body, "abc-result-header")' condition: and -# digest: 4a0a00473045022100911dda2c9ecb635c07a0eb8758dac8adfab1112796dc578775f0a197ac5425b7022064f018e0b0f597b3799bde3c6b552bba4265318edae79251a0507484458e0e92:922c64590222798bb761d5b6d8e72950 +# digest: 4a0a00473045022100911dda2c9ecb635c07a0eb8758dac8adfab1112796dc578775f0a197ac5425b7022064f018e0b0f597b3799bde3c6b552bba4265318edae79251a0507484458e0e92:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/vulnerabilities/wordpress/leaguemanager-sql-injection.yaml b/http/vulnerabilities/wordpress/leaguemanager-sql-injection.yaml index 8a1f76aac0..7a7f7525cf 100644 --- a/http/vulnerabilities/wordpress/leaguemanager-sql-injection.yaml +++ b/http/vulnerabilities/wordpress/leaguemanager-sql-injection.yaml @@ -12,7 +12,7 @@ info: metadata: verified: true max-request: 1 - tags: wpscan,sqli,wp,wp-plugin,wordpress,leaguemanager,unauth + tags: time-based,wpscan,sqli,wp,wp-plugin,wordpress,leaguemanager,unauth http: - raw: @@ -30,4 +30,4 @@ http: - 'contains(body, "LeagueManagerAjaxL10n")' condition: and -# digest: 4b0a00483046022100e212ee414bbf491c941f5bac4f68e99f9e38f93a235f2992247bc719a91a7a66022100f74d6a19195458235dba7e2b26e2359e9ffb5bddcb4c627597df35ff2fce94b2:922c64590222798bb761d5b6d8e72950 +# digest: 4b0a00483046022100e212ee414bbf491c941f5bac4f68e99f9e38f93a235f2992247bc719a91a7a66022100f74d6a19195458235dba7e2b26e2359e9ffb5bddcb4c627597df35ff2fce94b2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/vulnerabilities/wordpress/notificationx-sqli.yaml b/http/vulnerabilities/wordpress/notificationx-sqli.yaml index 7c83623a9d..e8604e4d27 100644 --- a/http/vulnerabilities/wordpress/notificationx-sqli.yaml +++ b/http/vulnerabilities/wordpress/notificationx-sqli.yaml @@ -13,7 +13,7 @@ info: metadata: verified: true max-request: 2 - tags: wpscan,sqli,wp,wp-plugin,wordpress,notificationx-sql-injection + tags: time-based,wpscan,sqli,wp,wp-plugin,wordpress,notificationx-sql-injection http: - raw: @@ -42,4 +42,4 @@ http: - '"home":"(.*?)",' internal: true -# digest: 4b0a00483046022100f473a033b58bb46b8a4779f5d0d2ec2c6543e79bb03a99f69ee0dcf385b1266b022100cf23b383f29c180f3df37238343ed61437997b07640ffa5f62ab36c2da806b94:922c64590222798bb761d5b6d8e72950 +# digest: 4b0a00483046022100f473a033b58bb46b8a4779f5d0d2ec2c6543e79bb03a99f69ee0dcf385b1266b022100cf23b383f29c180f3df37238343ed61437997b07640ffa5f62ab36c2da806b94:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/vulnerabilities/wordpress/wp-adivaha-sqli.yaml b/http/vulnerabilities/wordpress/wp-adivaha-sqli.yaml index 18ed4296d2..713d2a8c56 100644 --- a/http/vulnerabilities/wordpress/wp-adivaha-sqli.yaml +++ b/http/vulnerabilities/wordpress/wp-adivaha-sqli.yaml @@ -12,7 +12,7 @@ info: verified: true max-request: 1 publicwww-query: "/wp-content/plugins/adiaha-hotel/" - tags: sqli,adivaha,wordpress,wp,wp-plugin + tags: time-based,sqli,adivaha,wordpress,wp,wp-plugin http: - raw: @@ -29,4 +29,4 @@ http: - contains(body, "adivaha") condition: and -# digest: 4b0a00483046022100b3a6c915a2cba4aa0cf4d49ea69f73504c90445b3f53b601f6527a9de5b2870c022100ca39b2fa5b1f556f4ae4c7c7a16655371c7272b8321f0d04280f68a70293ecd0:922c64590222798bb761d5b6d8e72950 +# digest: 4b0a00483046022100b3a6c915a2cba4aa0cf4d49ea69f73504c90445b3f53b601f6527a9de5b2870c022100ca39b2fa5b1f556f4ae4c7c7a16655371c7272b8321f0d04280f68a70293ecd0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/vulnerabilities/wordpress/wp-autosuggest-sql-injection.yaml b/http/vulnerabilities/wordpress/wp-autosuggest-sql-injection.yaml index d62895a93e..685f6699ee 100644 --- a/http/vulnerabilities/wordpress/wp-autosuggest-sql-injection.yaml +++ b/http/vulnerabilities/wordpress/wp-autosuggest-sql-injection.yaml @@ -12,7 +12,7 @@ info: metadata: verified: true max-request: 1 - tags: wp-plugin,wp,wp-autosuggest,wpscan,sqli,wordpress + tags: time-based,wp-plugin,wp,wp-autosuggest,wpscan,sqli,wordpress http: - raw: diff --git a/http/vulnerabilities/wordpress/wp-smart-manager-sqli.yaml b/http/vulnerabilities/wordpress/wp-smart-manager-sqli.yaml index c4af86875a..4d47ef1ff9 100644 --- a/http/vulnerabilities/wordpress/wp-smart-manager-sqli.yaml +++ b/http/vulnerabilities/wordpress/wp-smart-manager-sqli.yaml @@ -15,7 +15,7 @@ info: verified: true max-request: 2 publicwww-query: "/wp-content/plugins/smart-manager-for-wp-e-commerce/" - tags: wpscan,wp,wp-plugin,wordpress,smart-manager-for-wp-e-commerce,sqli + tags: time-based,wpscan,wp,wp-plugin,wordpress,smart-manager-for-wp-e-commerce,sqli http: - raw: @@ -39,4 +39,4 @@ http: - 'contains(body_2, "rel=\"preconnect") || contains(body, "Error")' condition: and -# digest: 4b0a00483046022100d48833d917b76837f53e578260bb9d0de3214e380835f7dcabd526d0f4256a000221008a9469351298a08125b9eac1101e26f43e0a4b50583f0fbf6df5adc46cf16cc9:922c64590222798bb761d5b6d8e72950 +# digest: 4b0a00483046022100d48833d917b76837f53e578260bb9d0de3214e380835f7dcabd526d0f4256a000221008a9469351298a08125b9eac1101e26f43e0a4b50583f0fbf6df5adc46cf16cc9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/vulnerabilities/wordpress/wp-statistics-sqli.yaml b/http/vulnerabilities/wordpress/wp-statistics-sqli.yaml index 24d86729ca..c8781f7af9 100644 --- a/http/vulnerabilities/wordpress/wp-statistics-sqli.yaml +++ b/http/vulnerabilities/wordpress/wp-statistics-sqli.yaml @@ -19,7 +19,7 @@ info: vendor: veronalabs product: wp_statistics publicwww-query: /wp-content/plugins/wp-statistics/ - tags: sqli,unauth,exploitdb,wp-statistics,wp-plugin,wordpress,wp + tags: time-based,sqli,unauth,exploitdb,wp-statistics,wp-plugin,wordpress,wp flow: http(1) && http(2) http: diff --git a/http/vulnerabilities/wordpress/zero-spam-sql-injection.yaml b/http/vulnerabilities/wordpress/zero-spam-sql-injection.yaml index f57ffede0a..a96f3f7908 100644 --- a/http/vulnerabilities/wordpress/zero-spam-sql-injection.yaml +++ b/http/vulnerabilities/wordpress/zero-spam-sql-injection.yaml @@ -13,7 +13,7 @@ info: metadata: verified: true max-request: 1 - tags: wpscan,wp,wp-plugin,wordpress,zero-spam,sqli,unauth + tags: time-based,wpscan,wp,wp-plugin,wordpress,zero-spam,sqli,unauth http: - raw: @@ -32,4 +32,4 @@ http: - 'contains(body, "zerospam-js")' condition: and -# digest: 4b0a00483046022100e3bfba15a72ac2cdc4fea28e066640859930a59abd2c016a2c3ad36fccca4072022100b20649152abf3ec807a126cc48618751466e929e4794c2b1b501a6b2755d341d:922c64590222798bb761d5b6d8e72950 +# digest: 4b0a00483046022100e3bfba15a72ac2cdc4fea28e066640859930a59abd2c016a2c3ad36fccca4072022100b20649152abf3ec807a126cc48618751466e929e4794c2b1b501a6b2755d341d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/vulnerabilities/yonyou/yonyou-u8-sqli.yaml b/http/vulnerabilities/yonyou/yonyou-u8-sqli.yaml index f907b9dab1..a972c7dd12 100644 --- a/http/vulnerabilities/yonyou/yonyou-u8-sqli.yaml +++ b/http/vulnerabilities/yonyou/yonyou-u8-sqli.yaml @@ -13,7 +13,7 @@ info: verified: true max-request: 2 fofa-query: icon_hash="-299520369" - tags: yonyou,grp,sqli + tags: time-based,yonyou,grp,sqli flow: http(1) && http(2) diff --git a/http/vulnerabilities/yonyou/yonyou-ufida-nc-cloud-sqli.yaml b/http/vulnerabilities/yonyou/yonyou-ufida-nc-cloud-sqli.yaml index 4230b19e5d..c929deee00 100644 --- a/http/vulnerabilities/yonyou/yonyou-ufida-nc-cloud-sqli.yaml +++ b/http/vulnerabilities/yonyou/yonyou-ufida-nc-cloud-sqli.yaml @@ -12,7 +12,7 @@ info: max-request: 1 verified: true fofa-query: app="用友-NC-Cloud" - tags: sqli,yonyou,ufida + tags: time-based,sqli,yonyou,ufida http: - raw: