Dashboard Content Enhancements (#5164)

Dashboard Content Enhancements

cves/2015/CVE-2015-7377.yaml

@@ -9,7 +9,6 @@ info:
     - https://packetstormsecurity.com/files/133928/WordPress-Pie-Register-2.0.18-Cross-Site-Scripting.html
     - https://github.com/GTSolutions/Pie-Register/blob/2.0.19/readme.txt
     - https://nvd.nist.gov/vuln/detail/CVE-2015-7377
-    - http://packetstormsecurity.com/files/133928/WordPress-Pie-Register-2.0.18-Cross-Site-Scripting.html
   classification:
     cve-id: CVE-2015-7377
   tags: cve,cve2015,wordpress,wp-plugin,xss

cves/2016/CVE-2016-8527.yaml

@@ -1,15 +1,15 @@
 id: CVE-2016-8527
 
 info:
-  name: Aruba Airwave - (XSS)
+  name: Aruba Airwave <8.2.3.1 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to a reflected cross-site scripting (XSS).
+  description: Aruba Airwave before version 8.2.3.1 is vulnerable to reflected cross-site scripting.
   reference:
     - https://www.exploit-db.com/exploits/41482
-    - https://nvd.nist.gov/vuln/detail/CVE-2016-8527
     - http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-001.txt
     - https://www.exploit-db.com/exploits/41482/
+    - https://nvd.nist.gov/vuln/detail/CVE-2016-8527
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -38,3 +38,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/08/18

cves/2017/CVE-2017-18536.yaml

@@ -1,13 +1,14 @@
 id: CVE-2017-18536
 
 info:
-  name: Stop User Enumeration 1.3.5-1.3.7 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Stop User Enumeration <=1.3.7 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: The Stop User Enumeration WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting (XSS) security vulnerability.
+  description: WordPress Stop User Enumeration 1.3.7 and earlier are vulnerable to unauthenticated reflected cross-site scripting.
   reference:
     - https://wpscan.com/vulnerability/956cc5fd-af06-43ac-aa85-46b468c73501
     - https://wordpress.org/plugins/stop-user-enumeration/#developers
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-18536
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -35,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/18

cves/2018/CVE-2018-1000129.yaml

@@ -1,16 +1,17 @@
 id: CVE-2018-1000129
 
 info:
-  name: Jolokia XSS
+  name: Jolokia 1.3.7 - Cross-Site Scripting
   author: mavericknerd,0h1in9e,daffainfo
   severity: medium
   description: |
-    An XSS vulnerability exists in the Jolokia agent version 1.3.7 in the HTTP servlet that allows an attacker to execute malicious javascript in the victim's browser.
+    Jolokia 1.3.7 is vulnerable to cross-site scripting in the HTTP servlet and allows an attacker to execute malicious JavaScript in the victim's browser.
   reference:
     - https://jolokia.org/#Security_fixes_with_1.5.0
     - https://github.com/rhuss/jolokia/commit/5895d5c137c335e6b473e9dcb9baf748851bbc5f#diff-f19898247eddb55de6400489bff748ad
     - https://blog.gdssecurity.com/labs/2018/4/18/jolokia-vulnerabilities-rce-xss.html
     - https://blog.it-securityguard.com/how-i-made-more-than-30k-with-jolokia-cves/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-1000129
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -44,3 +45,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/18

cves/2018/CVE-2018-1000671.yaml

@@ -1,14 +1,15 @@
 id: CVE-2018-1000671
 
 info:
-  name: Sympa version 6.2.16 - Open redirect and XSS
+  name: Sympa version =>6.2.16 - Cross-Site Scripting
   author: 0x_Akoko
   severity: medium
-  description: sympa version 6.2.16 and later contains a URL Redirection to Untrusted Site vulnerability in The referer parameter of the wwsympa fcgi login action that can result in Open redirection and reflected XSS via data URIs
+  description: Sympa version 6.2.16 and later contains a URL Redirection to Untrusted Site vulnerability in the referer parameter of the wwsympa fcgi login action that can result in open redirection and reflected cross-site scripting via data URIs.
   reference:
     - https://github.com/sympa-community/sympa/issues/268
     - https://www.cvedetails.com/cve/CVE-2018-1000671
     - https://vuldb.com/?id.123670
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-1000671
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -29,3 +30,5 @@ requests:
         part: header
         regex:
           - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+
+# Enhanced by mp on 2022/08/18

cves/2018/CVE-2018-1000856.yaml

@@ -5,7 +5,7 @@ info:
   author: arafatansari
   severity: medium
   description: |
-    DomainMOD 4.11.01 is vulnerable to Cross Site Scripting (XSS) via segments/add.php Segment Name field.
+    DomainMOD 4.11.01 is vulnerable to cross-site scripting via the segments/add.php Segment Name field.
   reference:
     - https://github.com/domainmod/domainmod/issues/80
     - https://nvd.nist.gov/vuln/detail/CVE-2018-1000856
@@ -57,3 +57,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/18

cves/2018/CVE-2018-10095.yaml

@@ -1,16 +1,16 @@
 id: CVE-2018-10095
 
 info:
-  name: Dolibarr before 7.0.2 allows XSS.
+  name: Dolibarr <7.0.2 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
   description: |
-    Cross-site scripting (XSS) vulnerability in Dolibarr before 7.0.2 allows remote attackers to inject arbitrary web script or HTML via the foruserlogin parameter to adherents/cartes/carte.php.
+    Dolibarr before 7.0.2  is vulnerable to cross-site scripting and allows remote attackers to inject arbitrary web script or HTML via the foruserlogin parameter to adherents/cartes/carte.php.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2018-10095
     - https://sysdream.com/news/lab/2018-05-21-cve-2018-10095-dolibarr-xss-injection-vulnerability/
     - https://github.com/Dolibarr/dolibarr/commit/1dc466e1fb687cfe647de4af891720419823ed56
     - https://github.com/Dolibarr/dolibarr/blob/7.0.2/ChangeLog
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-10095
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -38,3 +38,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/08/18

cves/2018/CVE-2018-10141.yaml

@@ -1,13 +1,13 @@
 id: CVE-2018-10141
 
 info:
-  name: GlobalProtect Login page XSS
+  name: Palo Alto Networks PAN-OS GlobalProtect <8.1.4 - Cross-Site Scripting
   author: dhiyaneshDk
   severity: medium
-  description: GlobalProtect Portal Login page in Palo Alto Networks PAN-OS before 8.1.4 allows an unauthenticated attacker to inject arbitrary JavaScript or HTML.
+  description: Palo Alto Networks PAN-OS before 8.1.4 GlobalProtect Portal Login page allows an unauthenticated attacker to inject arbitrary JavaScript or HTML, making it vulnerable to cross-site scripting.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2018-10141
     - https://security.paloaltonetworks.com/CVE-2018-10141
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-10141
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -35,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/18

cves/2018/CVE-2018-10230.yaml

@@ -1,15 +1,15 @@
 id: CVE-2018-10230
 
 info:
-  name: Zend Server < 9.13 - XSS
+  name: Zend Server <9.13 - Cross-Site Scripting
   author: marcos_iaf
   severity: medium
   description: |
-    A vulnerability in ZendServer < 9.13 allows an attacker to perform Reflected XSS via the debug_host parameter.
+    Zend Server before version 9.13 is vulnerable to cross-site scripting via the debug_host parameter.
   reference:
     - https://www.synacktiv.com/ressources/zend_server_9_1_3_xss.pdf
-    - https://nvd.nist.gov/vuln/detail/CVE-2018-10230
     - https://www.zend.com/en/products/server/release-notes
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-10230
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -39,3 +39,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/18

cves/2018/CVE-2018-12095.yaml

@@ -4,11 +4,12 @@ info:
   name: OEcms 3.1 - Cross-Site Scripting
   author: LogicalHunter
   severity: medium
-  description: A Reflected Cross-Site Scripting web vulnerability has been discovered in the OEcms v3.1 web-application. The vulnerability is located in the mod parameter of info.php.
+  description: OEcms 3.1 is vulnerable to reflected cross-site scripting via the mod parameter of info.php.
   reference:
     - https://www.exploit-db.com/exploits/44895
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12095
     - https://cxsecurity.com/issue/WLB-2018060092
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-12095
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 5.4
@@ -36,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/18

cves/2018/CVE-2018-12998.yaml

@@ -1,10 +1,10 @@
 id: CVE-2018-12998
 
 info:
-  name: Zoho manageengine Arbitrary Reflected XSS
+  name: Zoho manageengine - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows remote attackers to inject arbitrary web script or HTML via the parameter 'operation' to /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet.
+  description: Zoho manageengine is vulnerable to reflected cross-site scripting. This impacts  Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 via the parameter 'operation' to /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet.
   reference:
     - https://github.com/unh3x/just4cve/issues/10
     - http://packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-Read-File-Deletion.html
@@ -37,3 +37,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/08/18

cves/2018/CVE-2018-13380.yaml

@@ -1,15 +1,15 @@
 id: CVE-2018-13380
 
 info:
-  name: Fortinet FortiOS Cross-Site Scripting
+  name: Fortinet FortiOS - Cross-Site Scripting
   author: shelld3v,AaronChen0
   severity: medium
-  description: A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below versions under SSL VPN web portal allows attacker to execute unauthorized malicious script code via the error or message handling parameters.
+  description: Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below versions under SSL VPN web portal are vulnerable to cross-site scripting and allows attacker to execute unauthorized malicious script code via the error or message handling parameters.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2018-13380
     - https://blog.orange.tw/2019/08/attacking-ssl-vpn-part-2-breaking-the-fortigate-ssl-vpn.html
     - https://fortiguard.com/advisory/FG-IR-18-383
     - https://fortiguard.com/advisory/FG-IR-20-230
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-13380
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -41,3 +41,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/18

cves/2018/CVE-2018-14013.yaml

@@ -1,15 +1,15 @@
 id: CVE-2018-14013
 
 info:
-  name: Zimbra XSS
+  name: Synacor Zimbra Collaboration Suite Collaboration <8.8.11 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: Synacor Zimbra Collaboration Suite Collaboration before 8.8.11 has XSS in the AJAX and html web clients.
+  description: Synacor Zimbra Collaboration Suite Collaboration before 8.8.11 is vulnerable to cross-site scripting via the AJAX and html web clients.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2018-14013
     - https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories
     - https://bugzilla.zimbra.com/show_bug.cgi?id=109018
     - https://bugzilla.zimbra.com/show_bug.cgi?id=109017
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-14013
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -37,3 +37,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/08/18

cves/2018/CVE-2018-18570.yaml

@@ -1,10 +1,10 @@
 id: CVE-2018-18570
 
 info:
-  name: Cross-Site Scripting on Planon web application
+  name: Planon <Live Build 41 - Cross-Site Scripting
   author: emadshanab
   severity: medium
-  description: Planon before Live Build 41 has XSS
+  description: Planon before Live Build 41 is vulnerable to cross-site scripting.
   reference:
     - https://www2.deloitte.com/de/de/pages/risk/articles/planon-cross-site-scripting.html
     - https://nvd.nist.gov/vuln/detail/CVE-2018-18570
@@ -35,3 +35,5 @@ requests:
         words:
           - "text/html"
         part: header
+
+# Enhanced by mp on 2022/08/18

cves/2018/CVE-2018-18608.yaml

@@ -1,15 +1,15 @@
 id: CVE-2018-18608
 
 info:
-  name: DedeCMS V5.7 - Cross Site Scripting
+  name: DedeCMS 5.7 SP2 - Cross-Site Scripting
   author: ritikchaddha
   severity: medium
   description: |
-    DedeCMS 5.7 SP2 allows XSS via the function named GetPageList defined in the include/datalistcp.class.php file that is used to display the page numbers list at the bottom of some templates, as demonstrated by the PATH_INFO to /member/index.php, /member/pm.php, /member/content_list.php, or /plus/feedback.php.
+    DedeCMS 5.7 SP2 is vulnerable to cross-site scripting via the function named GetPageList defined in the include/datalistcp.class.php file that is used to display the page numbers list at the bottom of some templates, as demonstrated by the PATH_INFO to /member/index.php, /member/pm.php, /member/content_list.php, or /plus/feedback.php.
   reference:
     - https://github.com/ky-j/dedecms/issues/8
-    - https://nvd.nist.gov/vuln/detail/CVE-2018-18608
     - https://github.com/ky-j/dedecms/files/2504649/Reflected.XSS.Vulnerability.exists.in.the.file.of.DedeCMS.V5.7.SP2.docx
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-18608
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -42,3 +42,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/18

cves/2018/CVE-2018-19136.yaml

@@ -5,11 +5,11 @@ info:
   author: arafatansari
   severity: medium
   description: |
-    DomainMOD 4.11.01 is vulnerable to Reflected Cross Site Scripting (rXSS) via assets/edit/registrar-account.php.
+    DomainMOD 4.11.01 is vulnerable to reflected cross-site scripting via assets/edit/registrar-account.php.
   reference:
     - https://www.exploit-db.com/exploits/45883/
-    - https://nvd.nist.gov/vuln/detail/CVE-2018-19136
     - https://github.com/domainmod/domainmod/issues/79
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-19136
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -48,3 +48,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/18

cves/2018/CVE-2018-19137.yaml

@@ -5,7 +5,7 @@ info:
   author: arafatansari
   severity: medium
   description: |
-    DomainMOD 4.11.01 is vulnerable to Reflected Cross Site Scripting (rXSS) via assets/edit/ip-address.php.
+    DomainMOD 4.11.01 is vulnerable to reflected cross-site Scripting via assets/edit/ip-address.php.
   reference:
     - https://github.com/domainmod/domainmod/issues/79
     - https://nvd.nist.gov/vuln/detail/CVE-2018-19137
@@ -47,3 +47,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/18

cves/2020/CVE-2020-25864.yaml

@@ -6,11 +6,12 @@ info:
   severity: medium
   description: |
     HashiCorp Consul and Consul Enterprise up to version 1.9.4 are vulnerable to cross-site scripting via the key-value (KV) raw mode.
+  remediation: Fixed in 1.9.5, 1.8.10 and 1.7.14.
   reference:
     - https://discuss.hashicorp.com/t/hcsec-2021-07-consul-api-kv-endpoint-vulnerable-to-cross-site-scripting/23368
     - https://www.hashicorp.com/blog/category/consul
     - https://nvd.nist.gov/vuln/detail/CVE-2020-25864
-  remediation: Fixed in 1.9.5, 1.8.10 and 1.7.14.
+
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1

cves/2020/CVE-2020-27982.yaml

@@ -9,7 +9,6 @@ info:
     - https://packetstormsecurity.com/files/159763/Icewarp-WebMail-11.4.5.0-Cross-Site-Scripting.html
     - https://cxsecurity.com/issue/WLB-2020100161
     - https://nvd.nist.gov/vuln/detail/CVE-2020-27982
-    - http://packetstormsecurity.com/files/159763/Icewarp-WebMail-11.4.5.0-Cross-Site-Scripting.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1

cves/2020/CVE-2020-7318.yaml

@@ -10,8 +10,6 @@ info:
     - https://swarm.ptsecurity.com/vulnerabilities-in-mcafee-epolicy-orchestrator/
     - https://kc.mcafee.com/corporate/index?page=content&id=SB10332
     - https://nvd.nist.gov/vuln/detail/CVE-2020-7318
-  reference:
-    - https://kc.mcafee.com/corporate/index?page=content&id=SB10332
   classification:
     cvss-metrics: CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 4.3

cves/2021/CVE-2021-24991.yaml

@@ -1,11 +1,10 @@
 id: CVE-2021-24991
 
 info:
-  name: The WooCommerce PDF Invoices & Packing Slips WordPress plugin < 2.10.5 - XSS
+  name: WooCommerce PDF Invoices & Packing Slips WordPress Plugin < 2.10.5 - Cross-Site Scripting
   author: cckuailong
   severity: medium
-  description: The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.10.5 does not escape the tab and section parameters before outputting it back in an attribute, leading to a Reflected Cross-Site
-    Scripting in the admin dashboard.
+  description: The Wordpress plugin WooCommerce PDF Invoices & Packing Slips before 2.10.5 does not escape the tab and section parameters before reflecting it an attribute, leading to a reflected cross-site scripting in the admin dashboard.
   reference:
     - https://wpscan.com/vulnerability/88e706df-ae03-4665-94a3-db226e1f31a9
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24991
@@ -44,3 +43,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by cs 08/16/2022

cves/2021/CVE-2021-25008.yaml

@@ -1,10 +1,10 @@
 id: CVE-2021-25008
 
 info:
-  name: The Code Snippets WordPress plugin < 2.14.3 - XSS
+  name: The Code Snippets WordPress Plugin < 2.14.3 - Cross-Site Scripting
   author: cckuailong
   severity: medium
-  description: The Code Snippets WordPress plugin before 2.14.3 does not escape the snippets-safe-mode parameter before outputting it back in attributes, leading to a Reflected Cross-Site Scripting issue.
+  description: The Wordpress plugin Code Snippets before 2.14.3 does not escape the snippets-safe-mode parameter before reflecting it in attributes, leading to a reflected cross-site scripting issue.
   reference:
     - https://wpscan.com/vulnerability/cb232354-f74d-48bb-b437-7bdddd1df42a
     - https://nvd.nist.gov/vuln/detail/CVE-2021-25008
@@ -42,3 +42,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by cs 08/16/2022

cves/2022/CVE-2022-26564.yaml

@@ -1,5 +1,5 @@
-id: CVE-2022-26564
-
+id: CVE-2022-26564
+
 info:
   name: HotelDruid Hotel Management Software 3.0.3 XSS
   author: alexrydzak
@@ -18,28 +18,28 @@ info:
   metadata:
     shodan-query: http.favicon.hash:-1521640213
   tags: cve,cve2022,hoteldruid,xss
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/creaprezzi.php?prezzoperiodo4=%22><script>javascript:alert(%27XSS%27)</script>'
-      - '{{BaseURL}}/modifica_cliente.php?tipo_tabella=%22><script>javascript:alert(%27XSS%27)</script>&idclienti=1'
-      - '{{BaseURL}}/dati/availability_tpl.php?num_app_tipo_richiesti1=%22><script>javascript:alert(%27XSS%27)</script>'
-
-    stop-at-first-match: true
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - "<script>javascript:alert('XSS')</script>"
-          - "HotelDruid"
-        condition: and
-
-      - type: word
-        part: header
-        words:
-          - "text/html"
-
-      - type: status
-        status:
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/creaprezzi.php?prezzoperiodo4=%22><script>javascript:alert(%27XSS%27)</script>'
+      - '{{BaseURL}}/modifica_cliente.php?tipo_tabella=%22><script>javascript:alert(%27XSS%27)</script>&idclienti=1'
+      - '{{BaseURL}}/dati/availability_tpl.php?num_app_tipo_richiesti1=%22><script>javascript:alert(%27XSS%27)</script>'
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<script>javascript:alert('XSS')</script>"
+          - "HotelDruid"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
           - 200

network/smb-v1-detection.yaml

@@ -8,7 +8,7 @@ info:
     - https://stealthbits.com/blog/what-is-smbv1-and-why-you-should-disable-it/
   tags: network,windows,smb,service
   description: |
-    SMB (Server Message Block) is a network-layered protocol mainly used on Windows for sharing files, printers, and communication between network-attached computers. SMB related vulnerabilities can be levaraged to comprimise large-scale systems.
+    SMB (Server Message Block) is a network-layered protocol mainly used on Windows for sharing files, printers, and communication between network-attached computers. SMB related vulnerabilities can be levaraged to compromise large-scale systems.
 
 network:
   - inputs: