diff --git a/cloud/enum/azure-db-enum.yaml b/cloud/enum/azure-db-enum.yaml index edfc5ebe5a..03a3a5ba85 100644 --- a/cloud/enum/azure-db-enum.yaml +++ b/cloud/enum/azure-db-enum.yaml @@ -9,7 +9,7 @@ info: metadata: verified: true max-request: 1 - tags: cloud,enum,cloud-enum,azure,dns + tags: cloud,enum,cloud-enum,azure self-contained: true diff --git a/cloud/enum/azure-vm-cloud-enum.yaml b/cloud/enum/azure-vm-cloud-enum.yaml index 5ca393c9d4..87785a91a7 100644 --- a/cloud/enum/azure-vm-cloud-enum.yaml +++ b/cloud/enum/azure-vm-cloud-enum.yaml @@ -9,7 +9,7 @@ info: metadata: verified: true max-request: 1 - tags: cloud,cloud-enum,azure,fuzz,enum,dns + tags: cloud,cloud-enum,azure,fuzz,enum self-contained: true diff --git a/code/cves/2019/CVE-2019-14287.yaml b/code/cves/2019/CVE-2019-14287.yaml index 20e20ec8fa..30b7130474 100644 --- a/code/cves/2019/CVE-2019-14287.yaml +++ b/code/cves/2019/CVE-2019-14287.yaml @@ -25,7 +25,7 @@ info: max-request: 2 vendor: sudo_project product: sudo - tags: packetstorm,cve,cve2019,sudo,code,linux,privesc,local,canonical,sudo_project + tags: packetstorm,cve,cve2019,sudo,code,linux,privesc,local,canonical self-contained: true code: diff --git a/code/cves/2021/CVE-2021-3156.yaml b/code/cves/2021/CVE-2021-3156.yaml index f0c37464f1..b92022c2ba 100644 --- a/code/cves/2021/CVE-2021-3156.yaml +++ b/code/cves/2021/CVE-2021-3156.yaml @@ -24,7 +24,7 @@ info: verified: true vendor: sudo_project product: sudo - tags: packetstorm,cve,cve2021,sudo,code,linux,privesc,local,kev,sudo_project + tags: packetstorm,cve,cve2021,sudo,code,linux,privesc,local,kev self-contained: true code: diff --git a/code/cves/2023/CVE-2023-4911.yaml b/code/cves/2023/CVE-2023-4911.yaml index 3a9fa8efa0..d96f5b0e87 100644 --- a/code/cves/2023/CVE-2023-4911.yaml +++ b/code/cves/2023/CVE-2023-4911.yaml @@ -24,7 +24,7 @@ info: max-request: 1 vendor: gnu product: glibc - tags: cve,cve2023,code,glibc,looneytunables,linux,privesc,local,kev,gnu + tags: cve,cve2023,code,glibc,looneytunables,linux,privesc,local,kev self-contained: true code: diff --git a/code/cves/2023/CVE-2023-6246.yaml b/code/cves/2023/CVE-2023-6246.yaml index 4a2f955541..e7a19e0257 100644 --- a/code/cves/2023/CVE-2023-6246.yaml +++ b/code/cves/2023/CVE-2023-6246.yaml @@ -18,13 +18,13 @@ info: cve-id: CVE-2023-6246 cwe-id: CWE-787,CWE-122 epss-score: 0.0077 - epss-percentile: 0.80911 + epss-percentile: 0.80859 cpe: cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: gnu product: glibc - tags: cve,cve2023,code,glibc,linux,privesc,local,gnu + tags: cve,cve2023,code,glibc,linux,privesc,local self-contained: true code: diff --git a/code/privilege-escalation/linux/binary/privesc-sqlite3.yaml b/code/privilege-escalation/linux/binary/privesc-sqlite3.yaml index b4a78efc79..82bc981104 100644 --- a/code/privilege-escalation/linux/binary/privesc-sqlite3.yaml +++ b/code/privilege-escalation/linux/binary/privesc-sqlite3.yaml @@ -11,7 +11,7 @@ info: metadata: verified: true max-request: 3 - tags: code,linux,sqlite3,privesc,local,sqli + tags: code,linux,sqlite3,privesc,local self-contained: true code: diff --git a/dast/cves/2018/CVE-2018-19518.yaml b/dast/cves/2018/CVE-2018-19518.yaml index ec7011c9d2..b698a2abd7 100644 --- a/dast/cves/2018/CVE-2018-19518.yaml +++ b/dast/cves/2018/CVE-2018-19518.yaml @@ -17,7 +17,6 @@ info: cve-id: CVE-2018-19518 cwe-id: CWE-88 metadata: - max-request: 1 confidence: tenative tags: imap,dast,vulhub,cve,cve2018,rce,oast,php diff --git a/dast/cves/2021/CVE-2021-45046.yaml b/dast/cves/2021/CVE-2021-45046.yaml index 3d7b35a2cf..495aa6d985 100644 --- a/dast/cves/2021/CVE-2021-45046.yaml +++ b/dast/cves/2021/CVE-2021-45046.yaml @@ -17,7 +17,6 @@ info: cve-id: CVE-2021-45046 cwe-id: CWE-502 metadata: - max-request: 1 confidence: tenative tags: cve,cve2021,rce,oast,log4j,injection,dast diff --git a/dast/cves/2022/CVE-2022-42889.yaml b/dast/cves/2022/CVE-2022-42889.yaml index f39e250811..0e37bfb162 100644 --- a/dast/cves/2022/CVE-2022-42889.yaml +++ b/dast/cves/2022/CVE-2022-42889.yaml @@ -6,20 +6,19 @@ info: severity: critical description: | Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - "script" - execute expressions using the JVM script execution engine (javax.script) - "dns" - resolve dns records - "url" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default. - remediation: Upgrade to Apache Commons Text component between 1.5.0 to 1.10.0. reference: - https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om - http://www.openwall.com/lists/oss-security/2022/10/13/4 - http://www.openwall.com/lists/oss-security/2022/10/18/1 - https://securitylab.github.com/advisories/GHSL-2022-018_Apache_Commons_Text/ - https://github.com/silentsignal/burp-text4shell + remediation: Upgrade to Apache Commons Text component between 1.5.0 to 1.10.0. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-42889 cwe-id: CWE-94 metadata: - max-request: 1 confidence: tenative tags: cve,cve2022,rce,oast,text4shell,dast diff --git a/dast/vulnerabilities/cmdi/blind-oast-polyglots.yaml b/dast/vulnerabilities/cmdi/blind-oast-polyglots.yaml index 2b4178e80d..f285a8755e 100644 --- a/dast/vulnerabilities/cmdi/blind-oast-polyglots.yaml +++ b/dast/vulnerabilities/cmdi/blind-oast-polyglots.yaml @@ -5,13 +5,11 @@ info: author: pdteam,geeknik severity: high description: | - Potential blind OS command injection vulnerabilities, where the application constructs OS commands using unsanitized user input. - Successful exploitation could lead to arbitrary command execution on the system. + Potential blind OS command injection vulnerabilities, where the application constructs OS commands using unsanitized user input. + Successful exploitation could lead to arbitrary command execution on the system. reference: - https://portswigger.net/research/hunting-asynchronous-vulnerabilities - https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Command%20Injection/README.md - metadata: - max-request: 4 tags: cmdi,oast,dast,blind,polyglot variables: diff --git a/dast/vulnerabilities/cmdi/ruby-open-rce.yaml b/dast/vulnerabilities/cmdi/ruby-open-rce.yaml index cddf72581c..ab8e383ba3 100644 --- a/dast/vulnerabilities/cmdi/ruby-open-rce.yaml +++ b/dast/vulnerabilities/cmdi/ruby-open-rce.yaml @@ -5,12 +5,10 @@ info: author: pdteam severity: high description: | - Ruby's Kernel#open and URI.open enables not only file access but also process invocation by prefixing a pipe symbol (e.g., open(“| ls”)). So, it may lead to Remote Code Execution by using variable input to the argument of Kernel#open and URI.open. + Ruby's Kernel#open and URI.open enables not only file access but also process invocation by prefixing a pipe symbol (e.g., open(“| ls”)). So, it may lead to Remote Code Execution by using variable input to the argument of Kernel#open and URI.open. reference: - https://bishopfox.com/blog/ruby-vulnerabilities-exploits - https://codeql.github.com/codeql-query-help/ruby/rb-kernel-open/ - metadata: - max-request: 1 tags: cmdi,oast,dast,blind,ruby,rce variables: diff --git a/dast/vulnerabilities/crlf/cookie-injection.yaml b/dast/vulnerabilities/crlf/cookie-injection.yaml index a07398d49e..026d77fdeb 100644 --- a/dast/vulnerabilities/crlf/cookie-injection.yaml +++ b/dast/vulnerabilities/crlf/cookie-injection.yaml @@ -7,8 +7,6 @@ info: reference: - https://www.invicti.com/blog/web-security/understanding-cookie-poisoning-attacks/ - https://docs.imperva.com/bundle/on-premises-knowledgebase-reference-guide/page/cookie_injection.htm - metadata: - max-request: 1 tags: reflected,dast,cookie,injection variables: diff --git a/dast/vulnerabilities/crlf/crlf-injection.yaml b/dast/vulnerabilities/crlf/crlf-injection.yaml index 2a15f6c2e7..194517a9a4 100644 --- a/dast/vulnerabilities/crlf/crlf-injection.yaml +++ b/dast/vulnerabilities/crlf/crlf-injection.yaml @@ -4,8 +4,6 @@ info: name: CRLF Injection author: pdteam severity: low - metadata: - max-request: 41 tags: crlf,dast http: diff --git a/dast/vulnerabilities/lfi/lfi-keyed.yaml b/dast/vulnerabilities/lfi/lfi-keyed.yaml index 85eb10c2d5..93df95d6a7 100644 --- a/dast/vulnerabilities/lfi/lfi-keyed.yaml +++ b/dast/vulnerabilities/lfi/lfi-keyed.yaml @@ -6,8 +6,6 @@ info: severity: unknown reference: - https://owasp.org/www-community/attacks/Unicode_Encoding - metadata: - max-request: 25 tags: dast,pathtraversal,lfi variables: diff --git a/dast/vulnerabilities/lfi/linux-lfi-fuzz.yaml b/dast/vulnerabilities/lfi/linux-lfi-fuzz.yaml index 2ddfa0872c..4e18560c84 100644 --- a/dast/vulnerabilities/lfi/linux-lfi-fuzz.yaml +++ b/dast/vulnerabilities/lfi/linux-lfi-fuzz.yaml @@ -7,8 +7,6 @@ info: reference: - https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Directory%20Traversal/Intruder/directory_traversal.txt - https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/File%20Inclusion - metadata: - max-request: 46 tags: lfi,dast,linux http: diff --git a/dast/vulnerabilities/lfi/windows-lfi-fuzz.yaml b/dast/vulnerabilities/lfi/windows-lfi-fuzz.yaml index 41eac97775..5a18f37034 100644 --- a/dast/vulnerabilities/lfi/windows-lfi-fuzz.yaml +++ b/dast/vulnerabilities/lfi/windows-lfi-fuzz.yaml @@ -4,8 +4,6 @@ info: name: Local File Inclusion - Windows author: pussycat0x severity: high - metadata: - max-request: 39 tags: lfi,windows,dast http: diff --git a/dast/vulnerabilities/redirect/open-redirect.yaml b/dast/vulnerabilities/redirect/open-redirect.yaml index 3893143140..d06fd5dde9 100644 --- a/dast/vulnerabilities/redirect/open-redirect.yaml +++ b/dast/vulnerabilities/redirect/open-redirect.yaml @@ -4,8 +4,6 @@ info: name: Open Redirect Detection author: princechaddha severity: medium - metadata: - max-request: 1 tags: redirect,dast http: diff --git a/dast/vulnerabilities/rfi/generic-rfi.yaml b/dast/vulnerabilities/rfi/generic-rfi.yaml index 58f33dd8cf..46cb090042 100644 --- a/dast/vulnerabilities/rfi/generic-rfi.yaml +++ b/dast/vulnerabilities/rfi/generic-rfi.yaml @@ -6,8 +6,6 @@ info: severity: high reference: - https://www.invicti.com/learn/remote-file-inclusion-rfi/ - metadata: - max-request: 1 tags: rfi,dast,oast http: diff --git a/dast/vulnerabilities/sqli/sqli-error-based.yaml b/dast/vulnerabilities/sqli/sqli-error-based.yaml index 095b54444d..c0b234e0a4 100644 --- a/dast/vulnerabilities/sqli/sqli-error-based.yaml +++ b/dast/vulnerabilities/sqli/sqli-error-based.yaml @@ -8,8 +8,6 @@ info: Direct SQL Command Injection is a technique where an attacker creates or alters existing SQL commands to expose hidden data, or to override valuable ones, or even to execute dangerous system level commands on the database host. This is accomplished by the application taking user input and combining it with static parameters to build an SQL query . - metadata: - max-request: 3 tags: sqli,error,dast http: diff --git a/dast/vulnerabilities/ssrf/blind-ssrf.yaml b/dast/vulnerabilities/ssrf/blind-ssrf.yaml index 61435e1722..2c4d20d9e0 100644 --- a/dast/vulnerabilities/ssrf/blind-ssrf.yaml +++ b/dast/vulnerabilities/ssrf/blind-ssrf.yaml @@ -4,8 +4,6 @@ info: name: Blind SSRF OAST Detection author: pdteam severity: medium - metadata: - max-request: 3 tags: ssrf,dast,oast http: diff --git a/dast/vulnerabilities/ssrf/response-ssrf.yaml b/dast/vulnerabilities/ssrf/response-ssrf.yaml index ee4474d3a4..14f81d9668 100644 --- a/dast/vulnerabilities/ssrf/response-ssrf.yaml +++ b/dast/vulnerabilities/ssrf/response-ssrf.yaml @@ -6,8 +6,6 @@ info: severity: high reference: - https://github.com/bugcrowd/HUNT/blob/master/ZAP/scripts/passive/SSRF.py - metadata: - max-request: 12 tags: ssrf,dast http: diff --git a/dast/vulnerabilities/ssti/reflection-ssti.yaml b/dast/vulnerabilities/ssti/reflection-ssti.yaml index a5d82890a5..fae9311f3c 100644 --- a/dast/vulnerabilities/ssti/reflection-ssti.yaml +++ b/dast/vulnerabilities/ssti/reflection-ssti.yaml @@ -7,8 +7,6 @@ info: reference: - https://github.com/zaproxy/zap-extensions/blob/2d9898900abe85a47b9fe0ceb85ec39070816b98/addOns/ascanrulesAlpha/src/main/java/org/zaproxy/zap/extension/ascanrulesAlpha/SstiScanRule.java - https://github.com/DiogoMRSilva/websitesVulnerableToSSTI#list-of-seversneeds-update - metadata: - max-request: 14 tags: ssti,dast variables: diff --git a/dast/vulnerabilities/xss/reflected-xss.yaml b/dast/vulnerabilities/xss/reflected-xss.yaml index fb6c54ec24..bbb658c851 100644 --- a/dast/vulnerabilities/xss/reflected-xss.yaml +++ b/dast/vulnerabilities/xss/reflected-xss.yaml @@ -4,8 +4,6 @@ info: name: Reflected Cross Site Scripting author: pdteam severity: medium - metadata: - max-request: 1 tags: xss,rxss,dast variables: diff --git a/dast/vulnerabilities/xxe/generic-xxe.yaml b/dast/vulnerabilities/xxe/generic-xxe.yaml index 8098d4881c..26635ebaa5 100644 --- a/dast/vulnerabilities/xxe/generic-xxe.yaml +++ b/dast/vulnerabilities/xxe/generic-xxe.yaml @@ -6,8 +6,6 @@ info: severity: medium reference: - https://github.com/andresriancho/w3af/blob/master/w3af/plugins/audit/xxe.py - metadata: - max-request: 2 tags: dast,xxe variables: diff --git a/file/keys/credential-exposure-file.yaml b/file/keys/credential-exposure-file.yaml index 80174457dd..25e80b108c 100644 --- a/file/keys/credential-exposure-file.yaml +++ b/file/keys/credential-exposure-file.yaml @@ -5,7 +5,7 @@ info: author: Sy3Omda,geeknik,forgedhallpass,ayadi severity: unknown description: Check for multiple keys/tokens/passwords hidden inside of files. - tags: exposure,token,file,disclosure,keys + tags: exposure,token,file,disclosure # Extract secrets regex like api keys, password, token, etc ... for different services. # Always validate the leaked key/tokens/passwords to make sure it's valid, a token/keys without any impact is not an valid issue. # Severity is not fixed in this case, it varies from none to critical depending upon impact of disclosed key/tokes. diff --git a/http/cves/2000/CVE-2000-0114.yaml b/http/cves/2000/CVE-2000-0114.yaml index f70c2eeb62..1017ec6d7c 100644 --- a/http/cves/2000/CVE-2000-0114.yaml +++ b/http/cves/2000/CVE-2000-0114.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2000-0114 cwe-id: NVD-CWE-Other epss-score: 0.15958 - epss-percentile: 0.95841 + epss-percentile: 0.95829 cpe: cpe:2.3:a:microsoft:internet_information_server:3.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2005/CVE-2005-3634.yaml b/http/cves/2005/CVE-2005-3634.yaml index f626c5b911..4488b0a43c 100644 --- a/http/cves/2005/CVE-2005-3634.yaml +++ b/http/cves/2005/CVE-2005-3634.yaml @@ -23,7 +23,7 @@ info: cve-id: CVE-2005-3634 cwe-id: NVD-CWE-Other epss-score: 0.02843 - epss-percentile: 0.90511 + epss-percentile: 0.897 cpe: cpe:2.3:a:sap:sap_web_application_server:6.10:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2007/CVE-2007-3010.yaml b/http/cves/2007/CVE-2007-3010.yaml index e60414d526..1a29f75867 100644 --- a/http/cves/2007/CVE-2007-3010.yaml +++ b/http/cves/2007/CVE-2007-3010.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2007-3010 cwe-id: CWE-20 epss-score: 0.97317 - epss-percentile: 0.99867 + epss-percentile: 0.99868 cpe: cpe:2.3:a:alcatel-lucent:omnipcx:7.1:*:enterprise:*:*:*:*:* metadata: verified: true @@ -31,7 +31,7 @@ info: product: omnipcx shodan-query: title:"OmniPCX for Enterprise" fofa-query: app="Alcatel_Lucent-OmniPCX-Enterprise" - tags: cve,cve2007,kev,rce,alcatel,alcatel-lucent + tags: cve,cve2007,kev,rce,alcatel http: - method: GET diff --git a/http/cves/2008/CVE-2008-1059.yaml b/http/cves/2008/CVE-2008-1059.yaml index adb76c0190..4d096ce1ea 100644 --- a/http/cves/2008/CVE-2008-1059.yaml +++ b/http/cves/2008/CVE-2008-1059.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2008-1059 cwe-id: CWE-94 epss-score: 0.01493 - epss-percentile: 0.86593 + epss-percentile: 0.86573 cpe: cpe:2.3:a:wordpress:sniplets_plugin:1.1.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2008/CVE-2008-1061.yaml b/http/cves/2008/CVE-2008-1061.yaml index 9934280682..b395ef595b 100644 --- a/http/cves/2008/CVE-2008-1061.yaml +++ b/http/cves/2008/CVE-2008-1061.yaml @@ -25,10 +25,11 @@ info: epss-percentile: 0.77516 cpe: cpe:2.3:a:wordpress:sniplets_plugin:1.1.2:*:*:*:*:*:*:* metadata: - max-request: 2 + max-request: 1 vendor: wordpress - product: "sniplets_plugin" + product: sniplets_plugin tags: cve2008,cve,xss,wp-plugin,wp,edb,wpscan,wordpress,sniplets + flow: http(1) && http(2) http: diff --git a/http/cves/2008/CVE-2008-1547.yaml b/http/cves/2008/CVE-2008-1547.yaml index 62f5a9674e..95335e8942 100644 --- a/http/cves/2008/CVE-2008-1547.yaml +++ b/http/cves/2008/CVE-2008-1547.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2008-1547 cwe-id: CWE-601 epss-score: 0.03875 - epss-percentile: 0.91757 + epss-percentile: 0.9108 cpe: cpe:2.3:a:microsoft:exchange_server:2003:sp2:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2008/CVE-2008-2650.yaml b/http/cves/2008/CVE-2008-2650.yaml index 11923f5d62..28a0666dd5 100644 --- a/http/cves/2008/CVE-2008-2650.yaml +++ b/http/cves/2008/CVE-2008-2650.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2008-2650 cwe-id: CWE-22 epss-score: 0.06344 - epss-percentile: 0.93508 + epss-percentile: 0.93486 cpe: cpe:2.3:a:cmsimple:cmsimple:3.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2008/CVE-2008-5587.yaml b/http/cves/2008/CVE-2008-5587.yaml index e09fb8f952..90bcd16ae0 100644 --- a/http/cves/2008/CVE-2008-5587.yaml +++ b/http/cves/2008/CVE-2008-5587.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2008-5587 cwe-id: CWE-22 epss-score: 0.02331 - epss-percentile: 0.89531 + epss-percentile: 0.88625 cpe: cpe:2.3:a:phppgadmin:phppgadmin:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2008/CVE-2008-6080.yaml b/http/cves/2008/CVE-2008-6080.yaml index 418622e048..cf7fc02a6b 100644 --- a/http/cves/2008/CVE-2008-6080.yaml +++ b/http/cves/2008/CVE-2008-6080.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2008-6080 cwe-id: CWE-22 epss-score: 0.03314 - epss-percentile: 0.91148 + epss-percentile: 0.90395 cpe: cpe:2.3:a:codecall:com_ionfiles:4.4.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2008/CVE-2008-6222.yaml b/http/cves/2008/CVE-2008-6222.yaml index 1e4e279b14..b7f61b6a45 100644 --- a/http/cves/2008/CVE-2008-6222.yaml +++ b/http/cves/2008/CVE-2008-6222.yaml @@ -13,14 +13,13 @@ info: - https://www.exploit-db.com/exploits/6980 - https://nvd.nist.gov/vuln/detail/CVE-2008-6222 - https://exchange.xforce.ibmcloud.com/vulnerabilities/46356 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2008-6222 cwe-id: CWE-22 - epss-score: 0.01302 - epss-percentile: 0.85607 + epss-score: 0.01029 + epss-percentile: 0.82175 cpe: cpe:2.3:a:joomlashowroom:pro_desk_support_center:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2008/CVE-2008-6982.yaml b/http/cves/2008/CVE-2008-6982.yaml index 4f3db19755..384346aaaf 100644 --- a/http/cves/2008/CVE-2008-6982.yaml +++ b/http/cves/2008/CVE-2008-6982.yaml @@ -15,14 +15,13 @@ info: - http://sourceforge.net/projects/devalcms/files/devalcms/devalcms-1.4b/devalcms-1.4b.zip/download - https://nvd.nist.gov/vuln/detail/CVE-2008-6982 - https://exchange.xforce.ibmcloud.com/vulnerabilities/44940 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2008-6982 cwe-id: CWE-79 epss-score: 0.0038 - epss-percentile: 0.72554 + epss-percentile: 0.70097 cpe: cpe:2.3:a:devalcms:devalcms:1.4a:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2008/CVE-2008-7269.yaml b/http/cves/2008/CVE-2008-7269.yaml index 501a9711a9..8eaf2fb274 100644 --- a/http/cves/2008/CVE-2008-7269.yaml +++ b/http/cves/2008/CVE-2008-7269.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2008-7269 cwe-id: CWE-20 epss-score: 0.01425 - epss-percentile: 0.86272 + epss-percentile: 0.86241 cpe: cpe:2.3:a:boka:siteengine:5.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2009/CVE-2009-0932.yaml b/http/cves/2009/CVE-2009-0932.yaml index c6290802cd..4c4a3f433d 100644 --- a/http/cves/2009/CVE-2009-0932.yaml +++ b/http/cves/2009/CVE-2009-0932.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2009-0932 cwe-id: CWE-22 epss-score: 0.04048 - epss-percentile: 0.91931 + epss-percentile: 0.919 cpe: cpe:2.3:a:debian:horde:3.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2009/CVE-2009-1872.yaml b/http/cves/2009/CVE-2009-1872.yaml index 846bc3fc56..fdad6c137f 100644 --- a/http/cves/2009/CVE-2009-1872.yaml +++ b/http/cves/2009/CVE-2009-1872.yaml @@ -20,8 +20,8 @@ info: cvss-score: 4.3 cve-id: CVE-2009-1872 cwe-id: CWE-79 - epss-score: 0.32712 - epss-percentile: 0.96936 + epss-score: 0.37553 + epss-percentile: 0.97102 cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2009/CVE-2009-2100.yaml b/http/cves/2009/CVE-2009-2100.yaml index 805eff4942..68f9595bb0 100644 --- a/http/cves/2009/CVE-2009-2100.yaml +++ b/http/cves/2009/CVE-2009-2100.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2009-2100 cwe-id: CWE-22 epss-score: 0.00779 - epss-percentile: 0.8102 + epss-percentile: 0.80973 cpe: cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2009/CVE-2009-4202.yaml b/http/cves/2009/CVE-2009-4202.yaml index f143786f36..303920760a 100644 --- a/http/cves/2009/CVE-2009-4202.yaml +++ b/http/cves/2009/CVE-2009-4202.yaml @@ -14,14 +14,13 @@ info: - http://www.vupen.com/english/advisories/2009/1494 - https://nvd.nist.gov/vuln/detail/CVE-2009-4202 - http://www.exploit-db.com/exploits/8870 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2009-4202 cwe-id: CWE-22 epss-score: 0.01956 - epss-percentile: 0.88476 + epss-percentile: 0.87449 cpe: cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-0219.yaml b/http/cves/2010/CVE-2010-0219.yaml index 373fc1d57b..162fed1a75 100644 --- a/http/cves/2010/CVE-2010-0219.yaml +++ b/http/cves/2010/CVE-2010-0219.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2010-0219 cwe-id: CWE-255 epss-score: 0.97509 - epss-percentile: 0.99982 + epss-percentile: 0.99981 cpe: cpe:2.3:a:apache:axis2:1.3:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2010/CVE-2010-0696.yaml b/http/cves/2010/CVE-2010-0696.yaml index faefb9c408..151317113f 100644 --- a/http/cves/2010/CVE-2010-0696.yaml +++ b/http/cves/2010/CVE-2010-0696.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-0696 cwe-id: CWE-22 epss-score: 0.57303 - epss-percentile: 0.97645 + epss-percentile: 0.97418 cpe: cpe:2.3:a:joomlaworks:jw_allvideos:3.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-0759.yaml b/http/cves/2010/CVE-2010-0759.yaml index 3c3ab48417..4619ccc6cf 100644 --- a/http/cves/2010/CVE-2010-0759.yaml +++ b/http/cves/2010/CVE-2010-0759.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-0759 cwe-id: CWE-22 epss-score: 0.01569 - epss-percentile: 0.86988 + epss-percentile: 0.86974 cpe: cpe:2.3:a:greatjoomla:scriptegrator_plugin:1.4.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-0943.yaml b/http/cves/2010/CVE-2010-0943.yaml index 6f59e08f62..6fc8e83aa6 100644 --- a/http/cves/2010/CVE-2010-0943.yaml +++ b/http/cves/2010/CVE-2010-0943.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-0943 cwe-id: CWE-22 epss-score: 0.01155 - epss-percentile: 0.84586 + epss-percentile: 0.83338 cpe: cpe:2.3:a:joomlart:com_jashowcase:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-0972.yaml b/http/cves/2010/CVE-2010-0972.yaml index fe976464f8..ed8e98f25b 100644 --- a/http/cves/2010/CVE-2010-0972.yaml +++ b/http/cves/2010/CVE-2010-0972.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-0972 cwe-id: CWE-22 epss-score: 0.00813 - epss-percentile: 0.8146 + epss-percentile: 0.81406 cpe: cpe:2.3:a:g4j.laoneo:com_gcalendar:2.1.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-0982.yaml b/http/cves/2010/CVE-2010-0982.yaml index b2a99cd848..c0104a141b 100644 --- a/http/cves/2010/CVE-2010-0982.yaml +++ b/http/cves/2010/CVE-2010-0982.yaml @@ -11,14 +11,13 @@ info: reference: - https://www.exploit-db.com/exploits/10942 - https://nvd.nist.gov/vuln/detail/CVE-2010-0982 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N cvss-score: 4.3 cve-id: CVE-2010-0982 cwe-id: CWE-22 - epss-score: 0.19302 - epss-percentile: 0.96179 + epss-score: 0.0087 + epss-percentile: 0.80553 cpe: cpe:2.3:a:joomlamo:com_cartweberp:1.56.75:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1081.yaml b/http/cves/2010/CVE-2010-1081.yaml index 7c67f3999a..902e5d7506 100644 --- a/http/cves/2010/CVE-2010-1081.yaml +++ b/http/cves/2010/CVE-2010-1081.yaml @@ -12,14 +12,13 @@ info: - https://www.exploit-db.com/exploits/11511 - https://nvd.nist.gov/vuln/detail/CVE-2010-1081 - http://www.corejoomla.com/component/content/article/1-corejoomla-updates/40-community-polls-v153-security-release.html - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1081 cwe-id: CWE-22 - epss-score: 0.36214 - epss-percentile: 0.97067 + epss-score: 0.0168 + epss-percentile: 0.8632 cpe: cpe:2.3:a:corejoomla:com_communitypolls:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1219.yaml b/http/cves/2010/CVE-2010-1219.yaml index 82d583f44e..e4bc052eb4 100644 --- a/http/cves/2010/CVE-2010-1219.yaml +++ b/http/cves/2010/CVE-2010-1219.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1219 cwe-id: CWE-22 epss-score: 0.00813 - epss-percentile: 0.8146 + epss-percentile: 0.81406 cpe: cpe:2.3:a:com_janews:com_janews:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1305.yaml b/http/cves/2010/CVE-2010-1305.yaml index 6ca07b9219..e805a95731 100644 --- a/http/cves/2010/CVE-2010-1305.yaml +++ b/http/cves/2010/CVE-2010-1305.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1305 cwe-id: CWE-22 epss-score: 0.03203 - epss-percentile: 0.91022 + epss-percentile: 0.90236 cpe: cpe:2.3:a:joomlamo:com_jinventory:1.23.02:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1307.yaml b/http/cves/2010/CVE-2010-1307.yaml index fcc7835d64..118251644b 100644 --- a/http/cves/2010/CVE-2010-1307.yaml +++ b/http/cves/2010/CVE-2010-1307.yaml @@ -13,14 +13,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1307 - http://www.vupen.com/english/advisories/2010/0806 - https://exchange.xforce.ibmcloud.com/vulnerabilities/57531 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1307 cwe-id: CWE-22 epss-score: 0.01751 - epss-percentile: 0.87711 + epss-percentile: 0.86604 cpe: cpe:2.3:a:software.realtyna:com_joomlaupdater:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1308.yaml b/http/cves/2010/CVE-2010-1308.yaml index da9db559f9..0910a8204d 100644 --- a/http/cves/2010/CVE-2010-1308.yaml +++ b/http/cves/2010/CVE-2010-1308.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1308 cwe-id: CWE-22 epss-score: 0.01334 - epss-percentile: 0.85783 + epss-percentile: 0.85765 cpe: cpe:2.3:a:la-souris-verte:com_svmap:1.1.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1315.yaml b/http/cves/2010/CVE-2010-1315.yaml index b5aca3f4c3..9aa687c0b7 100644 --- a/http/cves/2010/CVE-2010-1315.yaml +++ b/http/cves/2010/CVE-2010-1315.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1315 cwe-id: CWE-22 epss-score: 0.0087 - epss-percentile: 0.82084 + epss-percentile: 0.82023 cpe: cpe:2.3:a:joomlamo:com_weberpcustomer:1.2.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1345.yaml b/http/cves/2010/CVE-2010-1345.yaml index 27bc9660f8..e9a084f961 100644 --- a/http/cves/2010/CVE-2010-1345.yaml +++ b/http/cves/2010/CVE-2010-1345.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1345 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.75338 + epss-percentile: 0.75244 cpe: cpe:2.3:a:cookex:com_ckforms:1.3.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1352.yaml b/http/cves/2010/CVE-2010-1352.yaml index 2d58630101..34e59780d7 100644 --- a/http/cves/2010/CVE-2010-1352.yaml +++ b/http/cves/2010/CVE-2010-1352.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1352 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.75338 + epss-percentile: 0.75244 cpe: cpe:2.3:a:jooforge:com_jukebox:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1470.yaml b/http/cves/2010/CVE-2010-1470.yaml index 9f573c73ee..2ee9dcd3fa 100644 --- a/http/cves/2010/CVE-2010-1470.yaml +++ b/http/cves/2010/CVE-2010-1470.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1470 cwe-id: CWE-22 epss-score: 0.04616 - epss-percentile: 0.92396 + epss-percentile: 0.92373 cpe: cpe:2.3:a:dev.pucit.edu.pk:com_webtv:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1471.yaml b/http/cves/2010/CVE-2010-1471.yaml index a2a4140d24..343bae62dc 100644 --- a/http/cves/2010/CVE-2010-1471.yaml +++ b/http/cves/2010/CVE-2010-1471.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1471 cwe-id: CWE-22 epss-score: 0.05684 - epss-percentile: 0.9319 + epss-percentile: 0.93171 cpe: cpe:2.3:a:b-elektro:com_addressbook:1.5.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1472.yaml b/http/cves/2010/CVE-2010-1472.yaml index ff5569be76..bfff5dcbf2 100644 --- a/http/cves/2010/CVE-2010-1472.yaml +++ b/http/cves/2010/CVE-2010-1472.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1472 cwe-id: CWE-22 epss-score: 0.05684 - epss-percentile: 0.9319 + epss-percentile: 0.93171 cpe: cpe:2.3:a:kazulah:com_horoscope:1.5.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1531.yaml b/http/cves/2010/CVE-2010-1531.yaml index 77ce7f3073..12ccceb83b 100644 --- a/http/cves/2010/CVE-2010-1531.yaml +++ b/http/cves/2010/CVE-2010-1531.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1531 cwe-id: CWE-22 epss-score: 0.01815 - epss-percentile: 0.87938 + epss-percentile: 0.86892 cpe: cpe:2.3:a:redcomponent:com_redshop:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1534.yaml b/http/cves/2010/CVE-2010-1534.yaml index f72062c1f7..06afaa24fb 100644 --- a/http/cves/2010/CVE-2010-1534.yaml +++ b/http/cves/2010/CVE-2010-1534.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2010-1534 cwe-id: CWE-22 epss-score: 0.01385 - epss-percentile: 0.86077 + epss-percentile: 0.86058 cpe: cpe:2.3:a:joomla.batjo:com_shoutbox:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1540.yaml b/http/cves/2010/CVE-2010-1540.yaml index 5cc9f4b7b3..6a2c6ad653 100644 --- a/http/cves/2010/CVE-2010-1540.yaml +++ b/http/cves/2010/CVE-2010-1540.yaml @@ -12,14 +12,13 @@ info: reference: - https://www.exploit-db.com/exploits/11625 - https://nvd.nist.gov/vuln/detail/CVE-2010-1540 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1540 cwe-id: CWE-22 epss-score: 0.0045 - epss-percentile: 0.74677 + epss-percentile: 0.72402 cpe: cpe:2.3:a:myblog:com_myblog:3.0.329:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1602.yaml b/http/cves/2010/CVE-2010-1602.yaml index c26bd9cfb4..82d4d0479b 100644 --- a/http/cves/2010/CVE-2010-1602.yaml +++ b/http/cves/2010/CVE-2010-1602.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2010-1602 cwe-id: CWE-22 epss-score: 0.03451 - epss-percentile: 0.91313 + epss-percentile: 0.91267 cpe: cpe:2.3:a:zimbllc:com_zimbcomment:0.8.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1603.yaml b/http/cves/2010/CVE-2010-1603.yaml index 849ed00472..9866062708 100644 --- a/http/cves/2010/CVE-2010-1603.yaml +++ b/http/cves/2010/CVE-2010-1603.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1603 cwe-id: CWE-22 epss-score: 0.03451 - epss-percentile: 0.91313 + epss-percentile: 0.91267 cpe: cpe:2.3:a:zimbllc:com_zimbcore:0.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1607.yaml b/http/cves/2010/CVE-2010-1607.yaml index b21b7b10fa..ba9f57adb0 100644 --- a/http/cves/2010/CVE-2010-1607.yaml +++ b/http/cves/2010/CVE-2010-1607.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1607 cwe-id: CWE-22 epss-score: 0.01726 - epss-percentile: 0.87631 + epss-percentile: 0.87577 cpe: cpe:2.3:a:paysyspro:com_wmi:1.5.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1653.yaml b/http/cves/2010/CVE-2010-1653.yaml index 808a44c5da..58f4abbb84 100644 --- a/http/cves/2010/CVE-2010-1653.yaml +++ b/http/cves/2010/CVE-2010-1653.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2010-1653 cwe-id: CWE-22 epss-score: 0.03527 - epss-percentile: 0.91392 + epss-percentile: 0.91355 cpe: cpe:2.3:a:htmlcoderhelper:com_graphics:1.0.6:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1715.yaml b/http/cves/2010/CVE-2010-1715.yaml index a52c82f7a5..91ec26c65c 100644 --- a/http/cves/2010/CVE-2010-1715.yaml +++ b/http/cves/2010/CVE-2010-1715.yaml @@ -12,14 +12,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1715 - http://packetstormsecurity.org/1004-exploits/joomlaonlineexam-lfi.txt - https://exchange.xforce.ibmcloud.com/vulnerabilities/57677 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P cvss-score: 6.8 cve-id: CVE-2010-1715 cwe-id: CWE-22 epss-score: 0.01242 - epss-percentile: 0.85229 + epss-percentile: 0.83996 cpe: cpe:2.3:a:pucit.edu:com_onlineexam:1.5.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1722.yaml b/http/cves/2010/CVE-2010-1722.yaml index 4897111535..419e077301 100644 --- a/http/cves/2010/CVE-2010-1722.yaml +++ b/http/cves/2010/CVE-2010-1722.yaml @@ -14,14 +14,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1722 - http://www.exploit-db.com/exploits/12177 - https://exchange.xforce.ibmcloud.com/vulnerabilities/57674 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P cvss-score: 6.8 cve-id: CVE-2010-1722 cwe-id: CWE-22 epss-score: 0.01242 - epss-percentile: 0.85229 + epss-percentile: 0.83996 cpe: cpe:2.3:a:dev.pucit.edu.pk:com_market:2.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1870.yaml b/http/cves/2010/CVE-2010-1870.yaml index e11807ad15..64875ad48b 100644 --- a/http/cves/2010/CVE-2010-1870.yaml +++ b/http/cves/2010/CVE-2010-1870.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2010-1870 cwe-id: CWE-917 epss-score: 0.06174 - epss-percentile: 0.93421 + epss-percentile: 0.92842 cpe: cpe:2.3:a:apache:struts:2.0.0:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2010/CVE-2010-1878.yaml b/http/cves/2010/CVE-2010-1878.yaml index be10377a64..80f826ac10 100644 --- a/http/cves/2010/CVE-2010-1878.yaml +++ b/http/cves/2010/CVE-2010-1878.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2010-1878 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.81631 + epss-percentile: 0.81565 cpe: cpe:2.3:a:blueflyingfish.no-ip:com_orgchart:1.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1956.yaml b/http/cves/2010/CVE-2010-1956.yaml index bb9565ca92..988470fe0d 100644 --- a/http/cves/2010/CVE-2010-1956.yaml +++ b/http/cves/2010/CVE-2010-1956.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1956 cwe-id: CWE-22 epss-score: 0.06055 - epss-percentile: 0.93366 + epss-percentile: 0.92761 cpe: cpe:2.3:a:thefactory:com_gadgetfactory:1.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1957.yaml b/http/cves/2010/CVE-2010-1957.yaml index 81047fac13..5b0064eee5 100644 --- a/http/cves/2010/CVE-2010-1957.yaml +++ b/http/cves/2010/CVE-2010-1957.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1957 cwe-id: CWE-22 epss-score: 0.01671 - epss-percentile: 0.87414 + epss-percentile: 0.87378 cpe: cpe:2.3:a:thefactory:com_lovefactory:1.3.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1979.yaml b/http/cves/2010/CVE-2010-1979.yaml index e45b0af54d..48197e9b5b 100644 --- a/http/cves/2010/CVE-2010-1979.yaml +++ b/http/cves/2010/CVE-2010-1979.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1979 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.81631 + epss-percentile: 0.81565 cpe: cpe:2.3:a:affiliatefeeds:com_datafeeds:build_880:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1981.yaml b/http/cves/2010/CVE-2010-1981.yaml index 2a42413ab8..8ef35d4b8e 100644 --- a/http/cves/2010/CVE-2010-1981.yaml +++ b/http/cves/2010/CVE-2010-1981.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1981 cwe-id: CWE-22 epss-score: 0.00656 - epss-percentile: 0.79117 + epss-percentile: 0.77311 cpe: cpe:2.3:a:fabrikar:fabrik:2.0:*:*:*:*:joomla\!:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1983.yaml b/http/cves/2010/CVE-2010-1983.yaml index 27c5110d7e..d8e2bdf0ef 100644 --- a/http/cves/2010/CVE-2010-1983.yaml +++ b/http/cves/2010/CVE-2010-1983.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1983 cwe-id: CWE-22 epss-score: 0.01815 - epss-percentile: 0.87938 + epss-percentile: 0.87898 cpe: cpe:2.3:a:redcomponent:com_redtwitter:1.0b8:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-2034.yaml b/http/cves/2010/CVE-2010-2034.yaml index 80668ca6b4..081f242b02 100644 --- a/http/cves/2010/CVE-2010-2034.yaml +++ b/http/cves/2010/CVE-2010-2034.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.5 cve-id: CVE-2010-2034 cwe-id: CWE-22 - epss-score: 0.07071 - epss-percentile: 0.93866 + epss-score: 0.00718 + epss-percentile: 0.7851 cpe: cpe:2.3:a:percha:com_perchaimageattach:1.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-2122.yaml b/http/cves/2010/CVE-2010-2122.yaml index a8062292ce..8a56651ed7 100644 --- a/http/cves/2010/CVE-2010-2122.yaml +++ b/http/cves/2010/CVE-2010-2122.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-2122 cwe-id: CWE-22 epss-score: 0.01806 - epss-percentile: 0.87908 + epss-percentile: 0.87868 cpe: cpe:2.3:a:joelrowley:com_simpledownload:0.9.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-2507.yaml b/http/cves/2010/CVE-2010-2507.yaml index 76e80623da..e37ce9a665 100644 --- a/http/cves/2010/CVE-2010-2507.yaml +++ b/http/cves/2010/CVE-2010-2507.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-2507 cwe-id: CWE-22 epss-score: 0.01671 - epss-percentile: 0.87414 + epss-percentile: 0.87378 cpe: cpe:2.3:a:masselink:com_picasa2gallery:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-2680.yaml b/http/cves/2010/CVE-2010-2680.yaml index fba316bede..99fde06630 100644 --- a/http/cves/2010/CVE-2010-2680.yaml +++ b/http/cves/2010/CVE-2010-2680.yaml @@ -11,14 +11,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-2680 - http://packetstormsecurity.org/1006-exploits/joomlajesectionfinder-lfi.txt - https://exchange.xforce.ibmcloud.com/vulnerabilities/59796 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P cvss-score: 6.8 cve-id: CVE-2010-2680 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.81631 + epss-percentile: 0.80059 cpe: cpe:2.3:a:harmistechnology:com_jesectionfinder:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-2920.yaml b/http/cves/2010/CVE-2010-2920.yaml index 985319cd5c..23c6b25fd1 100644 --- a/http/cves/2010/CVE-2010-2920.yaml +++ b/http/cves/2010/CVE-2010-2920.yaml @@ -11,14 +11,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-2920 - http://www.vupen.com/english/advisories/2010/1844 - https://exchange.xforce.ibmcloud.com/vulnerabilities/57660 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P cvss-score: 6.8 cve-id: CVE-2010-2920 cwe-id: CWE-22 epss-score: 0.03527 - epss-percentile: 0.91392 + epss-percentile: 0.90637 cpe: cpe:2.3:a:foobla:com_foobla_suggestions:1.5.1.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-3426.yaml b/http/cves/2010/CVE-2010-3426.yaml index 6199df5078..0afdabacc4 100644 --- a/http/cves/2010/CVE-2010-3426.yaml +++ b/http/cves/2010/CVE-2010-3426.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-3426 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.81631 + epss-percentile: 0.81565 cpe: cpe:2.3:a:4you-studio:com_jphone:1.0:alpha3:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-4769.yaml b/http/cves/2010/CVE-2010-4769.yaml index 48fd8c044c..bb238c6879 100644 --- a/http/cves/2010/CVE-2010-4769.yaml +++ b/http/cves/2010/CVE-2010-4769.yaml @@ -11,14 +11,13 @@ info: reference: - https://www.exploit-db.com/exploits/15585 - https://nvd.nist.gov/vuln/detail/CVE-2010-4769 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-4769 cwe-id: CWE-22 - epss-score: 0.22222 - epss-percentile: 0.96389 + epss-score: 0.00826 + epss-percentile: 0.80059 cpe: cpe:2.3:a:janguo:com_jimtawl:1.0.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2011/CVE-2011-0049.yaml b/http/cves/2011/CVE-2011-0049.yaml index c0ae07e2c8..f97802ff95 100644 --- a/http/cves/2011/CVE-2011-0049.yaml +++ b/http/cves/2011/CVE-2011-0049.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5 cve-id: CVE-2011-0049 cwe-id: CWE-22 - epss-score: 0.8814 - epss-percentile: 0.98619 + epss-score: 0.96615 + epss-percentile: 0.99548 cpe: cpe:2.3:a:mj2:majordomo_2:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2011/CVE-2011-2780.yaml b/http/cves/2011/CVE-2011-2780.yaml index 22a0118ee3..f51495187f 100644 --- a/http/cves/2011/CVE-2011-2780.yaml +++ b/http/cves/2011/CVE-2011-2780.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2011-2780 cwe-id: CWE-22 epss-score: 0.03327 - epss-percentile: 0.91171 + epss-percentile: 0.91127 cpe: cpe:2.3:a:chyrp:chyrp:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2011/CVE-2011-4336.yaml b/http/cves/2011/CVE-2011-4336.yaml index 1afa9059d8..af1291bb6b 100644 --- a/http/cves/2011/CVE-2011-4336.yaml +++ b/http/cves/2011/CVE-2011-4336.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2011-4336 cwe-id: CWE-79 epss-score: 0.00255 - epss-percentile: 0.6488 + epss-percentile: 0.64746 cpe: cpe:2.3:a:tiki:tikiwiki_cms\/groupware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2011/CVE-2011-4624.yaml b/http/cves/2011/CVE-2011-4624.yaml index 1a2df579c7..8df63641aa 100644 --- a/http/cves/2011/CVE-2011-4624.yaml +++ b/http/cves/2011/CVE-2011-4624.yaml @@ -20,15 +20,16 @@ info: cve-id: CVE-2011-4624 cwe-id: CWE-79 epss-score: 0.00431 - epss-percentile: 0.7409 + epss-percentile: 0.74018 cpe: cpe:2.3:a:codeasily:grand_flagallery:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: codeasily - product: "grand_flagallery" + product: grand_flagallery framework: wordpress - google-query: "inurl:\"/wp-content/plugins/flash-album-gallery\"" + google-query: inurl:"/wp-content/plugins/flash-album-gallery" tags: cve,cve2011,wordpress,xss,wp-plugin,codeasily + flow: http(1) && http(2) http: diff --git a/http/cves/2011/CVE-2011-4640.yaml b/http/cves/2011/CVE-2011-4640.yaml index ecdb23c029..369e9bebd4 100644 --- a/http/cves/2011/CVE-2011-4640.yaml +++ b/http/cves/2011/CVE-2011-4640.yaml @@ -14,13 +14,11 @@ info: cvss-score: 4 cve-id: CVE-2011-4640 cwe-id: CWE-22 - epss-score: 0.02569 - epss-percentile: 0.90017 - cpe: cpe:2.3:a:spamtitan:webtitan:*:*:*:*:*:*:*:* + cpe: cpe:2.3:a:spamtitan:spamtitan:*:*:*:*:*:*:*:* metadata: max-request: 3 + product: spamtitan vendor: spamtitan - product: webtitan shodan-query: title:"WebTitan" tags: cve,cve2011,lfi,spamtitan,webtitan,authenticated diff --git a/http/cves/2011/CVE-2011-4926.yaml b/http/cves/2011/CVE-2011-4926.yaml index c02f5303c6..d13526871a 100644 --- a/http/cves/2011/CVE-2011-4926.yaml +++ b/http/cves/2011/CVE-2011-4926.yaml @@ -21,14 +21,15 @@ info: cve-id: CVE-2011-4926 cwe-id: CWE-79 epss-score: 0.01792 - epss-percentile: 0.87857 + epss-percentile: 0.86796 cpe: cpe:2.3:a:bueltge:adminimize:*:*:*:*:*:*:*:* metadata: - max-request: 2 + max-request: 1 vendor: bueltge product: adminimize - google-query: "inurl:\"/wp-content/plugins/adminimize/\"" + google-query: inurl:"/wp-content/plugins/adminimize/" tags: cve2011,cve,wordpress,xss,wp-plugin,bueltge + flow: http(1) && http(2) http: diff --git a/http/cves/2011/CVE-2011-5107.yaml b/http/cves/2011/CVE-2011-5107.yaml index 20d3f397b8..b357da58e8 100644 --- a/http/cves/2011/CVE-2011-5107.yaml +++ b/http/cves/2011/CVE-2011-5107.yaml @@ -19,15 +19,16 @@ info: cvss-score: 4.3 cve-id: CVE-2011-5107 cwe-id: CWE-79 - epss-score: 0.00231 - epss-percentile: 0.6067 + epss-score: 0.00232 + epss-percentile: 0.6058 cpe: cpe:2.3:a:wordpress:alert_before_you_post:*:*:*:*:*:*:*:* metadata: - max-request: 2 + max-request: 1 vendor: wordpress - product: "alert_before_you_post" - google-query: "inurl:\"/wp-content/plugins/alert-before-your-post\"" + product: alert_before_you_post + google-query: inurl:"/wp-content/plugins/alert-before-your-post" tags: cve,cve2011,wordpress,xss,wp-plugin + flow: http(1) && http(2) http: diff --git a/http/cves/2011/CVE-2011-5179.yaml b/http/cves/2011/CVE-2011-5179.yaml index 8f220b05ad..2b7662c648 100644 --- a/http/cves/2011/CVE-2011-5179.yaml +++ b/http/cves/2011/CVE-2011-5179.yaml @@ -22,11 +22,12 @@ info: epss-percentile: 0.61346 cpe: cpe:2.3:a:skysa:skysa_app_bar_integration_plugin:*:*:*:*:*:*:*:* metadata: - max-request: 2 + max-request: 1 vendor: skysa - product: "skysa_app_bar_integration_plugin" - google-query: "inurl:\"/wp-content/plugins/skysa-official/\"" + product: skysa_app_bar_integration_plugin + google-query: inurl:"/wp-content/plugins/skysa-official/" tags: cve,cve2011,wordpress,xss,wp-plugin,skysa + flow: http(1) && http(2) http: diff --git a/http/cves/2011/CVE-2011-5181.yaml b/http/cves/2011/CVE-2011-5181.yaml index 59de03e31a..968b0da94d 100644 --- a/http/cves/2011/CVE-2011-5181.yaml +++ b/http/cves/2011/CVE-2011-5181.yaml @@ -22,11 +22,12 @@ info: epss-percentile: 0.71803 cpe: cpe:2.3:a:clickdesk:clickdesk_live_support-live_chat_plugin:2.0:*:*:*:*:*:*:* metadata: - max-request: 2 + max-request: 1 vendor: clickdesk - product: "clickdesk_live_support-live_chat_plugin" - google-query: "inurl:\"/wp-content/plugins/clickdesk-live-support-chat/\"" + product: clickdesk_live_support-live_chat_plugin + google-query: inurl:"/wp-content/plugins/clickdesk-live-support-chat/" tags: cve2011,cve,wordpress,xss,wp-plugin,clickdesk + flow: http(1) && http(2) http: diff --git a/http/cves/2011/CVE-2011-5265.yaml b/http/cves/2011/CVE-2011-5265.yaml index 8455f4973f..9b02ab22c5 100644 --- a/http/cves/2011/CVE-2011-5265.yaml +++ b/http/cves/2011/CVE-2011-5265.yaml @@ -23,11 +23,12 @@ info: epss-percentile: 0.75288 cpe: cpe:2.3:a:featurific_for_wordpress_project:featurific-for-wordpress:1.6.2:*:*:*:*:*:*:* metadata: - max-request: 2 - vendor: "featurific_for_wordpress_project" - product: "featurific-for-wordpress" - google-query: "inurl:\"/wp-content/plugins/featurific-for-wordpress\"" + max-request: 1 + vendor: featurific_for_wordpress_project + product: featurific-for-wordpress + google-query: inurl:"/wp-content/plugins/featurific-for-wordpress" tags: cve2011,cve,wordpress,xss,wp-plugin,featurific_for_wordpress_project + flow: http(1) && http(2) http: diff --git a/http/cves/2012/CVE-2012-0392.yaml b/http/cves/2012/CVE-2012-0392.yaml index 42df70406b..5c7c2d6751 100644 --- a/http/cves/2012/CVE-2012-0392.yaml +++ b/http/cves/2012/CVE-2012-0392.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2012-0392 cwe-id: NVD-CWE-noinfo epss-score: 0.9496 - epss-percentile: 0.99258 + epss-percentile: 0.99239 cpe: cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-0901.yaml b/http/cves/2012/CVE-2012-0901.yaml index 05a17996dc..e118e248b0 100644 --- a/http/cves/2012/CVE-2012-0901.yaml +++ b/http/cves/2012/CVE-2012-0901.yaml @@ -14,21 +14,21 @@ info: - http://packetstormsecurity.org/files/view/108470/wpystap-xss.txt - https://exchange.xforce.ibmcloud.com/vulnerabilities/72271 - https://github.com/ARPSyndicate/kenzer-templates - - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2012-0901 cwe-id: CWE-79 - epss-score: 0.00223 - epss-percentile: 0.60018 + epss-score: 0.00216 + epss-percentile: 0.59612 cpe: cpe:2.3:a:attenzione:yousaytoo:1.0:*:*:*:*:*:*:* metadata: - max-request: 2 + max-request: 1 vendor: attenzione product: yousaytoo - google-query: "inurl:\"/wp-content/plugins/yousaytoo-auto-publishing-plugin\"" + google-query: inurl:"/wp-content/plugins/yousaytoo-auto-publishing-plugin" tags: cve,cve2012,wp-plugin,packetstorm,wordpress,xss,attenzione + flow: http(1) && http(2) http: diff --git a/http/cves/2012/CVE-2012-0991.yaml b/http/cves/2012/CVE-2012-0991.yaml index 6f62f35972..4742dede6e 100644 --- a/http/cves/2012/CVE-2012-0991.yaml +++ b/http/cves/2012/CVE-2012-0991.yaml @@ -20,8 +20,8 @@ info: cvss-score: 3.5 cve-id: CVE-2012-0991 cwe-id: CWE-22 - epss-score: 0.72743 - epss-percentile: 0.98029 + epss-score: 0.81788 + epss-percentile: 0.98116 cpe: cpe:2.3:a:openemr:openemr:4.1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-1835.yaml b/http/cves/2012/CVE-2012-1835.yaml index 0e0a06914e..900ec78ab6 100644 --- a/http/cves/2012/CVE-2012-1835.yaml +++ b/http/cves/2012/CVE-2012-1835.yaml @@ -19,14 +19,15 @@ info: cve-id: CVE-2012-1835 cwe-id: CWE-79 epss-score: 0.01124 - epss-percentile: 0.84355 + epss-percentile: 0.84313 cpe: cpe:2.3:a:timely:all-in-one_event_calendar:1.4:*:*:*:*:*:*:* metadata: - max-request: 2 + max-request: 1 vendor: timely - product: "all-in-one_event_calendar" - google-query: "inurl:\"/wp-content/plugins/all-in-one-event-calendar\"" + product: all-in-one_event_calendar + google-query: inurl:"/wp-content/plugins/all-in-one-event-calendar" tags: cve,cve2012,wordpress,xss,wp-plugin,timely + flow: http(1) && http(2) http: diff --git a/http/cves/2012/CVE-2012-2371.yaml b/http/cves/2012/CVE-2012-2371.yaml index 324776f0fe..a8e71b45e0 100644 --- a/http/cves/2012/CVE-2012-2371.yaml +++ b/http/cves/2012/CVE-2012-2371.yaml @@ -24,10 +24,11 @@ info: epss-percentile: 0.85828 cpe: cpe:2.3:a:mnt-tech:wp-facethumb:0.1:*:*:*:*:*:*:* metadata: - max-request: 2 - vendor: "mnt-tech" - product: "wp-facethumb" + max-request: 1 + vendor: mnt-tech + product: wp-facethumb tags: cve,cve2012,packetstorm,wordpress,xss,wp-plugin,mnt-tech + flow: http(1) && http(2) http: diff --git a/http/cves/2012/CVE-2012-4032.yaml b/http/cves/2012/CVE-2012-4032.yaml index 2b906cda6f..b1dc2b670f 100644 --- a/http/cves/2012/CVE-2012-4032.yaml +++ b/http/cves/2012/CVE-2012-4032.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5.8 cve-id: CVE-2012-4032 cwe-id: CWE-20 - epss-score: 0.00842 - epss-percentile: 0.818 + epss-score: 0.00951 + epss-percentile: 0.81499 cpe: cpe:2.3:a:websitepanel:websitepanel:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-4242.yaml b/http/cves/2012/CVE-2012-4242.yaml index 5f45daa8e8..746bfbe330 100644 --- a/http/cves/2012/CVE-2012-4242.yaml +++ b/http/cves/2012/CVE-2012-4242.yaml @@ -21,10 +21,11 @@ info: epss-percentile: 0.59546 cpe: cpe:2.3:a:mf_gig_calendar_project:mf_gig_calendar:0.9.2:*:*:*:*:*:*:* metadata: - max-request: 2 - vendor: "mf_gig_calendar_project" - product: "mf_gig_calendar" + max-request: 1 + vendor: mf_gig_calendar_project + product: mf_gig_calendar tags: cve,cve2012,wordpress,xss,wp-plugin,mf_gig_calendar_project + flow: http(1) && http(2) http: diff --git a/http/cves/2012/CVE-2012-4253.yaml b/http/cves/2012/CVE-2012-4253.yaml index 12e96403a4..27efb88ce1 100644 --- a/http/cves/2012/CVE-2012-4253.yaml +++ b/http/cves/2012/CVE-2012-4253.yaml @@ -21,13 +21,13 @@ info: cve-id: CVE-2012-4253 cwe-id: CWE-22 epss-score: 0.0179 - epss-percentile: 0.87848 + epss-percentile: 0.87805 cpe: cpe:2.3:a:mysqldumper:mysqldumper:1.24.4:*:*:*:*:*:*:* metadata: max-request: 1 vendor: mysqldumper product: mysqldumper - tags: cve2012,cve,packetstorm,lfi,edb,mysqldumper,xss + tags: cve2012,cve,packetstorm,lfi,edb,mysqldumper http: - method: GET diff --git a/http/cves/2012/CVE-2012-4273.yaml b/http/cves/2012/CVE-2012-4273.yaml index 339e928c79..3036b6aa54 100644 --- a/http/cves/2012/CVE-2012-4273.yaml +++ b/http/cves/2012/CVE-2012-4273.yaml @@ -21,14 +21,15 @@ info: cve-id: CVE-2012-4273 cwe-id: CWE-79 epss-score: 0.00252 - epss-percentile: 0.64625 + epss-percentile: 0.64486 cpe: cpe:2.3:a:ppfeufer:2-click-social-media-buttons:*:*:*:*:*:*:*:* metadata: - max-request: 2 + max-request: 1 vendor: ppfeufer - product: "2-click-social-media-buttons" - google-query: "inurl:\"/wp-content/plugins/2-click-socialmedia-buttons\"" + product: 2-click-social-media-buttons + google-query: inurl:"/wp-content/plugins/2-click-socialmedia-buttons" tags: cve,cve2012,wordpress,xss,wp-plugin,packetstorm,ppfeufer + flow: http(1) && http(2) http: diff --git a/http/cves/2012/CVE-2012-4768.yaml b/http/cves/2012/CVE-2012-4768.yaml index 5e3edd381e..69ab252b50 100644 --- a/http/cves/2012/CVE-2012-4768.yaml +++ b/http/cves/2012/CVE-2012-4768.yaml @@ -21,14 +21,15 @@ info: cve-id: CVE-2012-4768 cwe-id: CWE-79 epss-score: 0.00922 - epss-percentile: 0.82618 + epss-percentile: 0.82559 cpe: cpe:2.3:a:mikejolley:download_monitor:3.3.5.7:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: mikejolley - product: "download_monitor" + product: download_monitor framework: wordpress tags: cve,cve2012,xss,wp-plugin,packetstorm,wordpress,mikejolley + flow: http(1) && http(2) http: diff --git a/http/cves/2012/CVE-2012-4878.yaml b/http/cves/2012/CVE-2012-4878.yaml index 5954c298a0..8182a35a3e 100644 --- a/http/cves/2012/CVE-2012-4878.yaml +++ b/http/cves/2012/CVE-2012-4878.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5 cve-id: CVE-2012-4878 cwe-id: CWE-22 - epss-score: 0.00537 - epss-percentile: 0.76848 + epss-score: 0.00608 + epss-percentile: 0.7813 cpe: cpe:2.3:a:flatnux:flatnux:2011-08-09-2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-4940.yaml b/http/cves/2012/CVE-2012-4940.yaml index 2092c252bf..5d5c070da4 100644 --- a/http/cves/2012/CVE-2012-4940.yaml +++ b/http/cves/2012/CVE-2012-4940.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2012-4940 cwe-id: CWE-22 epss-score: 0.16414 - epss-percentile: 0.95879 + epss-percentile: 0.95527 cpe: cpe:2.3:a:gecad:axigen_free_mail_server:-:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2012/CVE-2012-5913.yaml b/http/cves/2012/CVE-2012-5913.yaml index c6344bd77d..ba0b6775f3 100644 --- a/http/cves/2012/CVE-2012-5913.yaml +++ b/http/cves/2012/CVE-2012-5913.yaml @@ -24,10 +24,11 @@ info: epss-percentile: 0.88104 cpe: cpe:2.3:a:wordpress_integrator_project:wordpress_integrator:1.32:*:*:*:*:*:*:* metadata: - max-request: 2 - vendor: "wordpress_integrator_project" - product: "wordpress_integrator" + max-request: 1 + vendor: wordpress_integrator_project + product: wordpress_integrator tags: cve,cve2012,wordpress,xss,wp-plugin,packetstorm,wordpress_integrator_project + flow: http(1) && http(2) http: diff --git a/http/cves/2012/CVE-2012-6499.yaml b/http/cves/2012/CVE-2012-6499.yaml index 7a8c8857dc..7eade9c1f7 100644 --- a/http/cves/2012/CVE-2012-6499.yaml +++ b/http/cves/2012/CVE-2012-6499.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.8 cve-id: CVE-2012-6499 cwe-id: CWE-20 - epss-score: 0.03494 - epss-percentile: 0.91359 + epss-score: 0.01204 + epss-percentile: 0.83755 cpe: cpe:2.3:a:age_verification_project:age_verification:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2013/CVE-2013-1965.yaml b/http/cves/2013/CVE-2013-1965.yaml index 6269df013c..792c18b646 100644 --- a/http/cves/2013/CVE-2013-1965.yaml +++ b/http/cves/2013/CVE-2013-1965.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2013-1965 cwe-id: CWE-94 epss-score: 0.00813 - epss-percentile: 0.81462 + epss-percentile: 0.79935 cpe: cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2013/CVE-2013-2251.yaml b/http/cves/2013/CVE-2013-2251.yaml index 4216467b7d..33f46ae811 100644 --- a/http/cves/2013/CVE-2013-2251.yaml +++ b/http/cves/2013/CVE-2013-2251.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.3 cve-id: CVE-2013-2251 cwe-id: CWE-20 - epss-score: 0.9738 - epss-percentile: 0.99903 + epss-score: 0.97432 + epss-percentile: 0.99936 cpe: cpe:2.3:a:apache:struts:2.0.0:*:*:*:*:*:*:* metadata: max-request: 9 diff --git a/http/cves/2013/CVE-2013-2287.yaml b/http/cves/2013/CVE-2013-2287.yaml index 4a4ba8c4b8..462bf63912 100644 --- a/http/cves/2013/CVE-2013-2287.yaml +++ b/http/cves/2013/CVE-2013-2287.yaml @@ -23,11 +23,12 @@ info: epss-percentile: 0.59251 cpe: cpe:2.3:a:roberta_bramski:uploader:1.0.4:*:*:*:*:*:*:* metadata: - max-request: 2 - vendor: "roberta_bramski" + max-request: 1 + vendor: roberta_bramski product: uploader - google-query: "inurl:\"/wp-content/plugins/uploader\"" - tags: cve,cve2013,wordpress,xss,wp-plugin,roberta_bramski,intrusive + google-query: inurl:"/wp-content/plugins/uploader" + tags: cve,cve2013,wordpress,xss,wp-plugin,roberta_bramski + flow: http(1) && http(2) http: diff --git a/http/cves/2013/CVE-2013-3526.yaml b/http/cves/2013/CVE-2013-3526.yaml index d3e81ee70a..47c48e1895 100644 --- a/http/cves/2013/CVE-2013-3526.yaml +++ b/http/cves/2013/CVE-2013-3526.yaml @@ -14,21 +14,21 @@ info: - http://packetstormsecurity.com/files/121167/WordPress-Traffic-Analyzer-Cross-Site-Scripting.html - https://exchange.xforce.ibmcloud.com/vulnerabilities/83311 - https://github.com/ARPSyndicate/kenzer-templates - - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2013-3526 cwe-id: CWE-79 epss-score: 0.00519 - epss-percentile: 0.76402 + epss-percentile: 0.74326 cpe: cpe:2.3:a:wptrafficanalyzer:trafficanalyzer:1.0.0:*:*:*:*:*:*:* metadata: - max-request: 2 + max-request: 1 vendor: wptrafficanalyzer product: trafficanalyzer - google-query: "inurl:\"/wp-content/plugins/trafficanalyzer\"" + google-query: inurl:"/wp-content/plugins/trafficanalyzer" tags: cve2013,cve,packetstorm,wordpress,xss,wp-plugin,wptrafficanalyzer + flow: http(1) && http(2) http: diff --git a/http/cves/2013/CVE-2013-4117.yaml b/http/cves/2013/CVE-2013-4117.yaml index 8157c46817..1c8d954e50 100644 --- a/http/cves/2013/CVE-2013-4117.yaml +++ b/http/cves/2013/CVE-2013-4117.yaml @@ -24,11 +24,12 @@ info: epss-percentile: 0.83801 cpe: cpe:2.3:a:anshul_sharma:category-grid-view-gallery:2.3.1:*:*:*:*:*:*:* metadata: - max-request: 2 - vendor: "anshul_sharma" - product: "category-grid-view-gallery" - google-query: "inurl:\"/wp-content/plugins/category-grid-view-gallery\"" + max-request: 1 + vendor: anshul_sharma + product: category-grid-view-gallery + google-query: inurl:"/wp-content/plugins/category-grid-view-gallery" tags: cve2013,cve,seclists,packetstorm,wordpress,xss,wp-plugin,anshul_sharma + flow: http(1) && http(2) http: diff --git a/http/cves/2013/CVE-2013-4625.yaml b/http/cves/2013/CVE-2013-4625.yaml index e7379bd118..7b2545baa8 100644 --- a/http/cves/2013/CVE-2013-4625.yaml +++ b/http/cves/2013/CVE-2013-4625.yaml @@ -23,11 +23,12 @@ info: epss-percentile: 0.85008 cpe: cpe:2.3:a:cory_lamle:duplicator:*:*:*:*:*:*:*:* metadata: - max-request: 2 - vendor: "cory_lamle" + max-request: 1 + vendor: cory_lamle product: duplicator - google-query: "inurl:\"/wp-content/plugins/duplicator\"" + google-query: inurl:"/wp-content/plugins/duplicator" tags: cve2013,cve,seclists,wordpress,xss,wp-plugin,packetstorm,cory_lamle + flow: http(1) && http(2) http: diff --git a/http/cves/2013/CVE-2013-5528.yaml b/http/cves/2013/CVE-2013-5528.yaml index 6db87ee24c..5f54b31d3b 100644 --- a/http/cves/2013/CVE-2013-5528.yaml +++ b/http/cves/2013/CVE-2013-5528.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2013-5528 cwe-id: CWE-22 epss-score: 0.00534 - epss-percentile: 0.76775 + epss-percentile: 0.74722 cpe: cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2013/CVE-2013-7091.yaml b/http/cves/2013/CVE-2013-7091.yaml index 013344be94..44c34d428f 100644 --- a/http/cves/2013/CVE-2013-7091.yaml +++ b/http/cves/2013/CVE-2013-7091.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2013-7091 cwe-id: CWE-22 epss-score: 0.97337 - epss-percentile: 0.99879 + epss-percentile: 0.99881 cpe: cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.0:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2014/CVE-2014-3206.yaml b/http/cves/2014/CVE-2014-3206.yaml index 7513230c1c..17c94b7d1a 100644 --- a/http/cves/2014/CVE-2014-3206.yaml +++ b/http/cves/2014/CVE-2014-3206.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2014-3206 cwe-id: CWE-20 epss-score: 0.2561 - epss-percentile: 0.96608 + epss-percentile: 0.96594 cpe: cpe:2.3:o:seagate:blackarmor_nas_220_firmware:-:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2014/CVE-2014-4210.yaml b/http/cves/2014/CVE-2014-4210.yaml index a51afb8f33..1f6974f7c3 100644 --- a/http/cves/2014/CVE-2014-4210.yaml +++ b/http/cves/2014/CVE-2014-4210.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5 cve-id: CVE-2014-4210 cwe-id: NVD-CWE-noinfo - epss-score: 0.9683 - epss-percentile: 0.99672 + epss-score: 0.96955 + epss-percentile: 0.9967 cpe: cpe:2.3:a:oracle:fusion_middleware:10.0.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-4513.yaml b/http/cves/2014/CVE-2014-4513.yaml index 32eb83f5e9..8ed5d7e85b 100644 --- a/http/cves/2014/CVE-2014-4513.yaml +++ b/http/cves/2014/CVE-2014-4513.yaml @@ -21,12 +21,13 @@ info: epss-percentile: 0.50288 cpe: cpe:2.3:a:activehelper:activehelper_livehelp_live_chat:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: activehelper - product: "activehelper_livehelp_live_chat" + product: activehelper_livehelp_live_chat framework: wordpress - google-query: "inurl:\"/wp-content/plugins/activehelper-livehelp\"" + google-query: inurl:"/wp-content/plugins/activehelper-livehelp" tags: cve2014,cve,wordpress,xss,wp-plugin,activehelper + flow: http(1) && http(2) http: diff --git a/http/cves/2014/CVE-2014-4535.yaml b/http/cves/2014/CVE-2014-4535.yaml index 8dfb2be465..f66829fb81 100644 --- a/http/cves/2014/CVE-2014-4535.yaml +++ b/http/cves/2014/CVE-2014-4535.yaml @@ -20,14 +20,15 @@ info: cve-id: CVE-2014-4535 cwe-id: CWE-79 epss-score: 0.00135 - epss-percentile: 0.48073 + epss-percentile: 0.48664 cpe: cpe:2.3:a:import_legacy_media_project:import_legacy_media:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "import_legacy_media_project" - product: "import_legacy_media" + max-request: 1 + vendor: import_legacy_media_project + product: import_legacy_media framework: wordpress tags: cve2014,cve,wpscan,wordpress,wp-plugin,xss,unauth,import_legacy_media_project + flow: http(1) && http(2) http: diff --git a/http/cves/2014/CVE-2014-4536.yaml b/http/cves/2014/CVE-2014-4536.yaml index 31ddb40443..8c002e1bc1 100644 --- a/http/cves/2014/CVE-2014-4536.yaml +++ b/http/cves/2014/CVE-2014-4536.yaml @@ -14,22 +14,22 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2014-4536 - http://wordpress.org/plugins/infusionsoft/changelog - http://codevigilant.com/disclosure/wp-plugin-infusionsoft-a3-cross-site-scripting-xss - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2014-4536 cwe-id: CWE-79 epss-score: 0.00149 - epss-percentile: 0.50258 + epss-percentile: 0.50857 cpe: cpe:2.3:a:katz:infusionsoft_gravity_forms:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: katz - product: "infusionsoft_gravity_forms" + product: infusionsoft_gravity_forms framework: wordpress - google-query: "inurl:\"/wp-content/plugins/infusionsoft/Infusionsoft/\"" + google-query: inurl:"/wp-content/plugins/infusionsoft/Infusionsoft/" tags: cve2014,cve,wpscan,wordpress,wp-plugin,xss,unauth,katz + flow: http(1) && http(2) http: diff --git a/http/cves/2014/CVE-2014-4539.yaml b/http/cves/2014/CVE-2014-4539.yaml index 2dfda67bd6..41d512b06b 100644 --- a/http/cves/2014/CVE-2014-4539.yaml +++ b/http/cves/2014/CVE-2014-4539.yaml @@ -23,11 +23,12 @@ info: epss-percentile: 0.47838 cpe: cpe:2.3:a:movies_project:movies:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "movies_project" + max-request: 1 + vendor: movies_project product: movies framework: wordpress tags: cve2014,cve,wordpress,wp-plugin,xss,wpscan,unauth,movies_project + flow: http(1) && http(2) http: diff --git a/http/cves/2014/CVE-2014-4544.yaml b/http/cves/2014/CVE-2014-4544.yaml index 92008ceed9..d438956a11 100644 --- a/http/cves/2014/CVE-2014-4544.yaml +++ b/http/cves/2014/CVE-2014-4544.yaml @@ -13,14 +13,13 @@ info: - https://wpscan.com/vulnerability/72a5a0e1-e720-45a9-b9d4-ee3144939abb - https://nvd.nist.gov/vuln/detail/CVE-2014-4544 - http://codevigilant.com/disclosure/wp-plugin-podcast-channels-a3-cross-site-scripting-xss - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2014-4544 cwe-id: CWE-79 epss-score: 0.00118 - epss-percentile: 0.45123 + epss-percentile: 0.45595 cpe: cpe:2.3:a:podcast_channels_project:podcast_channels:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-4550.yaml b/http/cves/2014/CVE-2014-4550.yaml index 4fb8739080..64a4b59675 100644 --- a/http/cves/2014/CVE-2014-4550.yaml +++ b/http/cves/2014/CVE-2014-4550.yaml @@ -13,22 +13,22 @@ info: - https://wpscan.com/vulnerability/c7c24c7d-5341-43a6-abea-4a50fce9aab0 - https://nvd.nist.gov/vuln/detail/CVE-2014-4550 - http://codevigilant.com/disclosure/wp-plugin-shortcode-ninja-a3-cross-site-scripting-xss - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2014-4550 cwe-id: CWE-79 epss-score: 0.00135 - epss-percentile: 0.48073 + epss-percentile: 0.48556 cpe: cpe:2.3:a:visualshortcodes:ninja:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: visualshortcodes product: ninja framework: wordpress - google-query: "inurl:\"/wp-content/plugins/shortcode-ninja\"" + google-query: inurl:"/wp-content/plugins/shortcode-ninja" tags: cve2014,cve,wordpress,wp-plugin,xss,wpscan,unauth,visualshortcodes + flow: http(1) && http(2) http: diff --git a/http/cves/2014/CVE-2014-4558.yaml b/http/cves/2014/CVE-2014-4558.yaml index c5ac0ad466..f87981322e 100644 --- a/http/cves/2014/CVE-2014-4558.yaml +++ b/http/cves/2014/CVE-2014-4558.yaml @@ -22,11 +22,12 @@ info: epss-percentile: 0.48556 cpe: cpe:2.3:a:cybercompany:swipehq-payment-gateway-woocommerce:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: cybercompany - product: "swipehq-payment-gateway-woocommerce" + product: swipehq-payment-gateway-woocommerce framework: wordpress tags: cve2014,cve,wpscan,wordpress,wp-plugin,xss,woocommerce,unauth,cybercompany + flow: http(1) && http(2) http: diff --git a/http/cves/2014/CVE-2014-4561.yaml b/http/cves/2014/CVE-2014-4561.yaml index aa6e3e89a0..b1e5187f18 100644 --- a/http/cves/2014/CVE-2014-4561.yaml +++ b/http/cves/2014/CVE-2014-4561.yaml @@ -23,11 +23,12 @@ info: epss-percentile: 0.40364 cpe: cpe:2.3:a:ultimate-weather_project:ultimate-weather:1.0:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "ultimate-weather_project" - product: "ultimate-weather" + max-request: 1 + vendor: ultimate-weather_project + product: ultimate-weather framework: wordpress tags: cve2014,cve,wordpress,wp-plugin,xss,weather,wpscan,unauth,ultimate-weather_project + flow: http(1) && http(2) http: diff --git a/http/cves/2014/CVE-2014-4942.yaml b/http/cves/2014/CVE-2014-4942.yaml index 97d9bf6564..bfad79553c 100644 --- a/http/cves/2014/CVE-2014-4942.yaml +++ b/http/cves/2014/CVE-2014-4942.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5 cve-id: CVE-2014-4942 cwe-id: CWE-200 - epss-score: 0.02162 - epss-percentile: 0.89138 + epss-score: 0.01024 + epss-percentile: 0.82199 cpe: cpe:2.3:a:levelfourdevelopment:wp-easycart:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-5111.yaml b/http/cves/2014/CVE-2014-5111.yaml index 7fafd0d2ae..6667b596ff 100644 --- a/http/cves/2014/CVE-2014-5111.yaml +++ b/http/cves/2014/CVE-2014-5111.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2014-5111 cwe-id: CWE-22 epss-score: 0.02194 - epss-percentile: 0.89212 + epss-percentile: 0.89179 cpe: cpe:2.3:a:netfortris:trixbox:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-6308.yaml b/http/cves/2014/CVE-2014-6308.yaml index a03e3278cb..8a02870d18 100644 --- a/http/cves/2014/CVE-2014-6308.yaml +++ b/http/cves/2014/CVE-2014-6308.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-6308 cwe-id: CWE-22 epss-score: 0.0922 - epss-percentile: 0.94556 + epss-percentile: 0.94519 cpe: cpe:2.3:a:osclass:osclass:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-8676.yaml b/http/cves/2014/CVE-2014-8676.yaml index 5dbcfac525..2eb92670c9 100644 --- a/http/cves/2014/CVE-2014-8676.yaml +++ b/http/cves/2014/CVE-2014-8676.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2014-8676 cwe-id: CWE-22 epss-score: 0.00195 - epss-percentile: 0.56624 + epss-percentile: 0.56456 cpe: cpe:2.3:a:soplanning:soplanning:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-8799.yaml b/http/cves/2014/CVE-2014-8799.yaml index 7aed7368ee..dd9b9f18af 100644 --- a/http/cves/2014/CVE-2014-8799.yaml +++ b/http/cves/2014/CVE-2014-8799.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-8799 cwe-id: CWE-22 epss-score: 0.17844 - epss-percentile: 0.9605 + epss-percentile: 0.96039 cpe: cpe:2.3:a:dukapress:dukapress:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-9094.yaml b/http/cves/2014/CVE-2014-9094.yaml index 9431767733..2593cc8aa0 100644 --- a/http/cves/2014/CVE-2014-9094.yaml +++ b/http/cves/2014/CVE-2014-9094.yaml @@ -24,12 +24,13 @@ info: epss-percentile: 0.96912 cpe: cpe:2.3:a:digitalzoomstudio:video_gallery:-:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: digitalzoomstudio - product: "video_gallery" + product: video_gallery framework: wordpress - google-query: "inurl:\"/wp-content/plugins/dzs-videogallery\"" + google-query: inurl:"/wp-content/plugins/dzs-videogallery" tags: cve2014,cve,wordpress,xss,wp-plugin,seclists,digitalzoomstudio + flow: http(1) && http(2) http: diff --git a/http/cves/2014/CVE-2014-9444.yaml b/http/cves/2014/CVE-2014-9444.yaml index 164801e433..4e01a22313 100644 --- a/http/cves/2014/CVE-2014-9444.yaml +++ b/http/cves/2014/CVE-2014-9444.yaml @@ -13,14 +13,13 @@ info: - https://wpscan.com/vulnerability/f0739b1e-22dc-4ca6-ad83-a0e80228e3c7 - https://nvd.nist.gov/vuln/detail/CVE-2014-9444 - http://packetstormsecurity.com/files/129749/WordPress-Frontend-Uploader-0.9.2-Cross-Site-Scripting.html - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2014-9444 cwe-id: CWE-79 - epss-score: 0.00723 - epss-percentile: 0.80291 + epss-score: 0.00287 + epss-percentile: 0.65501 cpe: cpe:2.3:a:frontend_uploader_project:frontend_uploader:0.9.2:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-9606.yaml b/http/cves/2014/CVE-2014-9606.yaml index 9e9256f056..20225da1f4 100644 --- a/http/cves/2014/CVE-2014-9606.yaml +++ b/http/cves/2014/CVE-2014-9606.yaml @@ -13,14 +13,13 @@ info: - https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz - https://nvd.nist.gov/vuln/detail/CVE-2014-9606 - http://packetstormsecurity.com/files/133034/Netsweeper-Bypass-XSS-Redirection-SQL-Injection-Execution.html - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2014-9606 cwe-id: CWE-79 epss-score: 0.00102 - epss-percentile: 0.40851 + epss-percentile: 0.41261 cpe: cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-1000005.yaml b/http/cves/2015/CVE-2015-1000005.yaml index 139968c55e..99fd990224 100644 --- a/http/cves/2015/CVE-2015-1000005.yaml +++ b/http/cves/2015/CVE-2015-1000005.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2015-1000005 cwe-id: CWE-22 epss-score: 0.047 - epss-percentile: 0.9248 + epss-percentile: 0.92455 cpe: cpe:2.3:a:candidate-application-form_project:candidate-application-form:1.0:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-1000010.yaml b/http/cves/2015/CVE-2015-1000010.yaml index b762d1fe5c..9dd8f9e6f7 100644 --- a/http/cves/2015/CVE-2015-1000010.yaml +++ b/http/cves/2015/CVE-2015-1000010.yaml @@ -15,14 +15,13 @@ info: - https://wpscan.com/vulnerability/40e84e85-7176-4552-b021-6963d0396543 - https://nvd.nist.gov/vuln/detail/CVE-2015-1000010 - http://www.vapidlabs.com/advisory.php?v=147 - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2015-1000010 cwe-id: CWE-284 - epss-score: 0.02835 - epss-percentile: 0.90496 + epss-score: 0.03171 + epss-percentile: 0.90143 cpe: cpe:2.3:a:simple-image-manipulator_project:simple-image-manipulator:1.0:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-1503.yaml b/http/cves/2015/CVE-2015-1503.yaml index 6792369029..611ec88318 100644 --- a/http/cves/2015/CVE-2015-1503.yaml +++ b/http/cves/2015/CVE-2015-1503.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-1503 cwe-id: CWE-22 epss-score: 0.90421 - epss-percentile: 0.98759 + epss-percentile: 0.98743 cpe: cpe:2.3:a:icewarp:mail_server:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2015/CVE-2015-1635.yaml b/http/cves/2015/CVE-2015-1635.yaml index 7e0b105770..4398251cff 100644 --- a/http/cves/2015/CVE-2015-1635.yaml +++ b/http/cves/2015/CVE-2015-1635.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2015-1635 cwe-id: CWE-94 epss-score: 0.97537 - epss-percentile: 0.99993 + epss-percentile: 0.99992 cpe: cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2015/CVE-2015-20067.yaml b/http/cves/2015/CVE-2015-20067.yaml index 4b276bd3a4..63f8969bfe 100644 --- a/http/cves/2015/CVE-2015-20067.yaml +++ b/http/cves/2015/CVE-2015-20067.yaml @@ -29,7 +29,7 @@ info: product: wp_attachment_export framework: wordpress google-query: inurl:"/wp-content/plugins/wp-attachment-export/" - tags: wpscan,packetstorm,seclists,cve,cve2015,wordpress,wp,wp-plugin,unauth,wp-attachment-export,wp_attachment_export_project + tags: wpscan,packetstorm,seclists,cve,cve2015,wordpress,wp,wp-plugin,unauth,wp-attachment-export http: - method: GET diff --git a/http/cves/2015/CVE-2015-2068.yaml b/http/cves/2015/CVE-2015-2068.yaml index b04f496360..db07a3904a 100644 --- a/http/cves/2015/CVE-2015-2068.yaml +++ b/http/cves/2015/CVE-2015-2068.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2015-2068 cwe-id: CWE-79 epss-score: 0.00146 - epss-percentile: 0.49792 + epss-percentile: 0.4958 cpe: cpe:2.3:a:magmi_project:magmi:-:*:*:*:*:magento_server:*:* metadata: verified: true diff --git a/http/cves/2015/CVE-2015-2166.yaml b/http/cves/2015/CVE-2015-2166.yaml index 05b543e2c9..045252b92f 100644 --- a/http/cves/2015/CVE-2015-2166.yaml +++ b/http/cves/2015/CVE-2015-2166.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-2166 cwe-id: CWE-22 epss-score: 0.23272 - epss-percentile: 0.96463 + epss-percentile: 0.96445 cpe: cpe:2.3:a:ericsson:drutt_mobile_service_delivery_platform:4.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-2196.yaml b/http/cves/2015/CVE-2015-2196.yaml index 8edf706d33..2e0903f253 100644 --- a/http/cves/2015/CVE-2015-2196.yaml +++ b/http/cves/2015/CVE-2015-2196.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2015-2196 cwe-id: CWE-89 epss-score: 0.0025 - epss-percentile: 0.64473 + epss-percentile: 0.6433 cpe: cpe:2.3:a:web-dorado:spider_calendar:1.4.9:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2015/CVE-2015-2755.yaml b/http/cves/2015/CVE-2015-2755.yaml index ba84c99093..1c126b301d 100644 --- a/http/cves/2015/CVE-2015-2755.yaml +++ b/http/cves/2015/CVE-2015-2755.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2015-2755 cwe-id: CWE-352 epss-score: 0.01828 - epss-percentile: 0.87989 + epss-percentile: 0.87952 cpe: cpe:2.3:a:ab_google_map_travel_project:ab_google_map_travel:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -30,7 +30,7 @@ info: vendor: ab_google_map_travel_project product: ab_google_map_travel framework: wordpress - tags: packetstorm,cve,cve2015,xss,wordpress,wp-plugin,wp,ab-map,authenticated,ab_google_map_travel_project + tags: cve,cve2015,xss,wordpress,wp-plugin,wp,ab-map,authenticated,ab_google_map_travel_project http: - raw: diff --git a/http/cves/2015/CVE-2015-2794.yaml b/http/cves/2015/CVE-2015-2794.yaml index 05adfeead7..54b047868a 100644 --- a/http/cves/2015/CVE-2015-2794.yaml +++ b/http/cves/2015/CVE-2015-2794.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2015-2794 cwe-id: CWE-264 - epss-score: 0.9743 - epss-percentile: 0.99938 + epss-score: 0.97458 + epss-percentile: 0.99953 cpe: cpe:2.3:a:dotnetnuke:dotnetnuke:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2015/CVE-2015-2807.yaml b/http/cves/2015/CVE-2015-2807.yaml index 3bd351379d..7f5783fa83 100644 --- a/http/cves/2015/CVE-2015-2807.yaml +++ b/http/cves/2015/CVE-2015-2807.yaml @@ -21,15 +21,16 @@ info: cve-id: CVE-2015-2807 cwe-id: CWE-79 epss-score: 0.00294 - epss-percentile: 0.68778 + epss-percentile: 0.68624 cpe: cpe:2.3:a:documentcloud:navis_documentcloud:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: documentcloud - product: "navis_documentcloud" + product: navis_documentcloud framework: wordpress - google-query: "inurl:\"/wp-content/plugins/navis-documentcloud\"" + google-query: inurl:"/wp-content/plugins/navis-documentcloud" tags: cve2015,cve,wordpress,wp-plugin,xss,documentcloud + flow: http(1) && http(2) http: diff --git a/http/cves/2015/CVE-2015-3224.yaml b/http/cves/2015/CVE-2015-3224.yaml index 0b0d4f706a..df6b263f83 100644 --- a/http/cves/2015/CVE-2015-3224.yaml +++ b/http/cves/2015/CVE-2015-3224.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-3224 cwe-id: CWE-284 epss-score: 0.92904 - epss-percentile: 0.98987 + epss-percentile: 0.98975 cpe: cpe:2.3:a:rubyonrails:web_console:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-4062.yaml b/http/cves/2015/CVE-2015-4062.yaml index cf96c53d91..a3086ce3cd 100644 --- a/http/cves/2015/CVE-2015-4062.yaml +++ b/http/cves/2015/CVE-2015-4062.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.5 cve-id: CVE-2015-4062 cwe-id: CWE-89 - epss-score: 0.02803 - epss-percentile: 0.90446 + epss-score: 0.03919 + epss-percentile: 0.91099 cpe: cpe:2.3:a:newstatpress_project:newstatpress:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2015/CVE-2015-4063.yaml b/http/cves/2015/CVE-2015-4063.yaml index d332e9fec0..f569a4a3d6 100644 --- a/http/cves/2015/CVE-2015-4063.yaml +++ b/http/cves/2015/CVE-2015-4063.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-4063 cwe-id: CWE-79 epss-score: 0.04016 - epss-percentile: 0.91895 + epss-percentile: 0.91867 cpe: cpe:2.3:a:newstatpress_project:newstatpress:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2015/CVE-2015-4127.yaml b/http/cves/2015/CVE-2015-4127.yaml index b831070cfa..d418678913 100644 --- a/http/cves/2015/CVE-2015-4127.yaml +++ b/http/cves/2015/CVE-2015-4127.yaml @@ -24,11 +24,12 @@ info: epss-percentile: 0.68397 cpe: cpe:2.3:a:church_admin_project:church_admin:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "church_admin_project" - product: "church_admin" + max-request: 1 + vendor: church_admin_project + product: church_admin framework: wordpress tags: cve2015,cve,wp-plugin,wp,edb,wpscan,wordpress,xss,church_admin_project + flow: http(1) && http(2) http: diff --git a/http/cves/2015/CVE-2015-5354.yaml b/http/cves/2015/CVE-2015-5354.yaml index be9b7549d7..387ce0d925 100644 --- a/http/cves/2015/CVE-2015-5354.yaml +++ b/http/cves/2015/CVE-2015-5354.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-5354 cwe-id: CWE-601 epss-score: 0.00166 - epss-percentile: 0.52463 + epss-percentile: 0.53247 cpe: cpe:2.3:a:novius-os:novius_os:5.0.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-5461.yaml b/http/cves/2015/CVE-2015-5461.yaml index eda2069c6a..23b34974f9 100644 --- a/http/cves/2015/CVE-2015-5461.yaml +++ b/http/cves/2015/CVE-2015-5461.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-5461 cwe-id: NVD-CWE-Other epss-score: 0.0055 - epss-percentile: 0.77119 + epss-percentile: 0.77025 cpe: cpe:2.3:a:stageshow_project:stageshow:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-5471.yaml b/http/cves/2015/CVE-2015-5471.yaml index ae4c6782ff..039fd0a3d6 100644 --- a/http/cves/2015/CVE-2015-5471.yaml +++ b/http/cves/2015/CVE-2015-5471.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2015-5471 cwe-id: CWE-22 epss-score: 0.10406 - epss-percentile: 0.94882 + epss-percentile: 0.94855 cpe: cpe:2.3:a:swim_team_project:swim_team:1.44.10777:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-6920.yaml b/http/cves/2015/CVE-2015-6920.yaml index 2d5badcfb8..dd3b643cd6 100644 --- a/http/cves/2015/CVE-2015-6920.yaml +++ b/http/cves/2015/CVE-2015-6920.yaml @@ -21,11 +21,12 @@ info: epss-percentile: 0.52637 cpe: cpe:2.3:a:sourceafrica_project:sourceafrica:0.1.3:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "sourceafrica_project" + max-request: 1 + vendor: sourceafrica_project product: sourceafrica framework: wordpress tags: cve2015,cve,wp-plugin,xss,packetstorm,wordpress,sourceafrica_project + flow: http(1) && http(2) http: diff --git a/http/cves/2015/CVE-2015-7450.yaml b/http/cves/2015/CVE-2015-7450.yaml index b90fcb14ae..2691b887e5 100644 --- a/http/cves/2015/CVE-2015-7450.yaml +++ b/http/cves/2015/CVE-2015-7450.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-7450 cwe-id: CWE-94 epss-score: 0.97122 - epss-percentile: 0.99775 + epss-percentile: 0.99772 cpe: cpe:2.3:a:ibm:tivoli_common_reporting:2.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-7780.yaml b/http/cves/2015/CVE-2015-7780.yaml index fe17c244c1..7e072d80be 100644 --- a/http/cves/2015/CVE-2015-7780.yaml +++ b/http/cves/2015/CVE-2015-7780.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-7780 cwe-id: CWE-22 epss-score: 0.00151 - epss-percentile: 0.50612 + epss-percentile: 0.50407 cpe: cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-9323.yaml b/http/cves/2015/CVE-2015-9323.yaml index ce1c363761..1eb135a0b2 100644 --- a/http/cves/2015/CVE-2015-9323.yaml +++ b/http/cves/2015/CVE-2015-9323.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2015-9323 cwe-id: CWE-89 - epss-score: 0.00779 - epss-percentile: 0.81026 + epss-score: 0.00869 + epss-percentile: 0.82013 cpe: cpe:2.3:a:duckdev:404_to_301:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2015/CVE-2015-9414.yaml b/http/cves/2015/CVE-2015-9414.yaml index fad286f9a3..080ab4b3b4 100644 --- a/http/cves/2015/CVE-2015-9414.yaml +++ b/http/cves/2015/CVE-2015-9414.yaml @@ -24,12 +24,13 @@ info: epss-percentile: 0.44236 cpe: cpe:2.3:a:wpsymposiumpro:wp-symposium:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: wpsymposiumpro - product: "wp-symposium" + product: wp-symposium framework: wordpress - google-query: "inurl:\"/wp-content/plugins/wp-symposium\"" + google-query: inurl:"/wp-content/plugins/wp-symposium" tags: cve2015,cve,xss,wpscan,wordpress,wp-plugin,wpsymposiumpro + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-0957.yaml b/http/cves/2016/CVE-2016-0957.yaml index 0ca4b7f04d..956cf7aa6e 100644 --- a/http/cves/2016/CVE-2016-0957.yaml +++ b/http/cves/2016/CVE-2016-0957.yaml @@ -20,7 +20,7 @@ info: cvss-score: 7.5 cve-id: CVE-2016-0957 epss-score: 0.03344 - epss-percentile: 0.91188 + epss-percentile: 0.91144 cpe: cpe:2.3:a:adobe:dispatcher:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000126.yaml b/http/cves/2016/CVE-2016-1000126.yaml index 7b3779bd50..f510eb8ec5 100644 --- a/http/cves/2016/CVE-2016-1000126.yaml +++ b/http/cves/2016/CVE-2016-1000126.yaml @@ -21,15 +21,16 @@ info: cve-id: CVE-2016-1000126 cwe-id: CWE-79 epss-score: 0.00119 - epss-percentile: 0.4528 + epss-percentile: 0.4505 cpe: cpe:2.3:a:admin-font-editor_project:admin-font-editor:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "admin-font-editor_project" - product: "admin-font-editor" + max-request: 1 + vendor: admin-font-editor_project + product: admin-font-editor framework: wordpress - google-query: "inurl:\"/wp-content/plugins/admin-font-editor\"" + google-query: inurl:"/wp-content/plugins/admin-font-editor" tags: cve2016,cve,wordpress,xss,wp-plugin,admin-font-editor_project + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000127.yaml b/http/cves/2016/CVE-2016-1000127.yaml index 2f021337d9..7e630bcd37 100644 --- a/http/cves/2016/CVE-2016-1000127.yaml +++ b/http/cves/2016/CVE-2016-1000127.yaml @@ -23,11 +23,12 @@ info: epss-percentile: 0.45851 cpe: cpe:2.3:a:ajax-random-post_project:ajax-random-post:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "ajax-random-post_project" - product: "ajax-random-post" + max-request: 1 + vendor: ajax-random-post_project + product: ajax-random-post framework: wordpress tags: cve2016,cve,wordpress,xss,wp-plugin,ajax-random-post_project + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000128.yaml b/http/cves/2016/CVE-2016-1000128.yaml index 6e131a074e..b2e7b90058 100644 --- a/http/cves/2016/CVE-2016-1000128.yaml +++ b/http/cves/2016/CVE-2016-1000128.yaml @@ -20,12 +20,13 @@ info: epss-percentile: 0.41115 cpe: cpe:2.3:a:anti-plagiarism_project:anti-plagiarism:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "anti-plagiarism_project" - product: "anti-plagiarism" + max-request: 1 + vendor: anti-plagiarism_project + product: anti-plagiarism framework: wordpress - google-query: "inurl:\"/wp-content/plugins/anti-plagiarism\"" + google-query: inurl:"/wp-content/plugins/anti-plagiarism" tags: cve2016,cve,wordpress,xss,wp-plugin,anti-plagiarism_project + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000129.yaml b/http/cves/2016/CVE-2016-1000129.yaml index 2d5aa0942e..34e43a1d37 100644 --- a/http/cves/2016/CVE-2016-1000129.yaml +++ b/http/cves/2016/CVE-2016-1000129.yaml @@ -21,15 +21,16 @@ info: cve-id: CVE-2016-1000129 cwe-id: CWE-79 epss-score: 0.00119 - epss-percentile: 0.4528 + epss-percentile: 0.4505 cpe: cpe:2.3:a:defa-online-image-protector_project:defa-online-image-protector:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "defa-online-image-protector_project" - product: "defa-online-image-protector" + max-request: 1 + vendor: defa-online-image-protector_project + product: defa-online-image-protector framework: wordpress - google-query: "inurl:\"/wp-content/plugins/defa-online-image-protector\"" + google-query: inurl:"/wp-content/plugins/defa-online-image-protector" tags: cve2016,cve,wordpress,xss,wp-plugin,defa-online-image-protector_project + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000130.yaml b/http/cves/2016/CVE-2016-1000130.yaml index e17b763428..5d9ad2fd2a 100644 --- a/http/cves/2016/CVE-2016-1000130.yaml +++ b/http/cves/2016/CVE-2016-1000130.yaml @@ -22,12 +22,13 @@ info: epss-percentile: 0.38905 cpe: cpe:2.3:a:e-search_project:e-search:1.0:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "e-search_project" - product: "e-search" + max-request: 1 + vendor: e-search_project + product: e-search framework: wordpress - google-query: "inurl:\"/wp-content/plugins/e-search\"" + google-query: inurl:"/wp-content/plugins/e-search" tags: cve2016,cve,wordpress,xss,wp-plugin,e-search_project + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000131.yaml b/http/cves/2016/CVE-2016-1000131.yaml index ab5556a6c9..c40b7762e2 100644 --- a/http/cves/2016/CVE-2016-1000131.yaml +++ b/http/cves/2016/CVE-2016-1000131.yaml @@ -20,15 +20,16 @@ info: cve-id: CVE-2016-1000131 cwe-id: CWE-79 epss-score: 0.00101 - epss-percentile: 0.40717 + epss-percentile: 0.40457 cpe: cpe:2.3:a:e-search_project:esearch:1.0:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "e-search_project" + max-request: 1 + vendor: e-search_project product: esearch framework: wordpress - google-query: "inurl:\"/wp-content/plugins/e-search\"" + google-query: inurl:"/wp-content/plugins/e-search" tags: cve2016,cve,wordpress,xss,wp-plugin,e-search_project + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000132.yaml b/http/cves/2016/CVE-2016-1000132.yaml index a58dfc6b01..2cd03ee293 100644 --- a/http/cves/2016/CVE-2016-1000132.yaml +++ b/http/cves/2016/CVE-2016-1000132.yaml @@ -24,12 +24,13 @@ info: epss-percentile: 0.44389 cpe: cpe:2.3:a:cminds:tooltip_glossary:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: cminds - product: "tooltip_glossary" + product: tooltip_glossary framework: wordpress - google-query: "inurl:\"/wp-content/plugins/enhanced-tooltipglossary\"" + google-query: inurl:"/wp-content/plugins/enhanced-tooltipglossary" tags: cve2016,cve,wordpress,xss,wp-plugin,cminds + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000133.yaml b/http/cves/2016/CVE-2016-1000133.yaml index da9d6f9182..fc40ec91c0 100644 --- a/http/cves/2016/CVE-2016-1000133.yaml +++ b/http/cves/2016/CVE-2016-1000133.yaml @@ -23,12 +23,13 @@ info: epss-percentile: 0.48963 cpe: cpe:2.3:a:designsandcode:forget_about_shortcode_buttons:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: designsandcode - product: "forget_about_shortcode_buttons" + product: forget_about_shortcode_buttons framework: wordpress - google-query: "inurl:\"/wp-content/plugins/forget-about-shortcode-buttons\"" + google-query: inurl:"/wp-content/plugins/forget-about-shortcode-buttons" tags: cve2016,cve,wordpress,xss,wp-plugin,designsandcode + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000134.yaml b/http/cves/2016/CVE-2016-1000134.yaml index 20e96a956f..6dfae57ab4 100644 --- a/http/cves/2016/CVE-2016-1000134.yaml +++ b/http/cves/2016/CVE-2016-1000134.yaml @@ -23,12 +23,13 @@ info: epss-percentile: 0.41177 cpe: cpe:2.3:a:hdw-tube_project:hdw-tube:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "hdw-tube_project" - product: "hdw-tube" + max-request: 1 + vendor: hdw-tube_project + product: hdw-tube framework: wordpress - google-query: "inurl:\"/wp-content/plugins/hdw-tube\"" + google-query: inurl:"/wp-content/plugins/hdw-tube" tags: cve2016,cve,wordpress,xss,wp-plugin,hdw-tube_project + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000135.yaml b/http/cves/2016/CVE-2016-1000135.yaml index fd8e00727c..3200c40f7c 100644 --- a/http/cves/2016/CVE-2016-1000135.yaml +++ b/http/cves/2016/CVE-2016-1000135.yaml @@ -20,15 +20,16 @@ info: cve-id: CVE-2016-1000135 cwe-id: CWE-79 epss-score: 0.00101 - epss-percentile: 0.40717 + epss-percentile: 0.40457 cpe: cpe:2.3:a:hdw-tube_project:hdw-tube:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "hdw-tube_project" - product: "hdw-tube" + max-request: 1 + vendor: hdw-tube_project + product: hdw-tube framework: wordpress - google-query: "inurl:\"/wp-content/plugins/hdw-tube\"" + google-query: inurl:"/wp-content/plugins/hdw-tube" tags: cve2016,cve,wordpress,xss,wp-plugin,hdw-tube_project + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000136.yaml b/http/cves/2016/CVE-2016-1000136.yaml index a9902c19e4..d3d5d6f1ab 100644 --- a/http/cves/2016/CVE-2016-1000136.yaml +++ b/http/cves/2016/CVE-2016-1000136.yaml @@ -11,22 +11,22 @@ info: - http://www.vapidlabs.com/wp/wp_advisory.php?v=798 - https://wordpress.org/plugins/heat-trackr - https://nvd.nist.gov/vuln/detail/CVE-2016-1000136 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-1000136 cwe-id: CWE-79 epss-score: 0.00119 - epss-percentile: 0.4528 + epss-percentile: 0.45775 cpe: cpe:2.3:a:heat-trackr_project:heat-trackr:1.0:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "heat-trackr_project" - product: "heat-trackr" + max-request: 1 + vendor: heat-trackr_project + product: heat-trackr framework: wordpress - google-query: "inurl:\"/wp-content/plugins/heat-trackr\"" + google-query: inurl:"/wp-content/plugins/heat-trackr" tags: cve2016,cve,wordpress,xss,wp-plugin,heat-trackr_project + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000137.yaml b/http/cves/2016/CVE-2016-1000137.yaml index c6d58fd8a0..1fcafa1b37 100644 --- a/http/cves/2016/CVE-2016-1000137.yaml +++ b/http/cves/2016/CVE-2016-1000137.yaml @@ -21,14 +21,15 @@ info: cve-id: CVE-2016-1000137 cwe-id: CWE-79 epss-score: 0.00101 - epss-percentile: 0.40717 + epss-percentile: 0.40457 cpe: cpe:2.3:a:hero-maps-pro_project:hero-maps-pro:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "hero-maps-pro_project" - product: "hero-maps-pro" + max-request: 1 + vendor: hero-maps-pro_project + product: hero-maps-pro framework: wordpress tags: cve2016,cve,wordpress,xss,wp-plugin,maps,hero-maps-pro_project + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000138.yaml b/http/cves/2016/CVE-2016-1000138.yaml index c5cad01187..1ede5cabd6 100644 --- a/http/cves/2016/CVE-2016-1000138.yaml +++ b/http/cves/2016/CVE-2016-1000138.yaml @@ -23,12 +23,13 @@ info: epss-percentile: 0.45775 cpe: cpe:2.3:a:indexisto_project:indexisto:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "indexisto_project" + max-request: 1 + vendor: indexisto_project product: indexisto framework: wordpress - google-query: "inurl:\"/wp-content/plugins/indexisto\"" + google-query: inurl:"/wp-content/plugins/indexisto" tags: cve,cve2016,wordpress,xss,wp-plugin,indexisto_project + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000139.yaml b/http/cves/2016/CVE-2016-1000139.yaml index d4f37ceda1..2c6a1ed852 100644 --- a/http/cves/2016/CVE-2016-1000139.yaml +++ b/http/cves/2016/CVE-2016-1000139.yaml @@ -21,15 +21,16 @@ info: cve-id: CVE-2016-1000139 cwe-id: CWE-79 epss-score: 0.00116 - epss-percentile: 0.44619 + epss-percentile: 0.44389 cpe: cpe:2.3:a:infusionsoft_project:infusionsoft:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "infusionsoft_project" + max-request: 1 + vendor: infusionsoft_project product: infusionsoft framework: wordpress - google-query: "inurl:\"/wp-content/plugins/infusionsoft\"" + google-query: inurl:"/wp-content/plugins/infusionsoft" tags: cve2016,cve,wordpress,wp-plugin,xss,wpscan,infusionsoft_project + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000140.yaml b/http/cves/2016/CVE-2016-1000140.yaml index 9d70a0c75e..f854b63dfe 100644 --- a/http/cves/2016/CVE-2016-1000140.yaml +++ b/http/cves/2016/CVE-2016-1000140.yaml @@ -24,11 +24,12 @@ info: epss-percentile: 0.45851 cpe: cpe:2.3:a:new-year-firework_project:new-year-firework:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "new-year-firework_project" - product: "new-year-firework" + max-request: 1 + vendor: new-year-firework_project + product: new-year-firework framework: wordpress tags: cve2016,cve,wordpress,xss,wp-plugin,new-year-firework_project + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000141.yaml b/http/cves/2016/CVE-2016-1000141.yaml index 43de7dfb4f..e4270a0dd4 100644 --- a/http/cves/2016/CVE-2016-1000141.yaml +++ b/http/cves/2016/CVE-2016-1000141.yaml @@ -22,12 +22,13 @@ info: epss-percentile: 0.48963 cpe: cpe:2.3:a:page-layout-builder_project:page-layout-builder:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "page-layout-builder_project" - product: "page-layout-builder" + max-request: 1 + vendor: page-layout-builder_project + product: page-layout-builder framework: wordpress - google-query: "inurl:\"/wp-content/plugins/page-layout-builder\"" + google-query: inurl:"/wp-content/plugins/page-layout-builder" tags: cve,cve2016,wordpress,xss,wp-plugin,page-layout-builder_project + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000142.yaml b/http/cves/2016/CVE-2016-1000142.yaml index 17ef1d9006..85f91a7529 100644 --- a/http/cves/2016/CVE-2016-1000142.yaml +++ b/http/cves/2016/CVE-2016-1000142.yaml @@ -24,11 +24,12 @@ info: epss-percentile: 0.40793 cpe: cpe:2.3:a:parsi-font_project:parsi-font:4.2.5:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "parsi-font_project" - product: "parsi-font" + max-request: 1 + vendor: parsi-font_project + product: parsi-font framework: wordpress tags: cve2016,cve,wordpress,wp-plugin,xss,wpscan,parsi-font_project + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000143.yaml b/http/cves/2016/CVE-2016-1000143.yaml index 75ffcb78ca..087d6bab4b 100644 --- a/http/cves/2016/CVE-2016-1000143.yaml +++ b/http/cves/2016/CVE-2016-1000143.yaml @@ -24,11 +24,12 @@ info: epss-percentile: 0.48963 cpe: cpe:2.3:a:photoxhibit_project:photoxhibit:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "photoxhibit_project" + max-request: 1 + vendor: photoxhibit_project product: photoxhibit framework: wordpress tags: cve2016,cve,wordpress,wp-plugin,xss,photoxhibit_project + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000146.yaml b/http/cves/2016/CVE-2016-1000146.yaml index 057c127a47..5d2a4945d5 100644 --- a/http/cves/2016/CVE-2016-1000146.yaml +++ b/http/cves/2016/CVE-2016-1000146.yaml @@ -22,11 +22,12 @@ info: epss-percentile: 0.45775 cpe: cpe:2.3:a:pondol-formmail_project:pondol-formmail:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "pondol-formmail_project" - product: "pondol-formmail" + max-request: 1 + vendor: pondol-formmail_project + product: pondol-formmail framework: wordpress tags: cve2016,cve,wordpress,xss,wp-plugin,mail,pondol-formmail_project + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000148.yaml b/http/cves/2016/CVE-2016-1000148.yaml index 2c140d78bd..56ded7a599 100644 --- a/http/cves/2016/CVE-2016-1000148.yaml +++ b/http/cves/2016/CVE-2016-1000148.yaml @@ -21,14 +21,15 @@ info: cve-id: CVE-2016-1000148 cwe-id: CWE-79 epss-score: 0.00119 - epss-percentile: 0.4528 + epss-percentile: 0.4505 cpe: cpe:2.3:a:s3-video_project:s3-video:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "s3-video_project" - product: "s3-video" + max-request: 1 + vendor: s3-video_project + product: s3-video framework: wordpress tags: cve2016,cve,wordpress,wp-plugin,xss,wpscan,s3-video_project + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000149.yaml b/http/cves/2016/CVE-2016-1000149.yaml index 50fc204d88..41e5a9b1cd 100644 --- a/http/cves/2016/CVE-2016-1000149.yaml +++ b/http/cves/2016/CVE-2016-1000149.yaml @@ -24,11 +24,12 @@ info: epss-percentile: 0.4505 cpe: cpe:2.3:a:simpel-reserveren_project:simpel-reserveren:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "simpel-reserveren_project" - product: "simpel-reserveren" + max-request: 1 + vendor: simpel-reserveren_project + product: simpel-reserveren framework: wordpress tags: cve2016,cve,wordpress,xss,wp-plugin,simpel-reserveren_project + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000152.yaml b/http/cves/2016/CVE-2016-1000152.yaml index 247c5cd4b0..98f49f7d73 100644 --- a/http/cves/2016/CVE-2016-1000152.yaml +++ b/http/cves/2016/CVE-2016-1000152.yaml @@ -22,11 +22,12 @@ info: epss-percentile: 0.63018 cpe: cpe:2.3:a:tidio-form_project:tidio-form:1.0:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "tidio-form_project" - product: "tidio-form" + max-request: 1 + vendor: tidio-form_project + product: tidio-form framework: wordpress tags: cve2016,cve,wordpress,xss,wp-plugin,tidio-form_project + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000153.yaml b/http/cves/2016/CVE-2016-1000153.yaml index dcae75989a..9390314db9 100644 --- a/http/cves/2016/CVE-2016-1000153.yaml +++ b/http/cves/2016/CVE-2016-1000153.yaml @@ -24,11 +24,12 @@ info: epss-percentile: 0.40457 cpe: cpe:2.3:a:tidio-gallery_project:tidio-gallery:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "tidio-gallery_project" - product: "tidio-gallery" + max-request: 1 + vendor: tidio-gallery_project + product: tidio-gallery framework: wordpress tags: cve2016,cve,wordpress,xss,wp-plugin,tidio-gallery_project + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000154.yaml b/http/cves/2016/CVE-2016-1000154.yaml index 6f5fd83473..c398671eff 100644 --- a/http/cves/2016/CVE-2016-1000154.yaml +++ b/http/cves/2016/CVE-2016-1000154.yaml @@ -23,11 +23,12 @@ info: epss-percentile: 0.49844 cpe: cpe:2.3:a:browserweb:whizz:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: browserweb product: whizz framework: wordpress tags: cve2016,cve,wordpress,xss,wp-plugin,browserweb + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-1000155.yaml b/http/cves/2016/CVE-2016-1000155.yaml index 112d3247b7..096ee2d027 100644 --- a/http/cves/2016/CVE-2016-1000155.yaml +++ b/http/cves/2016/CVE-2016-1000155.yaml @@ -22,11 +22,12 @@ info: epss-percentile: 0.40793 cpe: cpe:2.3:a:wpsolr:wpsolr-search-engine:7.6:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: wpsolr - product: "wpsolr-search-engine" + product: wpsolr-search-engine framework: wordpress tags: cve2016,cve,wordpress,xss,wp-plugin,wpsolr + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-10108.yaml b/http/cves/2016/CVE-2016-10108.yaml index e60ad82af3..8c3a189e04 100644 --- a/http/cves/2016/CVE-2016-10108.yaml +++ b/http/cves/2016/CVE-2016-10108.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-10108 cwe-id: CWE-77 epss-score: 0.86242 - epss-percentile: 0.98525 + epss-percentile: 0.98335 cpe: cpe:2.3:a:western_digital:mycloud_nas:2.11.142:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-10367.yaml b/http/cves/2016/CVE-2016-10367.yaml index 7017b700fa..c8b0252ad6 100644 --- a/http/cves/2016/CVE-2016-10367.yaml +++ b/http/cves/2016/CVE-2016-10367.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-10367 cwe-id: CWE-22 epss-score: 0.00521 - epss-percentile: 0.76453 + epss-percentile: 0.76355 cpe: cpe:2.3:a:opsview:opsview:4.5.0:*:*:*:pro:*:*:* metadata: verified: true diff --git a/http/cves/2016/CVE-2016-10924.yaml b/http/cves/2016/CVE-2016-10924.yaml index cdbc1ebfc0..5edceadde7 100644 --- a/http/cves/2016/CVE-2016-10924.yaml +++ b/http/cves/2016/CVE-2016-10924.yaml @@ -15,14 +15,13 @@ info: - https://www.exploit-db.com/exploits/39575 - https://nvd.nist.gov/vuln/detail/CVE-2016-10924 - https://wordpress.org/plugins/ebook-download/#developers - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2016-10924 cwe-id: CWE-22 - epss-score: 0.01009 - epss-percentile: 0.83396 + epss-score: 0.01429 + epss-percentile: 0.85146 cpe: cpe:2.3:a:zedna_ebook_download_project:zedna_ebook_download:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-10973.yaml b/http/cves/2016/CVE-2016-10973.yaml index 1b467550ff..38766f39fb 100644 --- a/http/cves/2016/CVE-2016-10973.yaml +++ b/http/cves/2016/CVE-2016-10973.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2016-10973 cwe-id: CWE-79 epss-score: 0.00177 - epss-percentile: 0.54147 + epss-percentile: 0.54991 cpe: cpe:2.3:a:brafton:brafton:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2016/CVE-2016-10993.yaml b/http/cves/2016/CVE-2016-10993.yaml index c20f6dfa8d..34b85f7428 100644 --- a/http/cves/2016/CVE-2016-10993.yaml +++ b/http/cves/2016/CVE-2016-10993.yaml @@ -25,11 +25,12 @@ info: epss-percentile: 0.62591 cpe: cpe:2.3:a:scoreme_project:scoreme:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "scoreme_project" + max-request: 1 + vendor: scoreme_project product: scoreme framework: wordpress tags: cve2016,cve,wordpress,wp-theme,xss,scoreme_project + flow: http(1) && http(2) http: diff --git a/http/cves/2016/CVE-2016-3081.yaml b/http/cves/2016/CVE-2016-3081.yaml index 24164298f9..b3519b5695 100644 --- a/http/cves/2016/CVE-2016-3081.yaml +++ b/http/cves/2016/CVE-2016-3081.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2016-3081 cwe-id: CWE-77 epss-score: 0.97524 - epss-percentile: 0.99988 + epss-percentile: 0.99989 cpe: cpe:2.3:a:apache:struts:2.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-3978.yaml b/http/cves/2016/CVE-2016-3978.yaml index 853bcd1289..9c1dd44d28 100644 --- a/http/cves/2016/CVE-2016-3978.yaml +++ b/http/cves/2016/CVE-2016-3978.yaml @@ -14,14 +14,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2016-3978 - http://seclists.org/fulldisclosure/2016/Mar/68 - http://www.securitytracker.com/id/1035332 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-3978 cwe-id: CWE-79 - epss-score: 0.00288 - epss-percentile: 0.68419 + epss-score: 0.00217 + epss-percentile: 0.59667 cpe: cpe:2.3:o:fortinet:fortios:5.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-4437.yaml b/http/cves/2016/CVE-2016-4437.yaml index ae197c729b..33d3868821 100644 --- a/http/cves/2016/CVE-2016-4437.yaml +++ b/http/cves/2016/CVE-2016-4437.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.1 cve-id: CVE-2016-4437 cwe-id: CWE-284 - epss-score: 0.97488 - epss-percentile: 0.9997 + epss-score: 0.97507 + epss-percentile: 0.99981 cpe: cpe:2.3:a:apache:shiro:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-5649.yaml b/http/cves/2016/CVE-2016-5649.yaml index 6cbf2f2262..4bd8f9f95b 100644 --- a/http/cves/2016/CVE-2016-5649.yaml +++ b/http/cves/2016/CVE-2016-5649.yaml @@ -19,9 +19,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2016-5649 - cwe-id: CWE-200,CWE-319 + cwe-id: CWE-319,CWE-200 epss-score: 0.17436 - epss-percentile: 0.96009 + epss-percentile: 0.95662 cpe: cpe:2.3:o:netgear:dgn2200_firmware:1.0.0.50_7.0.50:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-5674.yaml b/http/cves/2016/CVE-2016-5674.yaml index 43ad365a96..57d085ae5e 100644 --- a/http/cves/2016/CVE-2016-5674.yaml +++ b/http/cves/2016/CVE-2016-5674.yaml @@ -19,11 +19,12 @@ info: cpe: cpe:2.3:a:netgear:readynas_surveillance:1.1.1:*:*:*:*:*:*:* metadata: verified: true - max-request: 2 + max-request: 1 vendor: netgear - product: "readynas_surveillance" - fofa-query: "app=\"NUUO-NVRmini\" || app=\"NUUO-NVR\" || title=\"Network Video Recorder Login\"" - tags: cve,cve2016,nuuo,rce,netgear + product: readynas_surveillance + fofa-query: app="NUUO-NVRmini" || app="NUUO-NVR" || title="Network Video Recorder Login" + tags: cve,cve2016,nuuo,rce + variables: rand: "{{to_lower(rand_text_alpha(32))}}" diff --git a/http/cves/2016/CVE-2016-6195.yaml b/http/cves/2016/CVE-2016-6195.yaml index 16deda7483..76c43f3f6e 100644 --- a/http/cves/2016/CVE-2016-6195.yaml +++ b/http/cves/2016/CVE-2016-6195.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2016-6195 cwe-id: CWE-89 epss-score: 0.00284 - epss-percentile: 0.68196 + epss-percentile: 0.68042 cpe: cpe:2.3:a:vbulletin:vbulletin:*:patch_level_4:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2016/CVE-2016-6601.yaml b/http/cves/2016/CVE-2016-6601.yaml index b919e6fd7b..96c42c3ebd 100644 --- a/http/cves/2016/CVE-2016-6601.yaml +++ b/http/cves/2016/CVE-2016-6601.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2016-6601 cwe-id: CWE-22 - epss-score: 0.97504 - epss-percentile: 0.99979 + epss-score: 0.97503 + epss-percentile: 0.99977 cpe: cpe:2.3:a:zohocorp:webnms_framework:5.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-8527.yaml b/http/cves/2016/CVE-2016-8527.yaml index 4c1d9554f5..2da0f6239e 100644 --- a/http/cves/2016/CVE-2016-8527.yaml +++ b/http/cves/2016/CVE-2016-8527.yaml @@ -14,14 +14,13 @@ info: - http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-001.txt - https://www.exploit-db.com/exploits/41482/ - https://nvd.nist.gov/vuln/detail/CVE-2016-8527 - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-8527 cwe-id: CWE-79 - epss-score: 0.00117 - epss-percentile: 0.44913 + epss-score: 0.00166 + epss-percentile: 0.53225 cpe: cpe:2.3:a:hp:airwave:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-0929.yaml b/http/cves/2017/CVE-2017-0929.yaml index c7f4242459..cd9341263b 100644 --- a/http/cves/2017/CVE-2017-0929.yaml +++ b/http/cves/2017/CVE-2017-0929.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-0929 cwe-id: CWE-918 epss-score: 0.00753 - epss-percentile: 0.80688 + epss-percentile: 0.80628 cpe: cpe:2.3:a:dnnsoftware:dotnetnuke:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-1000029.yaml b/http/cves/2017/CVE-2017-1000029.yaml index c87508717f..cff57e655a 100644 --- a/http/cves/2017/CVE-2017-1000029.yaml +++ b/http/cves/2017/CVE-2017-1000029.yaml @@ -13,15 +13,13 @@ info: - https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=18784 - https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-011/?fid=8037 - https://nvd.nist.gov/vuln/detail/CVE-2017-1000029 - - https://github.com/ARPSyndicate/kenzer-templates - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2017-1000029 cwe-id: CWE-200 - epss-score: 0.00378 - epss-percentile: 0.72505 + epss-score: 0.00387 + epss-percentile: 0.70348 cpe: cpe:2.3:a:oracle:glassfish_server:3.0.1:*:*:*:open_source:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-1000170.yaml b/http/cves/2017/CVE-2017-1000170.yaml index 82430742c9..471966be3c 100644 --- a/http/cves/2017/CVE-2017-1000170.yaml +++ b/http/cves/2017/CVE-2017-1000170.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-1000170 cwe-id: CWE-22 epss-score: 0.70305 - epss-percentile: 0.9797 + epss-percentile: 0.97752 cpe: cpe:2.3:a:jqueryfiletree_project:jqueryfiletree:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-10271.yaml b/http/cves/2017/CVE-2017-10271.yaml index 955cb02fb5..f1070a0a21 100644 --- a/http/cves/2017/CVE-2017-10271.yaml +++ b/http/cves/2017/CVE-2017-10271.yaml @@ -21,7 +21,7 @@ info: cvss-score: 7.5 cve-id: CVE-2017-10271 epss-score: 0.97426 - epss-percentile: 0.99935 + epss-percentile: 0.99932 cpe: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2017/CVE-2017-11165.yaml b/http/cves/2017/CVE-2017-11165.yaml index 5b36904e54..5bdccda632 100644 --- a/http/cves/2017/CVE-2017-11165.yaml +++ b/http/cves/2017/CVE-2017-11165.yaml @@ -15,14 +15,13 @@ info: - https://packetstormsecurity.com/files/143328/DataTaker-DT80-dEX-1.50.012-Sensitive-Configuration-Exposure.html - https://www.exploit-db.com/exploits/42313/ - https://nvd.nist.gov/vuln/detail/CVE-2017-11165 - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2017-11165 cwe-id: CWE-200 epss-score: 0.94336 - epss-percentile: 0.99157 + epss-percentile: 0.99027 cpe: cpe:2.3:o:datataker:dt80_dex_firmware:1.50.012:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-11512.yaml b/http/cves/2017/CVE-2017-11512.yaml index 7d888e87d3..8b2924e2e0 100644 --- a/http/cves/2017/CVE-2017-11512.yaml +++ b/http/cves/2017/CVE-2017-11512.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2017-11512 cwe-id: CWE-22 epss-score: 0.97175 - epss-percentile: 0.99797 + epss-percentile: 0.99794 cpe: cpe:2.3:a:manageengine:servicedesk:9.3.9328:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-11586.yaml b/http/cves/2017/CVE-2017-11586.yaml index 89fc1fa90f..de488dde1e 100644 --- a/http/cves/2017/CVE-2017-11586.yaml +++ b/http/cves/2017/CVE-2017-11586.yaml @@ -13,15 +13,13 @@ info: reference: - http://lorexxar.cn/2017/07/20/FineCMS%20multi%20vulnerablity%20before%20v5.0.9/#URL-Redirector-Abuse - https://nvd.nist.gov/vuln/detail/CVE-2017-11586 - - https://github.com/ARPSyndicate/kenzer-templates - - https://github.com/LoRexxar/LoRexxar classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-11586 cwe-id: CWE-601 epss-score: 0.00121 - epss-percentile: 0.45657 + epss-percentile: 0.46136 cpe: cpe:2.3:a:finecms:finecms:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-11610.yaml b/http/cves/2017/CVE-2017-11610.yaml index e8c274e2b7..eeb8555f87 100644 --- a/http/cves/2017/CVE-2017-11610.yaml +++ b/http/cves/2017/CVE-2017-11610.yaml @@ -20,8 +20,8 @@ info: cvss-score: 8.8 cve-id: CVE-2017-11610 cwe-id: CWE-276 - epss-score: 0.97414 - epss-percentile: 0.99927 + epss-score: 0.97449 + epss-percentile: 0.99947 cpe: cpe:2.3:a:supervisord:supervisor:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-12544.yaml b/http/cves/2017/CVE-2017-12544.yaml index db5f7673fe..6cc4cf375b 100644 --- a/http/cves/2017/CVE-2017-12544.yaml +++ b/http/cves/2017/CVE-2017-12544.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-12544 cwe-id: CWE-79 epss-score: 0.96723 - epss-percentile: 0.99641 + epss-percentile: 0.99637 cpe: cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-12629.yaml b/http/cves/2017/CVE-2017-12629.yaml index 00f3b88470..ad974d371a 100644 --- a/http/cves/2017/CVE-2017-12629.yaml +++ b/http/cves/2017/CVE-2017-12629.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-12629 cwe-id: CWE-611 epss-score: 0.97417 - epss-percentile: 0.99928 + epss-percentile: 0.99925 cpe: cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2017/CVE-2017-12635.yaml b/http/cves/2017/CVE-2017-12635.yaml index e01a2991c3..651e869029 100644 --- a/http/cves/2017/CVE-2017-12635.yaml +++ b/http/cves/2017/CVE-2017-12635.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-12635 cwe-id: CWE-269 epss-score: 0.97348 - epss-percentile: 0.99887 + epss-percentile: 0.99889 cpe: cpe:2.3:a:apache:couchdb:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-12637.yaml b/http/cves/2017/CVE-2017-12637.yaml index 54d81d1576..38169b306e 100644 --- a/http/cves/2017/CVE-2017-12637.yaml +++ b/http/cves/2017/CVE-2017-12637.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-12637 cwe-id: CWE-22 epss-score: 0.00648 - epss-percentile: 0.78958 + epss-percentile: 0.78875 cpe: cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-14135.yaml b/http/cves/2017/CVE-2017-14135.yaml index b86ca1ea82..199cc5bec1 100644 --- a/http/cves/2017/CVE-2017-14135.yaml +++ b/http/cves/2017/CVE-2017-14135.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-14135 cwe-id: CWE-78 epss-score: 0.96679 - epss-percentile: 0.99631 + epss-percentile: 0.99625 cpe: cpe:2.3:a:dreambox:opendreambox:2.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-14524.yaml b/http/cves/2017/CVE-2017-14524.yaml index 4651568d8b..20a95213bc 100644 --- a/http/cves/2017/CVE-2017-14524.yaml +++ b/http/cves/2017/CVE-2017-14524.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2017-14524 cwe-id: CWE-601 epss-score: 0.00258 - epss-percentile: 0.65002 + epss-percentile: 0.6357 cpe: cpe:2.3:a:opentext:documentum_administrator:7.2.0180.0055:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-14535.yaml b/http/cves/2017/CVE-2017-14535.yaml index e62f8e4df8..3c902736d6 100644 --- a/http/cves/2017/CVE-2017-14535.yaml +++ b/http/cves/2017/CVE-2017-14535.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-14535 cwe-id: CWE-78 epss-score: 0.04456 - epss-percentile: 0.92268 + epss-percentile: 0.91577 cpe: cpe:2.3:a:netfortris:trixbox:2.8.0.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-14537.yaml b/http/cves/2017/CVE-2017-14537.yaml index e242c24c7c..b0fe35e7ec 100644 --- a/http/cves/2017/CVE-2017-14537.yaml +++ b/http/cves/2017/CVE-2017-14537.yaml @@ -14,14 +14,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2017-14537 - https://sourceforge.net/projects/asteriskathome/ - http://packetstormsecurity.com/files/162853/Trixbox-2.8.0.4-Path-Traversal.html - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 6.5 cve-id: CVE-2017-14537 cwe-id: CWE-22 epss-score: 0.01002 - epss-percentile: 0.83346 + epss-percentile: 0.81968 cpe: cpe:2.3:a:netfortris:trixbox:2.8.0.4:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2017/CVE-2017-15287.yaml b/http/cves/2017/CVE-2017-15287.yaml index 7fee3a5a46..9004855cb0 100644 --- a/http/cves/2017/CVE-2017-15287.yaml +++ b/http/cves/2017/CVE-2017-15287.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-15287 cwe-id: CWE-79 epss-score: 0.00129 - epss-percentile: 0.46953 + epss-percentile: 0.46737 cpe: cpe:2.3:a:bouqueteditor_project:bouqueteditor:2.0.0:*:*:*:*:dreambox:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-15647.yaml b/http/cves/2017/CVE-2017-15647.yaml index 9d36f92074..19a4b93239 100644 --- a/http/cves/2017/CVE-2017-15647.yaml +++ b/http/cves/2017/CVE-2017-15647.yaml @@ -13,15 +13,13 @@ info: - https://www.exploit-db.com/exploits/44054 - https://blogs.securiteam.com/index.php/archives/3472 - https://nvd.nist.gov/vuln/detail/CVE-2017-15647 - - https://github.com/20142995/sectool - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2017-15647 cwe-id: CWE-22 - epss-score: 0.01623 - epss-percentile: 0.87234 + epss-score: 0.02013 + epss-percentile: 0.87655 cpe: cpe:2.3:o:fiberhome:routerfiberhome_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-16806.yaml b/http/cves/2017/CVE-2017-16806.yaml index 71524518a2..95bebe1838 100644 --- a/http/cves/2017/CVE-2017-16806.yaml +++ b/http/cves/2017/CVE-2017-16806.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-16806 cwe-id: CWE-22 epss-score: 0.07105 - epss-percentile: 0.93876 + epss-percentile: 0.93842 cpe: cpe:2.3:a:ulterius:ulterius_server:1.5.6.0:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2017/CVE-2017-17043.yaml b/http/cves/2017/CVE-2017-17043.yaml index af1bed835b..1bcbc76088 100644 --- a/http/cves/2017/CVE-2017-17043.yaml +++ b/http/cves/2017/CVE-2017-17043.yaml @@ -24,11 +24,12 @@ info: epss-percentile: 0.63923 cpe: cpe:2.3:a:zitec:emag_marketplace_connector:1.0.0:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: zitec - product: "emag_marketplace_connector" + product: emag_marketplace_connector framework: wordpress tags: cve,cve2017,xss,wp-plugin,packetstorm,wordpress,zitec + flow: http(1) && http(2) http: diff --git a/http/cves/2017/CVE-2017-17059.yaml b/http/cves/2017/CVE-2017-17059.yaml index 42406fc1cb..281396a53a 100644 --- a/http/cves/2017/CVE-2017-17059.yaml +++ b/http/cves/2017/CVE-2017-17059.yaml @@ -13,21 +13,21 @@ info: - https://github.com/NaturalIntelligence/wp-thumb-post/issues/1 - https://packetstormsecurity.com/files/145044/WordPress-amtyThumb-8.1.3-Cross-Site-Scripting.html - https://nvd.nist.gov/vuln/detail/CVE-2017-17059 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-17059 cwe-id: CWE-79 - epss-score: 0.00359 - epss-percentile: 0.71773 + epss-score: 0.00261 + epss-percentile: 0.63794 cpe: cpe:2.3:a:amtythumb_project:amtythumb:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "amtythumb_project" + max-request: 1 + vendor: amtythumb_project product: amtythumb framework: wordpress tags: cve2017,cve,xss,wp-plugin,packetstorm,wordpress,amtythumb_project + flow: http(1) && http(2) http: diff --git a/http/cves/2017/CVE-2017-17451.yaml b/http/cves/2017/CVE-2017-17451.yaml index 7e21b9bdd6..700e1be344 100644 --- a/http/cves/2017/CVE-2017-17451.yaml +++ b/http/cves/2017/CVE-2017-17451.yaml @@ -24,11 +24,12 @@ info: epss-percentile: 0.55144 cpe: cpe:2.3:a:wpmailster:wp_mailster:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: wpmailster - product: "wp_mailster" + product: wp_mailster framework: wordpress tags: cve,cve2017,wordpress,xss,wp-plugin,packetstorm,wpmailster + flow: http(1) && http(2) http: diff --git a/http/cves/2017/CVE-2017-17731.yaml b/http/cves/2017/CVE-2017-17731.yaml index 151defce73..cd12b0eaf6 100644 --- a/http/cves/2017/CVE-2017-17731.yaml +++ b/http/cves/2017/CVE-2017-17731.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2017-17731 cwe-id: CWE-89 - epss-score: 0.02324 - epss-percentile: 0.8952 + epss-score: 0.02129 + epss-percentile: 0.88972 cpe: cpe:2.3:a:dedecms:dedecms:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-18491.yaml b/http/cves/2017/CVE-2017-18491.yaml index 28c9094719..73517d0595 100644 --- a/http/cves/2017/CVE-2017-18491.yaml +++ b/http/cves/2017/CVE-2017-18491.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18491 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36542 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:contact_form:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18492.yaml b/http/cves/2017/CVE-2017-18492.yaml index a6ba2e1541..c7fa05e53a 100644 --- a/http/cves/2017/CVE-2017-18492.yaml +++ b/http/cves/2017/CVE-2017-18492.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18492 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36542 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:contact_form_to_db:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18493.yaml b/http/cves/2017/CVE-2017-18493.yaml index 540139b9ee..0d6b511623 100644 --- a/http/cves/2017/CVE-2017-18493.yaml +++ b/http/cves/2017/CVE-2017-18493.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18493 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36542 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:custom_admin_page:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18494.yaml b/http/cves/2017/CVE-2017-18494.yaml index 32e58ed100..f35075d372 100644 --- a/http/cves/2017/CVE-2017-18494.yaml +++ b/http/cves/2017/CVE-2017-18494.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18494 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36542 + epss-percentile: 0.36857 cpe: cpe:2.3:a:bestwebsoft:custom_search:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18496.yaml b/http/cves/2017/CVE-2017-18496.yaml index 135dd61c20..9cd3d64dfa 100644 --- a/http/cves/2017/CVE-2017-18496.yaml +++ b/http/cves/2017/CVE-2017-18496.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18496 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36542 + epss-percentile: 0.36836 cpe: cpe:2.3:a:bestwebsoft:htaccess:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18502.yaml b/http/cves/2017/CVE-2017-18502.yaml index b657782fef..c6c6d10ba6 100644 --- a/http/cves/2017/CVE-2017-18502.yaml +++ b/http/cves/2017/CVE-2017-18502.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18502 cwe-id: CWE-79 epss-score: 0.00231 - epss-percentile: 0.60669 + epss-percentile: 0.61251 cpe: cpe:2.3:a:bestwebsoft:subscriber:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18532.yaml b/http/cves/2017/CVE-2017-18532.yaml index f9b08e0d11..f926ec8b94 100644 --- a/http/cves/2017/CVE-2017-18532.yaml +++ b/http/cves/2017/CVE-2017-18532.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18532 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36542 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:realty:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18542.yaml b/http/cves/2017/CVE-2017-18542.yaml index f03cca4c1f..4dc23667c9 100644 --- a/http/cves/2017/CVE-2017-18542.yaml +++ b/http/cves/2017/CVE-2017-18542.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18542 cwe-id: CWE-79 epss-score: 0.00221 - epss-percentile: 0.59663 + epss-percentile: 0.59511 cpe: cpe:2.3:a:bestwebsoft:zendesk_help_center:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18564.yaml b/http/cves/2017/CVE-2017-18564.yaml index 4137bebeb0..4aa9bf9453 100644 --- a/http/cves/2017/CVE-2017-18564.yaml +++ b/http/cves/2017/CVE-2017-18564.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18564 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36542 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:sender:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18565.yaml b/http/cves/2017/CVE-2017-18565.yaml index 3e9cd2a1be..8c99ba4b6a 100644 --- a/http/cves/2017/CVE-2017-18565.yaml +++ b/http/cves/2017/CVE-2017-18565.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18565 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36542 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:updater:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18598.yaml b/http/cves/2017/CVE-2017-18598.yaml index 4961362b4a..b7393b1790 100644 --- a/http/cves/2017/CVE-2017-18598.yaml +++ b/http/cves/2017/CVE-2017-18598.yaml @@ -24,11 +24,12 @@ info: epss-percentile: 0.38554 cpe: cpe:2.3:a:designmodo:qards:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: designmodo product: qards framework: wordpress tags: cve2017,cve,wp-plugin,oast,wpscan,wordpress,ssrf,xss,designmodo + flow: http(1) && http(2) http: diff --git a/http/cves/2017/CVE-2017-3506.yaml b/http/cves/2017/CVE-2017-3506.yaml index 9f0929ab1c..4b4be69409 100644 --- a/http/cves/2017/CVE-2017-3506.yaml +++ b/http/cves/2017/CVE-2017-3506.yaml @@ -19,8 +19,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N cvss-score: 7.4 cve-id: CVE-2017-3506 - epss-score: 0.96884 - epss-percentile: 0.99689 + epss-score: 0.96935 + epss-percentile: 0.99702 cpe: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-5521.yaml b/http/cves/2017/CVE-2017-5521.yaml index 550bb6e753..501f03a2c3 100644 --- a/http/cves/2017/CVE-2017-5521.yaml +++ b/http/cves/2017/CVE-2017-5521.yaml @@ -15,14 +15,13 @@ info: - http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability - https://nvd.nist.gov/vuln/detail/CVE-2017-5521 - https://www.exploit-db.com/exploits/41205/ - - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors classification: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.1 cve-id: CVE-2017-5521 cwe-id: CWE-200 epss-score: 0.97402 - epss-percentile: 0.99918 + epss-percentile: 0.99914 cpe: cpe:2.3:o:netgear:r6200_firmware:1.0.1.56_1.0.43:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-7269.yaml b/http/cves/2017/CVE-2017-7269.yaml index 5423dcbefd..9514f14b50 100644 --- a/http/cves/2017/CVE-2017-7269.yaml +++ b/http/cves/2017/CVE-2017-7269.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2017-7269 cwe-id: CWE-119 epss-score: 0.97121 - epss-percentile: 0.99773 + epss-percentile: 0.9977 cpe: cpe:2.3:a:microsoft:internet_information_server:6.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-7391.yaml b/http/cves/2017/CVE-2017-7391.yaml index 7b0e5aa432..ed275c5a6d 100644 --- a/http/cves/2017/CVE-2017-7391.yaml +++ b/http/cves/2017/CVE-2017-7391.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-7391 cwe-id: CWE-79 epss-score: 0.00195 - epss-percentile: 0.56593 + epss-percentile: 0.56428 cpe: cpe:2.3:a:magmi_project:magmi:0.7.22:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-7615.yaml b/http/cves/2017/CVE-2017-7615.yaml index 652ddde6e0..dce109934a 100644 --- a/http/cves/2017/CVE-2017-7615.yaml +++ b/http/cves/2017/CVE-2017-7615.yaml @@ -26,7 +26,7 @@ info: cve-id: CVE-2017-7615 cwe-id: CWE-640 epss-score: 0.97404 - epss-percentile: 0.9992 + epss-percentile: 0.99917 cpe: cpe:2.3:a:mantisbt:mantisbt:*:*:*:*:*:*:*:* metadata: max-request: 5 diff --git a/http/cves/2017/CVE-2017-7855.yaml b/http/cves/2017/CVE-2017-7855.yaml index 719d4996ef..73a298378d 100644 --- a/http/cves/2017/CVE-2017-7855.yaml +++ b/http/cves/2017/CVE-2017-7855.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2017-7855 cwe-id: CWE-79 epss-score: 0.0009 - epss-percentile: 0.37331 + epss-percentile: 0.37043 cpe: cpe:2.3:a:icewarp:server:11.3.1.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-9288.yaml b/http/cves/2017/CVE-2017-9288.yaml index c4f558fd6d..758a65dd40 100644 --- a/http/cves/2017/CVE-2017-9288.yaml +++ b/http/cves/2017/CVE-2017-9288.yaml @@ -24,11 +24,12 @@ info: epss-percentile: 0.52791 cpe: cpe:2.3:a:raygun:raygun4wp:1.8.0:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: raygun product: raygun4wp framework: wordpress tags: cve2017,cve,wordpress,xss,wp-plugin,raygun + flow: http(1) && http(2) http: diff --git a/http/cves/2017/CVE-2017-9416.yaml b/http/cves/2017/CVE-2017-9416.yaml index 86398a9639..f2bc24d415 100644 --- a/http/cves/2017/CVE-2017-9416.yaml +++ b/http/cves/2017/CVE-2017-9416.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2017-9416 cwe-id: CWE-22 epss-score: 0.01037 - epss-percentile: 0.83623 + epss-percentile: 0.83585 cpe: cpe:2.3:a:odoo:odoo:8.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-9833.yaml b/http/cves/2017/CVE-2017-9833.yaml index 468868b0cd..fcdf436a30 100644 --- a/http/cves/2017/CVE-2017-9833.yaml +++ b/http/cves/2017/CVE-2017-9833.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-9833 cwe-id: CWE-22 epss-score: 0.7354 - epss-percentile: 0.98051 + epss-percentile: 0.98027 cpe: cpe:2.3:a:boa:boa:0.94.14.21:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-0127.yaml b/http/cves/2018/CVE-2018-0127.yaml index 6db7a1404b..ffcab418a6 100644 --- a/http/cves/2018/CVE-2018-0127.yaml +++ b/http/cves/2018/CVE-2018-0127.yaml @@ -14,14 +14,13 @@ info: - http://web.archive.org/web/20211207054802/https://securitytracker.com/id/1040345 - https://nvd.nist.gov/vuln/detail/CVE-2018-0127 - http://www.securitytracker.com/id/1040345 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-0127 cwe-id: CWE-306,CWE-200 epss-score: 0.09982 - epss-percentile: 0.94769 + epss-percentile: 0.94323 cpe: cpe:2.3:o:cisco:rv132w_firmware:1.0.0.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-1000671.yaml b/http/cves/2018/CVE-2018-1000671.yaml index 55bd63ed20..009d5c0c00 100644 --- a/http/cves/2018/CVE-2018-1000671.yaml +++ b/http/cves/2018/CVE-2018-1000671.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-1000671 cwe-id: CWE-601 epss-score: 0.00598 - epss-percentile: 0.78043 + epss-percentile: 0.77958 cpe: cpe:2.3:a:sympa:sympa:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-1000861.yaml b/http/cves/2018/CVE-2018-1000861.yaml index 7d426ffd70..cd9da547aa 100644 --- a/http/cves/2018/CVE-2018-1000861.yaml +++ b/http/cves/2018/CVE-2018-1000861.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-1000861 cwe-id: CWE-502 epss-score: 0.9734 - epss-percentile: 0.99881 + epss-percentile: 0.99882 cpe: cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-10230.yaml b/http/cves/2018/CVE-2018-10230.yaml index e69f8660e0..feadcb357a 100644 --- a/http/cves/2018/CVE-2018-10230.yaml +++ b/http/cves/2018/CVE-2018-10230.yaml @@ -14,14 +14,13 @@ info: - https://www.synacktiv.com/ressources/zend_server_9_1_3_xss.pdf - https://www.zend.com/en/products/server/release-notes - https://nvd.nist.gov/vuln/detail/CVE-2018-10230 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-10230 cwe-id: CWE-79 - epss-score: 0.00106 - epss-percentile: 0.42229 + epss-score: 0.00122 + epss-percentile: 0.46318 cpe: cpe:2.3:a:zend:zend_server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-10562.yaml b/http/cves/2018/CVE-2018-10562.yaml index f7f8503bc3..5ddf231497 100644 --- a/http/cves/2018/CVE-2018-10562.yaml +++ b/http/cves/2018/CVE-2018-10562.yaml @@ -14,14 +14,13 @@ info: - https://github.com/f3d0x0/GPON/blob/master/gpon_rce.py - https://nvd.nist.gov/vuln/detail/CVE-2018-10562 - https://www.vpnmentor.com/blog/critical-vulnerability-gpon-router/ - - https://github.com/649/Pingpon-Exploit classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-10562 cwe-id: CWE-78 - epss-score: 0.97423 - epss-percentile: 0.99931 + epss-score: 0.97441 + epss-percentile: 0.99945 cpe: cpe:2.3:o:dasannetworks:gpon_router_firmware:-:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-10738.yaml b/http/cves/2018/CVE-2018-10738.yaml index c3ece73489..9c37617a2b 100644 --- a/http/cves/2018/CVE-2018-10738.yaml +++ b/http/cves/2018/CVE-2018-10738.yaml @@ -14,8 +14,8 @@ info: cvss-score: 7.2 cve-id: CVE-2018-10738 cwe-id: CWE-89 - epss-score: 0.01861 - epss-percentile: 0.88138 + epss-score: 0.00403 + epss-percentile: 0.7323 cpe: cpe:2.3:a:nagios:nagios_xi:*:*:*:*:*:*:*:* metadata: verified: true @@ -24,6 +24,7 @@ info: product: nagios_xi fofa-query: app="Nagios-XI" tags: cve,cve2018,nagios,sqli + variables: num: "{{rand_int(2000000000, 2100000000)}}" diff --git a/http/cves/2018/CVE-2018-10823.yaml b/http/cves/2018/CVE-2018-10823.yaml index 03c62dcd55..c4a9a91a38 100644 --- a/http/cves/2018/CVE-2018-10823.yaml +++ b/http/cves/2018/CVE-2018-10823.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2018-10823 cwe-id: CWE-78 - epss-score: 0.96759 - epss-percentile: 0.99651 + epss-score: 0.96737 + epss-percentile: 0.99597 cpe: cpe:2.3:o:dlink:dwr-116_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-10942.yaml b/http/cves/2018/CVE-2018-10942.yaml index b6da3c0c57..9e6acac4b7 100644 --- a/http/cves/2018/CVE-2018-10942.yaml +++ b/http/cves/2018/CVE-2018-10942.yaml @@ -14,7 +14,7 @@ info: cve-id: CVE-2018-10942 metadata: max-request: 8 - tags: prestashop,attributewizardpro,intrusive,file-upload,cve2018,cve + tags: prestashop,attributewizardpro,intrusive,file-upload variables: filename: '{{rand_base(7, "abc")}}' diff --git a/http/cves/2018/CVE-2018-10956.yaml b/http/cves/2018/CVE-2018-10956.yaml index c828aab124..a509b9736d 100644 --- a/http/cves/2018/CVE-2018-10956.yaml +++ b/http/cves/2018/CVE-2018-10956.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-10956 cwe-id: CWE-22 epss-score: 0.57917 - epss-percentile: 0.9766 + epss-percentile: 0.97652 cpe: cpe:2.3:a:ipconfigure:orchid_core_vms:2.0.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-11227.yaml b/http/cves/2018/CVE-2018-11227.yaml index f66ac0b99b..dd9501ca2f 100644 --- a/http/cves/2018/CVE-2018-11227.yaml +++ b/http/cves/2018/CVE-2018-11227.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-11227 cwe-id: CWE-79 epss-score: 0.02135 - epss-percentile: 0.89061 + epss-percentile: 0.8903 cpe: cpe:2.3:a:monstra:monstra_cms:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-11231.yaml b/http/cves/2018/CVE-2018-11231.yaml index 3818effb19..0245c2a8a3 100644 --- a/http/cves/2018/CVE-2018-11231.yaml +++ b/http/cves/2018/CVE-2018-11231.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-11231 cwe-id: CWE-89 epss-score: 0.00903 - epss-percentile: 0.82429 + epss-percentile: 0.82368 cpe: cpe:2.3:a:divido:divido:-:*:*:*:*:opencart:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-11709.yaml b/http/cves/2018/CVE-2018-11709.yaml index 0bb0fc5fa1..5deb50899a 100644 --- a/http/cves/2018/CVE-2018-11709.yaml +++ b/http/cves/2018/CVE-2018-11709.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-11709 cwe-id: CWE-79 epss-score: 0.00175 - epss-percentile: 0.53912 + epss-percentile: 0.53725 cpe: cpe:2.3:a:gvectors:wpforo_forum:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-11759.yaml b/http/cves/2018/CVE-2018-11759.yaml index 88cd17704c..4146114bce 100644 --- a/http/cves/2018/CVE-2018-11759.yaml +++ b/http/cves/2018/CVE-2018-11759.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2018-11759 cwe-id: CWE-22 - epss-score: 0.96265 - epss-percentile: 0.99503 + epss-score: 0.96552 + epss-percentile: 0.99592 cpe: cpe:2.3:a:apache:tomcat_jk_connector:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-12300.yaml b/http/cves/2018/CVE-2018-12300.yaml index 47abeb31a6..94384ca163 100644 --- a/http/cves/2018/CVE-2018-12300.yaml +++ b/http/cves/2018/CVE-2018-12300.yaml @@ -12,14 +12,13 @@ info: reference: - https://blog.securityevaluators.com/invading-your-personal-cloud-ise-labs-exploits-the-seagate-stcr3000101-ecf89de2170 - https://nvd.nist.gov/vuln/detail/CVE-2018-12300 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-12300 cwe-id: CWE-601 epss-score: 0.00118 - epss-percentile: 0.45203 + epss-percentile: 0.45685 cpe: cpe:2.3:o:seagate:nas_os:4.3.15.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-12634.yaml b/http/cves/2018/CVE-2018-12634.yaml index c47f715388..d6edb3744c 100644 --- a/http/cves/2018/CVE-2018-12634.yaml +++ b/http/cves/2018/CVE-2018-12634.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-12634 cwe-id: CWE-200 - epss-score: 0.95011 - epss-percentile: 0.99265 + epss-score: 0.95531 + epss-percentile: 0.99245 cpe: cpe:2.3:a:circontrol:circarlife_scada:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-1273.yaml b/http/cves/2018/CVE-2018-1273.yaml index 01ebe59be3..792a5d855d 100644 --- a/http/cves/2018/CVE-2018-1273.yaml +++ b/http/cves/2018/CVE-2018-1273.yaml @@ -26,8 +26,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-1273 cwe-id: CWE-20,CWE-94 - epss-score: 0.97466 - epss-percentile: 0.99955 + epss-score: 0.97515 + epss-percentile: 0.99982 cpe: cpe:2.3:a:pivotal_software:spring_data_commons:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-1335.yaml b/http/cves/2018/CVE-2018-1335.yaml index abef300d3e..ec75f3047f 100644 --- a/http/cves/2018/CVE-2018-1335.yaml +++ b/http/cves/2018/CVE-2018-1335.yaml @@ -18,8 +18,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.1 cve-id: CVE-2018-1335 - epss-score: 0.96745 - epss-percentile: 0.99646 + epss-score: 0.96734 + epss-percentile: 0.99585 cpe: cpe:2.3:a:apache:tika:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-13380.yaml b/http/cves/2018/CVE-2018-13380.yaml index cf2ec70c80..be4ef26f42 100644 --- a/http/cves/2018/CVE-2018-13380.yaml +++ b/http/cves/2018/CVE-2018-13380.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-13380 cwe-id: CWE-79 epss-score: 0.00122 - epss-percentile: 0.45813 + epss-percentile: 0.46406 cpe: cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-14912.yaml b/http/cves/2018/CVE-2018-14912.yaml index 2e09163738..78b9b928bb 100644 --- a/http/cves/2018/CVE-2018-14912.yaml +++ b/http/cves/2018/CVE-2018-14912.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.5 cve-id: CVE-2018-14912 cwe-id: CWE-22 - epss-score: 0.96192 - epss-percentile: 0.99487 + epss-score: 0.96539 + epss-percentile: 0.99521 cpe: cpe:2.3:a:cgit_project:cgit:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-15138.yaml b/http/cves/2018/CVE-2018-15138.yaml index 68ad2833e0..7769d3d9b3 100644 --- a/http/cves/2018/CVE-2018-15138.yaml +++ b/http/cves/2018/CVE-2018-15138.yaml @@ -13,14 +13,13 @@ info: - https://cxsecurity.com/issue/WLB-2018080070 - https://www.exploit-db.com/exploits/45167/ - https://nvd.nist.gov/vuln/detail/CVE-2018-15138 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-15138 cwe-id: CWE-22 epss-score: 0.21114 - epss-percentile: 0.96317 + epss-percentile: 0.95976 cpe: cpe:2.3:a:ericssonlg:ipecs_nms:30m-2.3gn:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-15517.yaml b/http/cves/2018/CVE-2018-15517.yaml index b476a5cc58..0c8c87aa62 100644 --- a/http/cves/2018/CVE-2018-15517.yaml +++ b/http/cves/2018/CVE-2018-15517.yaml @@ -20,8 +20,8 @@ info: cvss-score: 8.6 cve-id: CVE-2018-15517 cwe-id: CWE-918 - epss-score: 0.00869 - epss-percentile: 0.8207 + epss-score: 0.01001 + epss-percentile: 0.83284 cpe: cpe:2.3:a:dlink:central_wifimanager:1.03:r0098:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-16059.yaml b/http/cves/2018/CVE-2018-16059.yaml index c2fb00614c..3e90d08e09 100644 --- a/http/cves/2018/CVE-2018-16059.yaml +++ b/http/cves/2018/CVE-2018-16059.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-16059 cwe-id: CWE-22 epss-score: 0.32871 - epss-percentile: 0.96945 + epss-percentile: 0.96924 cpe: cpe:2.3:o:endress:wirelesshart_fieldgate_swg70_firmware:3.00.07:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-16133.yaml b/http/cves/2018/CVE-2018-16133.yaml index e5cfe2e63d..a3a30695fe 100644 --- a/http/cves/2018/CVE-2018-16133.yaml +++ b/http/cves/2018/CVE-2018-16133.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-16133 cwe-id: CWE-22 epss-score: 0.03629 - epss-percentile: 0.91492 + epss-percentile: 0.91461 cpe: cpe:2.3:a:cybrotech:cybrohttpserver:1.0.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-16668.yaml b/http/cves/2018/CVE-2018-16668.yaml index a651c8bdd3..d619183fcc 100644 --- a/http/cves/2018/CVE-2018-16668.yaml +++ b/http/cves/2018/CVE-2018-16668.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-16668 cwe-id: CWE-287 epss-score: 0.00189 - epss-percentile: 0.55606 + epss-percentile: 0.55432 cpe: cpe:2.3:a:circontrol:circarlife_scada:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-17153.yaml b/http/cves/2018/CVE-2018-17153.yaml index 8eb8938558..2a1cad77ca 100644 --- a/http/cves/2018/CVE-2018-17153.yaml +++ b/http/cves/2018/CVE-2018-17153.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-17153 cwe-id: CWE-287 epss-score: 0.81607 - epss-percentile: 0.98293 + epss-percentile: 0.98273 cpe: cpe:2.3:o:western_digital:my_cloud_wdbctl0020hwt_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-18608.yaml b/http/cves/2018/CVE-2018-18608.yaml index f70e5470ee..c9d46aecf6 100644 --- a/http/cves/2018/CVE-2018-18608.yaml +++ b/http/cves/2018/CVE-2018-18608.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2018-18608 cwe-id: CWE-79 - epss-score: 0.00111 - epss-percentile: 0.43574 + epss-score: 0.00177 + epss-percentile: 0.54991 cpe: cpe:2.3:a:dedecms:dedecms:5.7:sp2:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-18777.yaml b/http/cves/2018/CVE-2018-18777.yaml index 1844e83797..af06330091 100644 --- a/http/cves/2018/CVE-2018-18777.yaml +++ b/http/cves/2018/CVE-2018-18777.yaml @@ -14,15 +14,13 @@ info: - https://www.exploit-db.com/exploits/45755 - http://packetstormsecurity.com/files/150059/Microstrategy-Web-7-Cross-Site-Scripting-Traversal.html - https://nvd.nist.gov/vuln/detail/CVE-2018-18777 - - https://github.com/ARPSyndicate/cvemon - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N cvss-score: 4.3 cve-id: CVE-2018-18777 cwe-id: CWE-22 - epss-score: 0.00185 - epss-percentile: 0.55017 + epss-score: 0.00224 + epss-percentile: 0.60675 cpe: cpe:2.3:a:microstrategy:microstrategy_web:7:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-18778.yaml b/http/cves/2018/CVE-2018-18778.yaml index 2575918a60..1b1f7330fd 100644 --- a/http/cves/2018/CVE-2018-18778.yaml +++ b/http/cves/2018/CVE-2018-18778.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2018-18778 cwe-id: CWE-200 - epss-score: 0.23035 - epss-percentile: 0.96449 + epss-score: 0.17666 + epss-percentile: 0.96022 cpe: cpe:2.3:a:acme:mini-httpd:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-18925.yaml b/http/cves/2018/CVE-2018-18925.yaml index 94f5453b80..568e65f5fe 100644 --- a/http/cves/2018/CVE-2018-18925.yaml +++ b/http/cves/2018/CVE-2018-18925.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2018-18925 cwe-id: CWE-384 epss-score: 0.09538 - epss-percentile: 0.94646 + epss-percentile: 0.94612 cpe: cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-19136.yaml b/http/cves/2018/CVE-2018-19136.yaml index 432d686afc..4d61e0aad1 100644 --- a/http/cves/2018/CVE-2018-19136.yaml +++ b/http/cves/2018/CVE-2018-19136.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2018-19136 cwe-id: CWE-79 - epss-score: 0.00146 - epss-percentile: 0.49868 + epss-score: 0.00152 + epss-percentile: 0.50531 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-19137.yaml b/http/cves/2018/CVE-2018-19137.yaml index 0a476ad163..6439455c7b 100644 --- a/http/cves/2018/CVE-2018-19137.yaml +++ b/http/cves/2018/CVE-2018-19137.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2018-19137 cwe-id: CWE-79 epss-score: 0.00096 - epss-percentile: 0.39541 + epss-percentile: 0.39294 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-19439.yaml b/http/cves/2018/CVE-2018-19439.yaml index 262214c7d6..509be08df3 100644 --- a/http/cves/2018/CVE-2018-19439.yaml +++ b/http/cves/2018/CVE-2018-19439.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2018-19439 cwe-id: CWE-79 epss-score: 0.00548 - epss-percentile: 0.7708 + epss-percentile: 0.76986 cpe: cpe:2.3:a:oracle:secure_global_desktop:4.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-19458.yaml b/http/cves/2018/CVE-2018-19458.yaml index d8abcd1706..954f356eee 100644 --- a/http/cves/2018/CVE-2018-19458.yaml +++ b/http/cves/2018/CVE-2018-19458.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2018-19458 cwe-id: CWE-287 - epss-score: 0.0347 - epss-percentile: 0.91337 + epss-score: 0.09157 + epss-percentile: 0.94094 cpe: cpe:2.3:a:php-proxy:php-proxy:3.0.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-19749.yaml b/http/cves/2018/CVE-2018-19749.yaml index 74ce029656..724cf401cd 100644 --- a/http/cves/2018/CVE-2018-19749.yaml +++ b/http/cves/2018/CVE-2018-19749.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-19749 cwe-id: CWE-79 epss-score: 0.00096 - epss-percentile: 0.39364 + epss-percentile: 0.39112 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-19752.yaml b/http/cves/2018/CVE-2018-19752.yaml index 7a28fdbcdb..f5d120debe 100644 --- a/http/cves/2018/CVE-2018-19752.yaml +++ b/http/cves/2018/CVE-2018-19752.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-19752 cwe-id: CWE-79 epss-score: 0.00096 - epss-percentile: 0.39364 + epss-percentile: 0.39112 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-19753.yaml b/http/cves/2018/CVE-2018-19753.yaml index cc2f5f0e69..1bb158960f 100644 --- a/http/cves/2018/CVE-2018-19753.yaml +++ b/http/cves/2018/CVE-2018-19753.yaml @@ -15,14 +15,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2018-19753 - http://seclists.org/fulldisclosure/2018/Nov/66 - http://packetstormsecurity.com/files/150541/Tarantella-Enterprise-Directory-Traversal.html - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-19753 cwe-id: CWE-22 epss-score: 0.00942 - epss-percentile: 0.82789 + epss-percentile: 0.81358 cpe: cpe:2.3:a:oracle:tarantella_enterprise:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-19892.yaml b/http/cves/2018/CVE-2018-19892.yaml index f6a07f6e84..e957023784 100644 --- a/http/cves/2018/CVE-2018-19892.yaml +++ b/http/cves/2018/CVE-2018-19892.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-19892 cwe-id: CWE-79 epss-score: 0.00101 - epss-percentile: 0.4067 + epss-percentile: 0.40415 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-19914.yaml b/http/cves/2018/CVE-2018-19914.yaml index e342411b12..7e5a3adf5f 100644 --- a/http/cves/2018/CVE-2018-19914.yaml +++ b/http/cves/2018/CVE-2018-19914.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-19914 cwe-id: CWE-79 epss-score: 0.00153 - epss-percentile: 0.50909 + epss-percentile: 0.50703 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-19915.yaml b/http/cves/2018/CVE-2018-19915.yaml index a38c2d7684..cb24374b98 100644 --- a/http/cves/2018/CVE-2018-19915.yaml +++ b/http/cves/2018/CVE-2018-19915.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-19915 cwe-id: CWE-79 epss-score: 0.00153 - epss-percentile: 0.50909 + epss-percentile: 0.50703 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-20462.yaml b/http/cves/2018/CVE-2018-20462.yaml index b496b3b958..cba4b2656c 100644 --- a/http/cves/2018/CVE-2018-20462.yaml +++ b/http/cves/2018/CVE-2018-20462.yaml @@ -24,11 +24,12 @@ info: epss-percentile: 0.63916 cpe: cpe:2.3:a:jsmol2wp_project:jsmol2wp:1.07:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "jsmol2wp_project" + max-request: 1 + vendor: jsmol2wp_project product: jsmol2wp framework: wordpress tags: cve2018,cve,wordpress,xss,wp-plugin,jsmol2wp_project + flow: http(1) && http(2) http: diff --git a/http/cves/2018/CVE-2018-20526.yaml b/http/cves/2018/CVE-2018-20526.yaml index 983a5ad1d3..0079a9708c 100644 --- a/http/cves/2018/CVE-2018-20526.yaml +++ b/http/cves/2018/CVE-2018-20526.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-20526 cwe-id: CWE-434 epss-score: 0.00666 - epss-percentile: 0.79328 + epss-percentile: 0.79248 cpe: cpe:2.3:a:roxyfileman:roxy_fileman:1.4.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-2791.yaml b/http/cves/2018/CVE-2018-2791.yaml index 50c93ff795..0e6c47c32d 100644 --- a/http/cves/2018/CVE-2018-2791.yaml +++ b/http/cves/2018/CVE-2018-2791.yaml @@ -20,7 +20,7 @@ info: cvss-score: 8.2 cve-id: CVE-2018-2791 epss-score: 0.02132 - epss-percentile: 0.89041 + epss-percentile: 0.88082 cpe: cpe:2.3:a:oracle:webcenter_sites:11.1.1.8.0:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-3167.yaml b/http/cves/2018/CVE-2018-3167.yaml index b12e97f0a6..361edf7681 100644 --- a/http/cves/2018/CVE-2018-3167.yaml +++ b/http/cves/2018/CVE-2018-3167.yaml @@ -20,7 +20,7 @@ info: cvss-score: 5.3 cve-id: CVE-2018-3167 epss-score: 0.00492 - epss-percentile: 0.7577 + epss-percentile: 0.75672 cpe: cpe:2.3:a:oracle:application_management_pack:12.1.3:*:*:*:*:e-business_suite:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-3714.yaml b/http/cves/2018/CVE-2018-3714.yaml index 809587a0fb..9382c47ca0 100644 --- a/http/cves/2018/CVE-2018-3714.yaml +++ b/http/cves/2018/CVE-2018-3714.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-3714 cwe-id: CWE-22 epss-score: 0.00182 - epss-percentile: 0.54724 + epss-percentile: 0.55562 cpe: cpe:2.3:a:node-srv_project:node-srv:*:*:*:*:*:node.js:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-3810.yaml b/http/cves/2018/CVE-2018-3810.yaml index eedf7514fd..dd69fde7ec 100644 --- a/http/cves/2018/CVE-2018-3810.yaml +++ b/http/cves/2018/CVE-2018-3810.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-3810 cwe-id: CWE-287 - epss-score: 0.77324 - epss-percentile: 0.98156 + epss-score: 0.792 + epss-percentile: 0.98197 cpe: cpe:2.3:a:oturia:smart_google_code_inserter:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-5230.yaml b/http/cves/2018/CVE-2018-5230.yaml index 5ea1d260f0..837f9f59fe 100644 --- a/http/cves/2018/CVE-2018-5230.yaml +++ b/http/cves/2018/CVE-2018-5230.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2018-5230 cwe-id: CWE-79 - epss-score: 0.00153 - epss-percentile: 0.5091 + epss-score: 0.00203 + epss-percentile: 0.58306 cpe: cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-6200.yaml b/http/cves/2018/CVE-2018-6200.yaml index 0263a2af02..0d5d845508 100644 --- a/http/cves/2018/CVE-2018-6200.yaml +++ b/http/cves/2018/CVE-2018-6200.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2018-6200 cwe-id: CWE-601 epss-score: 0.00141 - epss-percentile: 0.49169 + epss-percentile: 0.48943 cpe: cpe:2.3:a:vbulletin:vbulletin:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-6605.yaml b/http/cves/2018/CVE-2018-6605.yaml index 2756d33192..e78d4b6ca4 100644 --- a/http/cves/2018/CVE-2018-6605.yaml +++ b/http/cves/2018/CVE-2018-6605.yaml @@ -15,8 +15,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-6605 cwe-id: CWE-89 - epss-score: 0.00754 - epss-percentile: 0.80701 + epss-score: 0.00282 + epss-percentile: 0.67968 cpe: cpe:2.3:a:zh_baidumap_project:zh_baidumap:3.0.0.1:*:*:*:*:joomla\!:*:* metadata: max-request: 1 @@ -24,7 +24,8 @@ info: product: zh_baidumap framework: joomla\! fofa-query: app="Joomla!-网站安装" - tags: cve,cve2018,joomla,sqli,joomla\!,zh_baidumap_project + tags: cve,cve2018,joomla,sqli + variables: num: "{{rand_int(2000000000, 2100000000)}}" diff --git a/http/cves/2018/CVE-2018-6910.yaml b/http/cves/2018/CVE-2018-6910.yaml index 92f1e000f7..1aab013c87 100644 --- a/http/cves/2018/CVE-2018-6910.yaml +++ b/http/cves/2018/CVE-2018-6910.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-6910 cwe-id: CWE-668 epss-score: 0.02422 - epss-percentile: 0.89737 + epss-percentile: 0.89709 cpe: cpe:2.3:a:dedecms:dedecms:5.7:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-7251.yaml b/http/cves/2018/CVE-2018-7251.yaml index 5fb5b8fc0e..a1c22b1ced 100644 --- a/http/cves/2018/CVE-2018-7251.yaml +++ b/http/cves/2018/CVE-2018-7251.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-7251 cwe-id: CWE-200 epss-score: 0.06473 - epss-percentile: 0.9358 + epss-percentile: 0.93558 cpe: cpe:2.3:a:anchorcms:anchor:0.12.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-7282.yaml b/http/cves/2018/CVE-2018-7282.yaml index d89e5b51d2..f346c8cd40 100644 --- a/http/cves/2018/CVE-2018-7282.yaml +++ b/http/cves/2018/CVE-2018-7282.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-7282 cwe-id: CWE-89 - epss-score: 0.15537 - epss-percentile: 0.9579 + epss-score: 0.15744 + epss-percentile: 0.95443 cpe: cpe:2.3:a:titool:printmonitor:*:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2018/CVE-2018-7314.yaml b/http/cves/2018/CVE-2018-7314.yaml index e62893672d..51ebd26670 100644 --- a/http/cves/2018/CVE-2018-7314.yaml +++ b/http/cves/2018/CVE-2018-7314.yaml @@ -25,7 +25,7 @@ info: product: prayercenter framework: joomla\! fofa-query: app="Joomla!-网站安装" - tags: cve,cve2018,joomla,sqli,joomla\!,mlwebtechnologies + tags: cve,cve2018,joomla,sqli variables: num: "{{rand_int(800000000, 1000000000)}}" diff --git a/http/cves/2018/CVE-2018-7422.yaml b/http/cves/2018/CVE-2018-7422.yaml index 6962288dfa..2146473a79 100644 --- a/http/cves/2018/CVE-2018-7422.yaml +++ b/http/cves/2018/CVE-2018-7422.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-7422 cwe-id: CWE-22 epss-score: 0.94711 - epss-percentile: 0.99222 + epss-percentile: 0.99202 cpe: cpe:2.3:a:siteeditor:site_editor:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-7653.yaml b/http/cves/2018/CVE-2018-7653.yaml index 0924681deb..1f4589ccf7 100644 --- a/http/cves/2018/CVE-2018-7653.yaml +++ b/http/cves/2018/CVE-2018-7653.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2018-7653 cwe-id: CWE-79 epss-score: 0.00797 - epss-percentile: 0.81275 + epss-percentile: 0.81235 cpe: cpe:2.3:a:yzmcms:yzmcms:3.6:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-7662.yaml b/http/cves/2018/CVE-2018-7662.yaml index 15ebbc286c..4296c733cd 100644 --- a/http/cves/2018/CVE-2018-7662.yaml +++ b/http/cves/2018/CVE-2018-7662.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5.3 cve-id: CVE-2018-7662 cwe-id: CWE-200 - epss-score: 0.00299 - epss-percentile: 0.69023 + epss-score: 0.00292 + epss-percentile: 0.65908 cpe: cpe:2.3:a:couchcms:couch:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-8715.yaml b/http/cves/2018/CVE-2018-8715.yaml index 9e30089c5a..a38abc6ad5 100644 --- a/http/cves/2018/CVE-2018-8715.yaml +++ b/http/cves/2018/CVE-2018-8715.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-8715 cwe-id: CWE-287 epss-score: 0.00927 - epss-percentile: 0.82664 + epss-percentile: 0.8261 cpe: cpe:2.3:a:embedthis:appweb:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-8719.yaml b/http/cves/2018/CVE-2018-8719.yaml index f54a766b3f..cba8bb1015 100644 --- a/http/cves/2018/CVE-2018-8719.yaml +++ b/http/cves/2018/CVE-2018-8719.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-8719 cwe-id: CWE-532 epss-score: 0.03177 - epss-percentile: 0.90976 + epss-percentile: 0.9019 cpe: cpe:2.3:a:wpsecurityauditlog:wp_security_audit_log:3.1.1:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-8823.yaml b/http/cves/2018/CVE-2018-8823.yaml index b9cfa43860..4327084e4d 100644 --- a/http/cves/2018/CVE-2018-8823.yaml +++ b/http/cves/2018/CVE-2018-8823.yaml @@ -27,7 +27,7 @@ info: product: responsive_mega_menu_pro framework: prestashop shodan-query: http.component:"prestashop" - tags: cve,cve2018,prestashop,rce,sqli,responsive_mega_menu_pro_project + tags: cve,cve2018,prestashop,rce,sqli variables: num: "999999999" diff --git a/http/cves/2018/CVE-2018-9205.yaml b/http/cves/2018/CVE-2018-9205.yaml index a2d305eed8..a814e8ae7e 100644 --- a/http/cves/2018/CVE-2018-9205.yaml +++ b/http/cves/2018/CVE-2018-9205.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2018-9205 cwe-id: CWE-22 epss-score: 0.02175 - epss-percentile: 0.8916 + epss-percentile: 0.89127 cpe: cpe:2.3:a:drupal:avatar_uploader:7.x-1.0:beta8:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-0193.yaml b/http/cves/2019/CVE-2019-0193.yaml index a48d2e4e7c..2f9e04ad8e 100644 --- a/http/cves/2019/CVE-2019-0193.yaml +++ b/http/cves/2019/CVE-2019-0193.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-0193 cwe-id: CWE-94 epss-score: 0.9605 - epss-percentile: 0.99455 + epss-percentile: 0.99452 cpe: cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-10098.yaml b/http/cves/2019/CVE-2019-10098.yaml index 1e09f350ee..b71e1cd822 100644 --- a/http/cves/2019/CVE-2019-10098.yaml +++ b/http/cves/2019/CVE-2019-10098.yaml @@ -23,7 +23,7 @@ info: cve-id: CVE-2019-10098 cwe-id: CWE-601 epss-score: 0.10593 - epss-percentile: 0.94929 + epss-percentile: 0.94527 cpe: cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-10232.yaml b/http/cves/2019/CVE-2019-10232.yaml index 3c2872c227..bb3e166d49 100644 --- a/http/cves/2019/CVE-2019-10232.yaml +++ b/http/cves/2019/CVE-2019-10232.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-10232 cwe-id: CWE-89 epss-score: 0.12149 - epss-percentile: 0.9527 + epss-percentile: 0.95246 cpe: cpe:2.3:a:teclib-edition:gestionnaire_libre_de_parc_informatique:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-10475.yaml b/http/cves/2019/CVE-2019-10475.yaml index 6d2595cf85..380740a888 100644 --- a/http/cves/2019/CVE-2019-10475.yaml +++ b/http/cves/2019/CVE-2019-10475.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-10475 cwe-id: CWE-79 epss-score: 0.97301 - epss-percentile: 0.99858 + epss-percentile: 0.99859 cpe: cpe:2.3:a:jenkins:build-metrics:*:*:*:*:*:jenkins:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-11013.yaml b/http/cves/2019/CVE-2019-11013.yaml index 9464258ff2..b9facbd8e0 100644 --- a/http/cves/2019/CVE-2019-11013.yaml +++ b/http/cves/2019/CVE-2019-11013.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-11013 cwe-id: CWE-22 epss-score: 0.01775 - epss-percentile: 0.8779 + epss-percentile: 0.87745 cpe: cpe:2.3:a:softvelum:nimble_streamer:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-11510.yaml b/http/cves/2019/CVE-2019-11510.yaml index 9f019d687a..8493550845 100644 --- a/http/cves/2019/CVE-2019-11510.yaml +++ b/http/cves/2019/CVE-2019-11510.yaml @@ -27,7 +27,7 @@ info: max-request: 1 vendor: ivanti product: connect_secure - tags: packetstorm,cve,cve2019,pulsesecure,lfi,kev,ivanti + tags: packetstorm,cve,cve2019,pulsesecure,lfi,kev http: - method: GET diff --git a/http/cves/2019/CVE-2019-11869.yaml b/http/cves/2019/CVE-2019-11869.yaml index fa98e3d364..02d8b9f57f 100644 --- a/http/cves/2019/CVE-2019-11869.yaml +++ b/http/cves/2019/CVE-2019-11869.yaml @@ -26,8 +26,8 @@ info: cvss-score: 6.1 cve-id: CVE-2019-11869 cwe-id: CWE-79 - epss-score: 0.00187 - epss-percentile: 0.55223 + epss-score: 0.00218 + epss-percentile: 0.597 cpe: cpe:2.3:a:yuzopro:yuzo:5.12.94:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-12461.yaml b/http/cves/2019/CVE-2019-12461.yaml index 289f6a94a8..da9fbcecdb 100644 --- a/http/cves/2019/CVE-2019-12461.yaml +++ b/http/cves/2019/CVE-2019-12461.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-12461 cwe-id: CWE-79 epss-score: 0.00269 - epss-percentile: 0.67291 + epss-percentile: 0.6713 cpe: cpe:2.3:a:webport:web_port:1.19.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-12581.yaml b/http/cves/2019/CVE-2019-12581.yaml index 85caf2a478..327f88b08f 100644 --- a/http/cves/2019/CVE-2019-12581.yaml +++ b/http/cves/2019/CVE-2019-12581.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2019-12581 cwe-id: CWE-79 - epss-score: 0.00358 - epss-percentile: 0.71718 + epss-score: 0.00642 + epss-percentile: 0.7705 cpe: cpe:2.3:o:zyxel:uag2100_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-12583.yaml b/http/cves/2019/CVE-2019-12583.yaml index 135cdbcce4..3f62ff75c8 100644 --- a/http/cves/2019/CVE-2019-12583.yaml +++ b/http/cves/2019/CVE-2019-12583.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-12583 cwe-id: CWE-425 epss-score: 0.00481 - epss-percentile: 0.75483 + epss-percentile: 0.75389 cpe: cpe:2.3:o:zyxel:uag2100_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-12593.yaml b/http/cves/2019/CVE-2019-12593.yaml index 42eefb5423..20ffe994cb 100644 --- a/http/cves/2019/CVE-2019-12593.yaml +++ b/http/cves/2019/CVE-2019-12593.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-12593 cwe-id: CWE-22 epss-score: 0.11506 - epss-percentile: 0.95137 + epss-percentile: 0.95118 cpe: cpe:2.3:a:icewarp:mail_server:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-12985.yaml b/http/cves/2019/CVE-2019-12985.yaml index 601540fc1a..4a1d4341b4 100644 --- a/http/cves/2019/CVE-2019-12985.yaml +++ b/http/cves/2019/CVE-2019-12985.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2019-12985 cwe-id: CWE-78 epss-score: 0.97276 - epss-percentile: 0.99842 + epss-percentile: 0.99843 cpe: cpe:2.3:a:citrix:netscaler_sd-wan:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-12986.yaml b/http/cves/2019/CVE-2019-12986.yaml index a4b019e931..2599109455 100644 --- a/http/cves/2019/CVE-2019-12986.yaml +++ b/http/cves/2019/CVE-2019-12986.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-12986 cwe-id: CWE-78 - epss-score: 0.97276 - epss-percentile: 0.99842 + epss-score: 0.97297 + epss-percentile: 0.9985 cpe: cpe:2.3:a:citrix:netscaler_sd-wan:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-12988.yaml b/http/cves/2019/CVE-2019-12988.yaml index 3bb7c0005b..49902a9eb7 100644 --- a/http/cves/2019/CVE-2019-12988.yaml +++ b/http/cves/2019/CVE-2019-12988.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2019-12988 cwe-id: CWE-78 epss-score: 0.97276 - epss-percentile: 0.99842 + epss-percentile: 0.99843 cpe: cpe:2.3:a:citrix:netscaler_sd-wan:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-12990.yaml b/http/cves/2019/CVE-2019-12990.yaml index 7f89a90810..e582f7f42c 100644 --- a/http/cves/2019/CVE-2019-12990.yaml +++ b/http/cves/2019/CVE-2019-12990.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-12990 cwe-id: CWE-22 - epss-score: 0.90869 - epss-percentile: 0.98791 + epss-score: 0.92152 + epss-percentile: 0.98756 cpe: cpe:2.3:a:citrix:netscaler_sd-wan:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2019/CVE-2019-13101.yaml b/http/cves/2019/CVE-2019-13101.yaml index 22ca8de182..5dd4626056 100644 --- a/http/cves/2019/CVE-2019-13101.yaml +++ b/http/cves/2019/CVE-2019-13101.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-13101 cwe-id: CWE-306 - epss-score: 0.06909 - epss-percentile: 0.93808 + epss-score: 0.0359 + epss-percentile: 0.9142 cpe: cpe:2.3:o:dlink:dir-600m_firmware:3.02:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-13396.yaml b/http/cves/2019/CVE-2019-13396.yaml index 7d469db1ac..d1cafa9db7 100644 --- a/http/cves/2019/CVE-2019-13396.yaml +++ b/http/cves/2019/CVE-2019-13396.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5.3 cve-id: CVE-2019-13396 cwe-id: CWE-22 - epss-score: 0.02877 - epss-percentile: 0.90559 + epss-score: 0.02602 + epss-percentile: 0.90051 cpe: cpe:2.3:a:getflightpath:flightpath:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-13462.yaml b/http/cves/2019/CVE-2019-13462.yaml index d785d72d2e..e0e3d7ab2f 100644 --- a/http/cves/2019/CVE-2019-13462.yaml +++ b/http/cves/2019/CVE-2019-13462.yaml @@ -14,14 +14,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2019-13462 - https://www.nccgroup.trust/uk/our-research/technical-advisory-unauthenticated-sql-injection-in-lansweeper/ - https://www.lansweeper.com/forum/yaf_topics33_Announcements.aspx - - https://github.com/Elsfa7-110/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N cvss-score: 9.1 cve-id: CVE-2019-13462 cwe-id: CWE-89 - epss-score: 0.39773 - epss-percentile: 0.97176 + epss-score: 0.47505 + epss-percentile: 0.97151 cpe: cpe:2.3:a:lansweeper:lansweeper:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-14251.yaml b/http/cves/2019/CVE-2019-14251.yaml index 3111ccde59..6f45634cfd 100644 --- a/http/cves/2019/CVE-2019-14251.yaml +++ b/http/cves/2019/CVE-2019-14251.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2019-14251 cwe-id: CWE-22 epss-score: 0.01653 - epss-percentile: 0.87347 + epss-percentile: 0.87315 cpe: cpe:2.3:a:temenos:t24:r15.01:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-14470.yaml b/http/cves/2019/CVE-2019-14470.yaml index 2f1d96256f..d8b02704ea 100644 --- a/http/cves/2019/CVE-2019-14470.yaml +++ b/http/cves/2019/CVE-2019-14470.yaml @@ -24,10 +24,11 @@ info: epss-percentile: 0.98209 cpe: cpe:2.3:a:instagram-php-api_project:instagram-php-api:-:*:*:*:*:*:*:* metadata: - max-request: 2 - vendor: "instagram-php-api_project" - product: "instagram-php-api" + max-request: 1 + vendor: instagram-php-api_project + product: instagram-php-api tags: cve,cve2019,wordpress,xss,wp-plugin,wpscan,packetstorm,instagram-php-api_project + flow: http(1) && http(2) http: diff --git a/http/cves/2019/CVE-2019-14974.yaml b/http/cves/2019/CVE-2019-14974.yaml index 119e264fc8..68f14ab6ba 100644 --- a/http/cves/2019/CVE-2019-14974.yaml +++ b/http/cves/2019/CVE-2019-14974.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2019-14974 cwe-id: CWE-79 - epss-score: 0.00173 - epss-percentile: 0.53637 + epss-score: 0.00217 + epss-percentile: 0.5978 cpe: cpe:2.3:a:sugarcrm:sugarcrm:9.0.0:*:*:*:enterprise:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-15713.yaml b/http/cves/2019/CVE-2019-15713.yaml index 74b8c8abe3..fc1dc3ea2d 100644 --- a/http/cves/2019/CVE-2019-15713.yaml +++ b/http/cves/2019/CVE-2019-15713.yaml @@ -13,22 +13,21 @@ info: - https://wpscan.com/vulnerability/9267 - https://wordpress.org/plugins/my-calendar/#developers - https://nvd.nist.gov/vuln/detail/CVE-2019-15713 - - https://github.com/ARPSyndicate/cvemon - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-15713 cwe-id: CWE-79 epss-score: 0.00101 - epss-percentile: 0.40741 + epss-percentile: 0.41137 cpe: cpe:2.3:a:my_calendar_project:my_calendar:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "my_calendar_project" - product: "my_calendar" + max-request: 1 + vendor: my_calendar_project + product: my_calendar framework: wordpress tags: cve,cve2019,wordpress,xss,wp-plugin,wpscan,my_calendar_project + flow: http(1) && http(2) http: diff --git a/http/cves/2019/CVE-2019-15811.yaml b/http/cves/2019/CVE-2019-15811.yaml index 8c1bb40296..f7fc8fa7f4 100644 --- a/http/cves/2019/CVE-2019-15811.yaml +++ b/http/cves/2019/CVE-2019-15811.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-15811 cwe-id: CWE-79 epss-score: 0.00269 - epss-percentile: 0.67291 + epss-percentile: 0.6713 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-15829.yaml b/http/cves/2019/CVE-2019-15829.yaml index 50b2e8c823..fd23065c70 100644 --- a/http/cves/2019/CVE-2019-15829.yaml +++ b/http/cves/2019/CVE-2019-15829.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2019-15829 cwe-id: CWE-79 epss-score: 0.00146 - epss-percentile: 0.49845 + epss-percentile: 0.50525 cpe: cpe:2.3:a:greentreelabs:gallery_photoblocks:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-15858.yaml b/http/cves/2019/CVE-2019-15858.yaml index 34c90be83c..b2aa43d1ab 100644 --- a/http/cves/2019/CVE-2019-15858.yaml +++ b/http/cves/2019/CVE-2019-15858.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-15858 cwe-id: CWE-306 epss-score: 0.036 - epss-percentile: 0.91463 + epss-percentile: 0.91432 cpe: cpe:2.3:a:webcraftic:woody_ad_snippets:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-15889.yaml b/http/cves/2019/CVE-2019-15889.yaml index 92823bc151..c4b5e7f4dd 100644 --- a/http/cves/2019/CVE-2019-15889.yaml +++ b/http/cves/2019/CVE-2019-15889.yaml @@ -24,11 +24,12 @@ info: epss-percentile: 0.90679 cpe: cpe:2.3:a:wpdownloadmanager:wordpress_download_manager:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: wpdownloadmanager - product: "wordpress_download_manager" + product: wordpress_download_manager framework: wordpress tags: cve,cve2019,packetstorm,wordpress,xss,wp-plugin,wpdownloadmanager + flow: http(1) && http(2) http: diff --git a/http/cves/2019/CVE-2019-16057.yaml b/http/cves/2019/CVE-2019-16057.yaml index 1ce7a1a0e7..9838f0edb4 100644 --- a/http/cves/2019/CVE-2019-16057.yaml +++ b/http/cves/2019/CVE-2019-16057.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-16057 cwe-id: CWE-78 - epss-score: 0.9752 - epss-percentile: 0.99986 + epss-score: 0.9754 + epss-percentile: 0.99994 cpe: cpe:2.3:o:dlink:dns-320_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-16097.yaml b/http/cves/2019/CVE-2019-16097.yaml index c677796ec4..e8109ac01c 100644 --- a/http/cves/2019/CVE-2019-16097.yaml +++ b/http/cves/2019/CVE-2019-16097.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2019-16097 cwe-id: CWE-862 epss-score: 0.96492 - epss-percentile: 0.9957 + epss-percentile: 0.99563 cpe: cpe:2.3:a:linuxfoundation:harbor:1.7.0:-:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-16123.yaml b/http/cves/2019/CVE-2019-16123.yaml index 36ad5e03b7..fe55d5f723 100644 --- a/http/cves/2019/CVE-2019-16123.yaml +++ b/http/cves/2019/CVE-2019-16123.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-16123 cwe-id: CWE-22 - epss-score: 0.69461 - epss-percentile: 0.9794 + epss-score: 0.67812 + epss-percentile: 0.97877 cpe: cpe:2.3:a:kartatopia:piluscart:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-16332.yaml b/http/cves/2019/CVE-2019-16332.yaml index d4fd45771f..112d15eae1 100644 --- a/http/cves/2019/CVE-2019-16332.yaml +++ b/http/cves/2019/CVE-2019-16332.yaml @@ -24,11 +24,12 @@ info: epss-percentile: 0.69049 cpe: cpe:2.3:a:api_bearer_auth_project:api_bearer_auth:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "api_bearer_auth_project" - product: "api_bearer_auth" + max-request: 1 + vendor: api_bearer_auth_project + product: api_bearer_auth framework: wordpress tags: cve,cve2019,packetstorm,wordpress,xss,wp-plugin,auth,api_bearer_auth_project + flow: http(1) && http(2) http: diff --git a/http/cves/2019/CVE-2019-16469.yaml b/http/cves/2019/CVE-2019-16469.yaml index 9cf96d66af..46dc9a6689 100644 --- a/http/cves/2019/CVE-2019-16469.yaml +++ b/http/cves/2019/CVE-2019-16469.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-16469 cwe-id: CWE-917 - epss-score: 0.12955 - epss-percentile: 0.95393 + epss-score: 0.17165 + epss-percentile: 0.95967 cpe: cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:* metadata: verified: true @@ -28,7 +28,7 @@ info: vendor: adobe product: experience_manager shodan-query: http.component:"Adobe Experience Manager" - tags: cve,cve2019,aem,eli,csti,adobe + tags: cve,cve2019,aem,eli,csti variables: num1: "{{rand_int(800000, 999999)}}" num2: "{{rand_int(800000, 999999)}}" diff --git a/http/cves/2019/CVE-2019-16525.yaml b/http/cves/2019/CVE-2019-16525.yaml index ad6e6b78df..29eff0c62b 100644 --- a/http/cves/2019/CVE-2019-16525.yaml +++ b/http/cves/2019/CVE-2019-16525.yaml @@ -24,11 +24,12 @@ info: epss-percentile: 0.67586 cpe: cpe:2.3:a:checklist:checklist:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: checklist product: checklist framework: wordpress tags: cve,cve2019,xss,wp-plugin,packetstorm,wordpress,checklist + flow: http(1) && http(2) http: diff --git a/http/cves/2019/CVE-2019-16759.yaml b/http/cves/2019/CVE-2019-16759.yaml index 175d3d1844..47efcb0933 100644 --- a/http/cves/2019/CVE-2019-16759.yaml +++ b/http/cves/2019/CVE-2019-16759.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-16759 cwe-id: CWE-94 - epss-score: 0.97513 - epss-percentile: 0.99983 + epss-score: 0.97532 + epss-percentile: 0.99992 cpe: cpe:2.3:a:vbulletin:vbulletin:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-16931.yaml b/http/cves/2019/CVE-2019-16931.yaml index fecba42f67..bb94876d8a 100644 --- a/http/cves/2019/CVE-2019-16931.yaml +++ b/http/cves/2019/CVE-2019-16931.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-16931 cwe-id: CWE-79 epss-score: 0.00244 - epss-percentile: 0.63978 + epss-percentile: 0.63842 cpe: cpe:2.3:a:themeisle:visualizer:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-16932.yaml b/http/cves/2019/CVE-2019-16932.yaml index 0d00bc1e45..69ca3778cf 100644 --- a/http/cves/2019/CVE-2019-16932.yaml +++ b/http/cves/2019/CVE-2019-16932.yaml @@ -25,11 +25,12 @@ info: epss-percentile: 0.97316 cpe: cpe:2.3:a:themeisle:visualizer:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: themeisle product: visualizer framework: wordpress - tags: cve,cve2019,wp-plugin,ssrf,wordpress,oast,unauth,wpscan,intrusive,themeisle,xss + tags: cve,cve2019,wp-plugin,ssrf,wordpress,oast,unauth,wpscan,intrusive,themeisle + flow: http(1) && http(2) http: diff --git a/http/cves/2019/CVE-2019-16997.yaml b/http/cves/2019/CVE-2019-16997.yaml index 5b224b447c..8cdc7790f2 100644 --- a/http/cves/2019/CVE-2019-16997.yaml +++ b/http/cves/2019/CVE-2019-16997.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.2 cve-id: CVE-2019-16997 cwe-id: CWE-89 - epss-score: 0.33595 - epss-percentile: 0.96977 + epss-score: 0.28294 + epss-percentile: 0.96427 cpe: cpe:2.3:a:metinfo:metinfo:7.0.0:beta:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-17270.yaml b/http/cves/2019/CVE-2019-17270.yaml index e5d529fd3c..8f077b4002 100644 --- a/http/cves/2019/CVE-2019-17270.yaml +++ b/http/cves/2019/CVE-2019-17270.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-17270 cwe-id: CWE-78 epss-score: 0.93892 - epss-percentile: 0.99097 + epss-percentile: 0.99085 cpe: cpe:2.3:a:yachtcontrol:yachtcontrol:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-17382.yaml b/http/cves/2019/CVE-2019-17382.yaml index 822bcfe127..4df57d8acb 100644 --- a/http/cves/2019/CVE-2019-17382.yaml +++ b/http/cves/2019/CVE-2019-17382.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.1 cve-id: CVE-2019-17382 cwe-id: CWE-639 - epss-score: 0.3552 - epss-percentile: 0.97039 + epss-score: 0.3141 + epss-percentile: 0.96581 cpe: cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:* metadata: max-request: 100 diff --git a/http/cves/2019/CVE-2019-17503.yaml b/http/cves/2019/CVE-2019-17503.yaml index a1d4caaadd..ec6c7290d2 100644 --- a/http/cves/2019/CVE-2019-17503.yaml +++ b/http/cves/2019/CVE-2019-17503.yaml @@ -12,14 +12,13 @@ info: - https://github.com/Ramikan/Vulnerabilities/blob/master/Kirona-DRS%205.5.3.5%20Multiple%20Vulnerabilities - http://packetstormsecurity.com/files/154838/Kirona-DRS-5.5.3.5-Information-Disclosure.html - https://nvd.nist.gov/vuln/detail/CVE-2019-17503 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2019-17503 cwe-id: CWE-425 - epss-score: 0.00615 - epss-percentile: 0.78361 + epss-score: 0.00433 + epss-percentile: 0.71885 cpe: cpe:2.3:a:kirona:dynamic_resource_scheduling:5.5.3.5:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-17538.yaml b/http/cves/2019/CVE-2019-17538.yaml index c87c95a4b0..af431413a6 100644 --- a/http/cves/2019/CVE-2019-17538.yaml +++ b/http/cves/2019/CVE-2019-17538.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-17538 cwe-id: CWE-22 - epss-score: 0.00811 - epss-percentile: 0.81431 + epss-score: 0.00878 + epss-percentile: 0.80703 cpe: cpe:2.3:a:jnoj:jiangnan_online_judge:0.8.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-1821.yaml b/http/cves/2019/CVE-2019-1821.yaml index 2139eb0dea..27763a0edd 100644 --- a/http/cves/2019/CVE-2019-1821.yaml +++ b/http/cves/2019/CVE-2019-1821.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-1821 cwe-id: CWE-20 - epss-score: 0.96811 - epss-percentile: 0.99668 + epss-score: 0.96882 + epss-percentile: 0.99686 cpe: cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-18957.yaml b/http/cves/2019/CVE-2019-18957.yaml index d937edb3b7..360420f04c 100644 --- a/http/cves/2019/CVE-2019-18957.yaml +++ b/http/cves/2019/CVE-2019-18957.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-18957 cwe-id: CWE-79 epss-score: 0.00375 - epss-percentile: 0.72366 + epss-percentile: 0.72231 cpe: cpe:2.3:a:microstrategy:microstrategy_library:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-1898.yaml b/http/cves/2019/CVE-2019-1898.yaml index 0567b3cbf7..c7493dedb0 100644 --- a/http/cves/2019/CVE-2019-1898.yaml +++ b/http/cves/2019/CVE-2019-1898.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2019-1898 cwe-id: CWE-425,CWE-285 epss-score: 0.07254 - epss-percentile: 0.93927 + epss-percentile: 0.93384 cpe: cpe:2.3:o:cisco:rv110w_firmware:-:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-19368.yaml b/http/cves/2019/CVE-2019-19368.yaml index c657034b6d..5e38f81e01 100644 --- a/http/cves/2019/CVE-2019-19368.yaml +++ b/http/cves/2019/CVE-2019-19368.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-19368 cwe-id: CWE-79 epss-score: 0.00624 - epss-percentile: 0.78558 + epss-percentile: 0.78472 cpe: cpe:2.3:a:maxum:rumpus:8.2.9.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-19908.yaml b/http/cves/2019/CVE-2019-19908.yaml index e999878d3b..d1abf28d43 100644 --- a/http/cves/2019/CVE-2019-19908.yaml +++ b/http/cves/2019/CVE-2019-19908.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-19908 cwe-id: CWE-79 epss-score: 0.00673 - epss-percentile: 0.79461 + epss-percentile: 0.79388 cpe: cpe:2.3:a:ciprianmp:phpmychat-plus:1.98:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-20085.yaml b/http/cves/2019/CVE-2019-20085.yaml index d1199b20df..9e47b5ea74 100644 --- a/http/cves/2019/CVE-2019-20085.yaml +++ b/http/cves/2019/CVE-2019-20085.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-20085 cwe-id: CWE-22 epss-score: 0.69009 - epss-percentile: 0.9793 + epss-percentile: 0.97908 cpe: cpe:2.3:o:tvt:nvms-1000_firmware:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-20933.yaml b/http/cves/2019/CVE-2019-20933.yaml index 2737e41fdb..8f2e603c54 100644 --- a/http/cves/2019/CVE-2019-20933.yaml +++ b/http/cves/2019/CVE-2019-20933.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2019-20933 cwe-id: CWE-287 epss-score: 0.04913 - epss-percentile: 0.92635 + epss-percentile: 0.92609 cpe: cpe:2.3:a:influxdata:influxdb:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-2578.yaml b/http/cves/2019/CVE-2019-2578.yaml index 5bedfc3bed..ad6ea98c97 100644 --- a/http/cves/2019/CVE-2019-2578.yaml +++ b/http/cves/2019/CVE-2019-2578.yaml @@ -20,7 +20,7 @@ info: cvss-score: 8.6 cve-id: CVE-2019-2578 epss-score: 0.00623 - epss-percentile: 0.78523 + epss-percentile: 0.78436 cpe: cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-2588.yaml b/http/cves/2019/CVE-2019-2588.yaml index 765c87cdbd..909195095b 100644 --- a/http/cves/2019/CVE-2019-2588.yaml +++ b/http/cves/2019/CVE-2019-2588.yaml @@ -20,8 +20,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N cvss-score: 4.9 cve-id: CVE-2019-2588 - epss-score: 0.15292 - epss-percentile: 0.95733 + epss-score: 0.13765 + epss-percentile: 0.955 cpe: cpe:2.3:a:oracle:business_intelligence_publisher:11.1.1.9.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-2729.yaml b/http/cves/2019/CVE-2019-2729.yaml index e911566544..8499a113b6 100644 --- a/http/cves/2019/CVE-2019-2729.yaml +++ b/http/cves/2019/CVE-2019-2729.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-2729 cwe-id: CWE-284 epss-score: 0.97101 - epss-percentile: 0.99763 + epss-percentile: 0.99761 cpe: cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2019/CVE-2019-3396.yaml b/http/cves/2019/CVE-2019-3396.yaml index 179ae7d17f..82e7bacddb 100644 --- a/http/cves/2019/CVE-2019-3396.yaml +++ b/http/cves/2019/CVE-2019-3396.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-3396 cwe-id: CWE-22 - epss-score: 0.97495 - epss-percentile: 0.99975 + epss-score: 0.97508 + epss-percentile: 0.9998 cpe: cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-3402.yaml b/http/cves/2019/CVE-2019-3402.yaml index 566edd116f..dcd33c1502 100644 --- a/http/cves/2019/CVE-2019-3402.yaml +++ b/http/cves/2019/CVE-2019-3402.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-3402 cwe-id: CWE-79 epss-score: 0.00238 - epss-percentile: 0.6128 + epss-percentile: 0.61128 cpe: cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-3403.yaml b/http/cves/2019/CVE-2019-3403.yaml index 9f630167e9..1fff86f98c 100644 --- a/http/cves/2019/CVE-2019-3403.yaml +++ b/http/cves/2019/CVE-2019-3403.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-3403 cwe-id: CWE-863 epss-score: 0.00379 - epss-percentile: 0.72536 + epss-percentile: 0.72409 cpe: cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-5418.yaml b/http/cves/2019/CVE-2019-5418.yaml index 3bf3a8281b..9643d6652c 100644 --- a/http/cves/2019/CVE-2019-5418.yaml +++ b/http/cves/2019/CVE-2019-5418.yaml @@ -20,7 +20,7 @@ info: cvss-score: 7.5 cve-id: CVE-2019-5418 cwe-id: CWE-22,NVD-CWE-noinfo - epss-score: 0.97431 + epss-score: 0.97434 epss-percentile: 0.99939 cpe: cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:* metadata: diff --git a/http/cves/2019/CVE-2019-6112.yaml b/http/cves/2019/CVE-2019-6112.yaml index 0f4a212132..c63fc8341f 100644 --- a/http/cves/2019/CVE-2019-6112.yaml +++ b/http/cves/2019/CVE-2019-6112.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-6112 cwe-id: CWE-79 epss-score: 0.00126 - epss-percentile: 0.46441 + epss-percentile: 0.46229 cpe: cpe:2.3:a:graphpaperpress:sell_media:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-6715.yaml b/http/cves/2019/CVE-2019-6715.yaml index 8f8988a111..4ff679ed66 100644 --- a/http/cves/2019/CVE-2019-6715.yaml +++ b/http/cves/2019/CVE-2019-6715.yaml @@ -20,8 +20,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2019-6715 - epss-score: 0.28964 - epss-percentile: 0.96779 + epss-score: 0.23312 + epss-percentile: 0.96449 cpe: cpe:2.3:a:boldgrid:w3_total_cache:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-6799.yaml b/http/cves/2019/CVE-2019-6799.yaml index 23bd2545df..697808948e 100644 --- a/http/cves/2019/CVE-2019-6799.yaml +++ b/http/cves/2019/CVE-2019-6799.yaml @@ -22,7 +22,7 @@ info: cvss-score: 5.9 cve-id: CVE-2019-6799 epss-score: 0.1829 - epss-percentile: 0.96083 + epss-percentile: 0.96069 cpe: cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-7192.yaml b/http/cves/2019/CVE-2019-7192.yaml index bf7a07bc16..54e5da5d21 100644 --- a/http/cves/2019/CVE-2019-7192.yaml +++ b/http/cves/2019/CVE-2019-7192.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-7192 cwe-id: CWE-863 epss-score: 0.96341 - epss-percentile: 0.99525 + epss-percentile: 0.99518 cpe: cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-7219.yaml b/http/cves/2019/CVE-2019-7219.yaml index 875936f04e..ae03168b7b 100644 --- a/http/cves/2019/CVE-2019-7219.yaml +++ b/http/cves/2019/CVE-2019-7219.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-7219 cwe-id: CWE-79 epss-score: 0.00113 - epss-percentile: 0.44006 + epss-percentile: 0.43765 cpe: cpe:2.3:a:zarafa:webaccess:7.2.0-48204:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-7238.yaml b/http/cves/2019/CVE-2019-7238.yaml index 89195672a7..bf2669d2f9 100644 --- a/http/cves/2019/CVE-2019-7238.yaml +++ b/http/cves/2019/CVE-2019-7238.yaml @@ -20,7 +20,7 @@ info: cvss-score: 9.8 cve-id: CVE-2019-7238 epss-score: 0.974 - epss-percentile: 0.99917 + epss-percentile: 0.99915 cpe: cpe:2.3:a:sonatype:nexus:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-7254.yaml b/http/cves/2019/CVE-2019-7254.yaml index 0f04d7a808..0019bd0da1 100644 --- a/http/cves/2019/CVE-2019-7254.yaml +++ b/http/cves/2019/CVE-2019-7254.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-7254 cwe-id: CWE-22 epss-score: 0.85367 - epss-percentile: 0.98479 + epss-percentile: 0.98459 cpe: cpe:2.3:o:nortekcontrol:linear_emerge_essential_firmware:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-7255.yaml b/http/cves/2019/CVE-2019-7255.yaml index 459e8860bc..9a0ccd103b 100644 --- a/http/cves/2019/CVE-2019-7255.yaml +++ b/http/cves/2019/CVE-2019-7255.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-7255 cwe-id: CWE-79 epss-score: 0.01232 - epss-percentile: 0.85168 + epss-percentile: 0.85132 cpe: cpe:2.3:o:nortekcontrol:linear_emerge_essential_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-7256.yaml b/http/cves/2019/CVE-2019-7256.yaml index 9e16c037b3..a12bf0c6d3 100644 --- a/http/cves/2019/CVE-2019-7256.yaml +++ b/http/cves/2019/CVE-2019-7256.yaml @@ -21,8 +21,8 @@ info: cvss-score: 10 cve-id: CVE-2019-7256 cwe-id: CWE-78 - epss-score: 0.97466 - epss-percentile: 0.99956 + epss-score: 0.97388 + epss-percentile: 0.99904 cpe: cpe:2.3:o:nortekcontrol:linear_emerge_essential_firmware:*:*:*:*:*:*:*:* metadata: verified: true @@ -30,7 +30,7 @@ info: vendor: nortekcontrol product: linear_emerge_essential_firmware shodan-query: title:"eMerge" - tags: cve,cve2019,emerge,rce,edb,nortekcontrol,kev + tags: cve,cve2019,emerge,rce,edb,nortekcontrol variables: file: "{{rand_text_alpha(10)}}" diff --git a/http/cves/2019/CVE-2019-7275.yaml b/http/cves/2019/CVE-2019-7275.yaml index 8268e177af..0571403dd7 100644 --- a/http/cves/2019/CVE-2019-7275.yaml +++ b/http/cves/2019/CVE-2019-7275.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-7275 cwe-id: CWE-601 epss-score: 0.00483 - epss-percentile: 0.75515 + epss-percentile: 0.73411 cpe: cpe:2.3:a:optergy:enterprise:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-7315.yaml b/http/cves/2019/CVE-2019-7315.yaml index 36ffcc7bee..dbb2045f39 100644 --- a/http/cves/2019/CVE-2019-7315.yaml +++ b/http/cves/2019/CVE-2019-7315.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2019-7315 cwe-id: CWE-22 epss-score: 0.0172 - epss-percentile: 0.87608 + epss-percentile: 0.87556 cpe: cpe:2.3:o:genieaccess:wip3bvaf_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-7481.yaml b/http/cves/2019/CVE-2019-7481.yaml index cefedb470c..2a7931a208 100644 --- a/http/cves/2019/CVE-2019-7481.yaml +++ b/http/cves/2019/CVE-2019-7481.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-7481 cwe-id: CWE-89 epss-score: 0.91724 - epss-percentile: 0.98857 + epss-percentile: 0.98849 cpe: cpe:2.3:o:sonicwall:sma_100_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-8390.yaml b/http/cves/2019/CVE-2019-8390.yaml index 6aa0046589..d063a60bba 100644 --- a/http/cves/2019/CVE-2019-8390.yaml +++ b/http/cves/2019/CVE-2019-8390.yaml @@ -15,14 +15,13 @@ info: - http://qdpm.net/download-qdpm-free-project-management - https://nvd.nist.gov/vuln/detail/CVE-2019-8390 - http://sourceforge.net/projects/qdpm - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-8390 cwe-id: CWE-79 - epss-score: 0.01904 - epss-percentile: 0.88312 + epss-score: 0.0161 + epss-percentile: 0.86055 cpe: cpe:2.3:a:qdpm:qdpm:9.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-8442.yaml b/http/cves/2019/CVE-2019-8442.yaml index 927c9c545a..f1844c79dd 100644 --- a/http/cves/2019/CVE-2019-8442.yaml +++ b/http/cves/2019/CVE-2019-8442.yaml @@ -20,7 +20,7 @@ info: cvss-score: 7.5 cve-id: CVE-2019-8442 epss-score: 0.97131 - epss-percentile: 0.9978 + epss-percentile: 0.99777 cpe: cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-8446.yaml b/http/cves/2019/CVE-2019-8446.yaml index 4b4379c753..808522bcd6 100644 --- a/http/cves/2019/CVE-2019-8446.yaml +++ b/http/cves/2019/CVE-2019-8446.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-8446 cwe-id: CWE-863 epss-score: 0.15691 - epss-percentile: 0.95807 + epss-percentile: 0.95793 cpe: cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-8451.yaml b/http/cves/2019/CVE-2019-8451.yaml index f45c7db517..2536b4407f 100644 --- a/http/cves/2019/CVE-2019-8451.yaml +++ b/http/cves/2019/CVE-2019-8451.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-8451 cwe-id: CWE-918 epss-score: 0.97115 - epss-percentile: 0.99768 + epss-percentile: 0.99766 cpe: cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-8937.yaml b/http/cves/2019/CVE-2019-8937.yaml index 5941ef949e..f3e7f952fa 100644 --- a/http/cves/2019/CVE-2019-8937.yaml +++ b/http/cves/2019/CVE-2019-8937.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2019-8937 cwe-id: CWE-79 - epss-score: 0.00567 - epss-percentile: 0.77417 + epss-score: 0.00921 + epss-percentile: 0.81203 cpe: cpe:2.3:a:digitaldruid:hoteldruid:2.3.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-8982.yaml b/http/cves/2019/CVE-2019-8982.yaml index c6c805341d..18e00665dc 100644 --- a/http/cves/2019/CVE-2019-8982.yaml +++ b/http/cves/2019/CVE-2019-8982.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.6 cve-id: CVE-2019-8982 cwe-id: CWE-918 - epss-score: 0.01771 - epss-percentile: 0.87774 + epss-score: 0.02482 + epss-percentile: 0.89006 cpe: cpe:2.3:a:wavemaker:wavemarker_studio:6.6:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-9618.yaml b/http/cves/2019/CVE-2019-9618.yaml index 9843a75bde..b253e3b500 100644 --- a/http/cves/2019/CVE-2019-9618.yaml +++ b/http/cves/2019/CVE-2019-9618.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-9618 cwe-id: CWE-22 - epss-score: 0.03858 - epss-percentile: 0.91743 + epss-score: 0.04914 + epss-percentile: 0.9261 cpe: cpe:2.3:a:gracemedia_media_player_project:gracemedia_media_player:1.0:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-9632.yaml b/http/cves/2019/CVE-2019-9632.yaml index 3ee89f9698..874bd34942 100644 --- a/http/cves/2019/CVE-2019-9632.yaml +++ b/http/cves/2019/CVE-2019-9632.yaml @@ -13,14 +13,13 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2019-9632 + cpe: cpe:2.3:a:esafenet:electronic_document_security_management_system:v3:*:*:*:*:*:*:* epss-score: 0.00183 epss-percentile: 0.54622 - cpe: cpe:2.3:a:esafenet:electronic_document_security_management_system:v3:*:*:*:*:*:*:* metadata: - max-request: 1 + product: electronic_document_security_management_system vendor: esafenet - product: "electronic_document_security_management_system" - fofa-query: "title=\"电子文档安全管理系统\"" + fofa-query: title="电子文档安全管理系统" tags: cve,cve2019,esafenet,lfi http: diff --git a/http/cves/2019/CVE-2019-9733.yaml b/http/cves/2019/CVE-2019-9733.yaml index 291a68eb70..a39fdef2a7 100644 --- a/http/cves/2019/CVE-2019-9733.yaml +++ b/http/cves/2019/CVE-2019-9733.yaml @@ -19,8 +19,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-9733 - epss-score: 0.91165 - epss-percentile: 0.98814 + epss-score: 0.91018 + epss-percentile: 0.98791 cpe: cpe:2.3:a:jfrog:artifactory:6.7.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-9955.yaml b/http/cves/2019/CVE-2019-9955.yaml index 1c5b613ade..8c84efe3c6 100644 --- a/http/cves/2019/CVE-2019-9955.yaml +++ b/http/cves/2019/CVE-2019-9955.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2019-9955 cwe-id: CWE-79 epss-score: 0.05816 - epss-percentile: 0.93253 + epss-percentile: 0.93234 cpe: cpe:2.3:o:zyxel:atp200_firmware:4.31:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-9978.yaml b/http/cves/2019/CVE-2019-9978.yaml index b7a2539eb5..c96d8eae2f 100644 --- a/http/cves/2019/CVE-2019-9978.yaml +++ b/http/cves/2019/CVE-2019-9978.yaml @@ -27,7 +27,7 @@ info: product: social_warfare framework: wordpress fofa-query: body="social-warfare" && body="wp-" - tags: cve,cve2019,wordpress,wp-plugin,ssrf,kev,warfareplugins,xss + tags: cve,cve2019,wordpress,wp-plugin,ssrf,kev,warfareplugins flow: http(1) && http(2) http: diff --git a/http/cves/2020/CVE-2020-0618.yaml b/http/cves/2020/CVE-2020-0618.yaml index ca2cfa45b1..db74d9daff 100644 --- a/http/cves/2020/CVE-2020-0618.yaml +++ b/http/cves/2020/CVE-2020-0618.yaml @@ -20,8 +20,8 @@ info: cvss-score: 8.8 cve-id: CVE-2020-0618 cwe-id: CWE-502 - epss-score: 0.97378 - epss-percentile: 0.99901 + epss-score: 0.97439 + epss-percentile: 0.99944 cpe: cpe:2.3:a:microsoft:sql_server:2012:sp4:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-10546.yaml b/http/cves/2020/CVE-2020-10546.yaml index 92313e84b6..984c7f9d15 100644 --- a/http/cves/2020/CVE-2020-10546.yaml +++ b/http/cves/2020/CVE-2020-10546.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-10546 cwe-id: CWE-89 epss-score: 0.38355 - epss-percentile: 0.97147 + epss-percentile: 0.97128 cpe: cpe:2.3:a:rconfig:rconfig:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-10770.yaml b/http/cves/2020/CVE-2020-10770.yaml index dfdcfc5c63..9e85dd16c1 100644 --- a/http/cves/2020/CVE-2020-10770.yaml +++ b/http/cves/2020/CVE-2020-10770.yaml @@ -14,14 +14,13 @@ info: - https://www.exploit-db.com/exploits/50405 - https://nvd.nist.gov/vuln/detail/CVE-2020-10770 - https://bugzilla.redhat.com/show_bug.cgi?id=1846270 - - https://github.com/CLincat/vulcat classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N cvss-score: 5.3 cve-id: CVE-2020-10770 cwe-id: CWE-918 - epss-score: 0.33085 - epss-percentile: 0.9695 + epss-score: 0.3389 + epss-percentile: 0.96671 cpe: cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-11034.yaml b/http/cves/2020/CVE-2020-11034.yaml index 4d03286370..9c883a9ecc 100644 --- a/http/cves/2020/CVE-2020-11034.yaml +++ b/http/cves/2020/CVE-2020-11034.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2020-11034 cwe-id: CWE-601,CWE-185 - epss-score: 0.00493 - epss-percentile: 0.75802 + epss-score: 0.00381 + epss-percentile: 0.70139 cpe: cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-11450.yaml b/http/cves/2020/CVE-2020-11450.yaml index 9e14272d4f..25dae9851f 100644 --- a/http/cves/2020/CVE-2020-11450.yaml +++ b/http/cves/2020/CVE-2020-11450.yaml @@ -20,7 +20,7 @@ info: cvss-score: 7.5 cve-id: CVE-2020-11450 epss-score: 0.59818 - epss-percentile: 0.97702 + epss-percentile: 0.9769 cpe: cpe:2.3:a:microstrategy:microstrategy_web:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-11710.yaml b/http/cves/2020/CVE-2020-11710.yaml index 672b9b2a79..5fca7e72a8 100644 --- a/http/cves/2020/CVE-2020-11710.yaml +++ b/http/cves/2020/CVE-2020-11710.yaml @@ -20,7 +20,7 @@ info: cvss-score: 9.8 cve-id: CVE-2020-11710 epss-score: 0.02642 - epss-percentile: 0.90159 + epss-percentile: 0.90121 cpe: cpe:2.3:a:konghq:docker-kong:*:*:*:*:*:kong:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-11798.yaml b/http/cves/2020/CVE-2020-11798.yaml index ed63806fb9..7495b1df8e 100644 --- a/http/cves/2020/CVE-2020-11798.yaml +++ b/http/cves/2020/CVE-2020-11798.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5.3 cve-id: CVE-2020-11798 cwe-id: CWE-22 - epss-score: 0.7839 - epss-percentile: 0.98187 + epss-score: 0.82302 + epss-percentile: 0.98125 cpe: cpe:2.3:a:mitel:micollab_audio\,_web_\&_video_conferencing:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-11930.yaml b/http/cves/2020/CVE-2020-11930.yaml index c589593ce9..e20b060b70 100644 --- a/http/cves/2020/CVE-2020-11930.yaml +++ b/http/cves/2020/CVE-2020-11930.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-11930 cwe-id: CWE-79 epss-score: 0.00303 - epss-percentile: 0.69188 + epss-percentile: 0.69031 cpe: cpe:2.3:a:gtranslate:translate_wordpress_with_gtranslate:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-11978.yaml b/http/cves/2020/CVE-2020-11978.yaml index 3c8bd53bb2..e42eb5d196 100644 --- a/http/cves/2020/CVE-2020-11978.yaml +++ b/http/cves/2020/CVE-2020-11978.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-11978 cwe-id: CWE-78 epss-score: 0.97425 - epss-percentile: 0.99934 + epss-percentile: 0.99933 cpe: cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-12259.yaml b/http/cves/2020/CVE-2020-12259.yaml index d36b07ca3d..3026e1ed61 100644 --- a/http/cves/2020/CVE-2020-12259.yaml +++ b/http/cves/2020/CVE-2020-12259.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2020-12259 cwe-id: CWE-79 epss-score: 0.16256 - epss-percentile: 0.9587 + epss-percentile: 0.95859 cpe: cpe:2.3:a:rconfig:rconfig:3.9.4:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2020/CVE-2020-12478.yaml b/http/cves/2020/CVE-2020-12478.yaml index 8087843616..da5cb58c9e 100644 --- a/http/cves/2020/CVE-2020-12478.yaml +++ b/http/cves/2020/CVE-2020-12478.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-12478 cwe-id: CWE-306 - epss-score: 0.01496 - epss-percentile: 0.86615 + epss-score: 0.01186 + epss-percentile: 0.8478 cpe: cpe:2.3:a:teampass:teampass:2.1.27.36:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-12800.yaml b/http/cves/2020/CVE-2020-12800.yaml index 938e30cd19..542899ba7d 100644 --- a/http/cves/2020/CVE-2020-12800.yaml +++ b/http/cves/2020/CVE-2020-12800.yaml @@ -15,14 +15,13 @@ info: - https://github.com/amartinsec/CVE-2020-12800 - https://packetstormsecurity.com/files/157951/WordPress-Drag-And-Drop-Multi-File-Uploader-Remote-Code-Execution.html - https://wordpress.org/plugins/drag-and-drop-multiple-file-upload-contact-form-7/#developers - - https://github.com/Retr0-ll/littleterm classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-12800 cwe-id: CWE-434 - epss-score: 0.97424 - epss-percentile: 0.99934 + epss-score: 0.97465 + epss-percentile: 0.99957 cpe: cpe:2.3:a:codedropz:drag_and_drop_multiple_file_upload_-_contact_form_7:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-13117.yaml b/http/cves/2020/CVE-2020-13117.yaml index 814170a256..0a7eb8a7b4 100644 --- a/http/cves/2020/CVE-2020-13117.yaml +++ b/http/cves/2020/CVE-2020-13117.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-13117 cwe-id: CWE-77 - epss-score: 0.09416 - epss-percentile: 0.94615 + epss-score: 0.07866 + epss-percentile: 0.94083 cpe: cpe:2.3:o:wavlink:wn575a4_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-13121.yaml b/http/cves/2020/CVE-2020-13121.yaml index e877854cc7..cd7764f649 100644 --- a/http/cves/2020/CVE-2020-13121.yaml +++ b/http/cves/2020/CVE-2020-13121.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2020-13121 cwe-id: CWE-601 epss-score: 0.00235 - epss-percentile: 0.61091 + epss-percentile: 0.60944 cpe: cpe:2.3:a:rcos:submitty:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-13167.yaml b/http/cves/2020/CVE-2020-13167.yaml index f2f2dfb709..14361e187f 100644 --- a/http/cves/2020/CVE-2020-13167.yaml +++ b/http/cves/2020/CVE-2020-13167.yaml @@ -14,15 +14,13 @@ info: - https://ssd-disclosure.com/ssd-advisory-netsweeper-preauth-rce/ - https://portswigger.net/daily-swig/severe-rce-vulnerability-in-content-filtering-system-has-been-patched-netsweeper-says - https://nvd.nist.gov/vuln/detail/CVE-2020-13167 - - https://github.com/ARPSyndicate/cvemon - - https://github.com/Elsfa7-110/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-13167 cwe-id: CWE-78 epss-score: 0.97405 - epss-percentile: 0.99921 + epss-percentile: 0.99917 cpe: cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-13258.yaml b/http/cves/2020/CVE-2020-13258.yaml index a0e84efa51..9c8e3873f9 100644 --- a/http/cves/2020/CVE-2020-13258.yaml +++ b/http/cves/2020/CVE-2020-13258.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-13258 cwe-id: CWE-79 epss-score: 0.00464 - epss-percentile: 0.75018 + epss-percentile: 0.7492 cpe: cpe:2.3:a:contentful:python_example:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-13638.yaml b/http/cves/2020/CVE-2020-13638.yaml index b0796ad8fb..041b88e439 100644 --- a/http/cves/2020/CVE-2020-13638.yaml +++ b/http/cves/2020/CVE-2020-13638.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2020-13638 cwe-id: CWE-269 epss-score: 0.39352 - epss-percentile: 0.97169 + epss-percentile: 0.97152 cpe: cpe:2.3:a:rconfig:rconfig:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-13700.yaml b/http/cves/2020/CVE-2020-13700.yaml index ada8ad325b..1ac48b20e1 100644 --- a/http/cves/2020/CVE-2020-13700.yaml +++ b/http/cves/2020/CVE-2020-13700.yaml @@ -15,14 +15,13 @@ info: - https://wordpress.org/plugins/acf-to-rest-api/#developers - https://github.com/airesvsg/acf-to-rest-api - https://nvd.nist.gov/vuln/detail/CVE-2020-13700 - - https://github.com/Elsfa7-110/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-13700 cwe-id: CWE-639 epss-score: 0.01831 - epss-percentile: 0.88006 + epss-percentile: 0.86908 cpe: cpe:2.3:a:acf_to_rest_api_project:acf_to_rest_api:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-13820.yaml b/http/cves/2020/CVE-2020-13820.yaml index cb2b587d97..01d5fcd3e6 100644 --- a/http/cves/2020/CVE-2020-13820.yaml +++ b/http/cves/2020/CVE-2020-13820.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2020-13820 cwe-id: CWE-79 epss-score: 0.00289 - epss-percentile: 0.68483 + epss-percentile: 0.65704 cpe: cpe:2.3:a:extremenetworks:extreme_management_center:8.4.1.24:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-13851.yaml b/http/cves/2020/CVE-2020-13851.yaml index 0b001b22b4..fdaef27edb 100644 --- a/http/cves/2020/CVE-2020-13851.yaml +++ b/http/cves/2020/CVE-2020-13851.yaml @@ -16,8 +16,8 @@ info: cvss-score: 8.8 cve-id: CVE-2020-13851 cwe-id: CWE-78 - epss-score: 0.96905 - epss-percentile: 0.99696 + epss-score: 0.96952 + epss-percentile: 0.99674 cpe: cpe:2.3:a:pandorafms:pandora_fms:7.44:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2020/CVE-2020-13927.yaml b/http/cves/2020/CVE-2020-13927.yaml index adc134a728..6a9e81b8b8 100644 --- a/http/cves/2020/CVE-2020-13927.yaml +++ b/http/cves/2020/CVE-2020-13927.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2020-13927 cwe-id: CWE-1188 epss-score: 0.96246 - epss-percentile: 0.99498 + epss-percentile: 0.99489 cpe: cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-14144.yaml b/http/cves/2020/CVE-2020-14144.yaml index 74d72fbf6d..4f34dc02ce 100644 --- a/http/cves/2020/CVE-2020-14144.yaml +++ b/http/cves/2020/CVE-2020-14144.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.2 cve-id: CVE-2020-14144 cwe-id: CWE-78 - epss-score: 0.97234 - epss-percentile: 0.99828 + epss-score: 0.97181 + epss-percentile: 0.99775 cpe: cpe:2.3:a:gitea:gitea:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-14408.yaml b/http/cves/2020/CVE-2020-14408.yaml index bf920dfb37..2f1c79e2ee 100644 --- a/http/cves/2020/CVE-2020-14408.yaml +++ b/http/cves/2020/CVE-2020-14408.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-14408 cwe-id: CWE-79 epss-score: 0.00113 - epss-percentile: 0.44091 + epss-percentile: 0.44682 cpe: cpe:2.3:a:agentejo:cockpit:0.10.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-14864.yaml b/http/cves/2020/CVE-2020-14864.yaml index 4e26a238f9..4d4bbdc9cc 100644 --- a/http/cves/2020/CVE-2020-14864.yaml +++ b/http/cves/2020/CVE-2020-14864.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-14864 cwe-id: CWE-22 - epss-score: 0.52556 - epss-percentile: 0.97538 + epss-score: 0.4541 + epss-percentile: 0.97318 cpe: cpe:2.3:a:oracle:business_intelligence:5.5.0.0.0:*:*:*:enterprise:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-14882.yaml b/http/cves/2020/CVE-2020-14882.yaml index 3b14d29cc5..6e39666c78 100644 --- a/http/cves/2020/CVE-2020-14882.yaml +++ b/http/cves/2020/CVE-2020-14882.yaml @@ -20,8 +20,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-14882 - epss-score: 0.97493 - epss-percentile: 0.99973 + epss-score: 0.9739 + epss-percentile: 0.99906 cpe: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-15050.yaml b/http/cves/2020/CVE-2020-15050.yaml index b6061d7774..e51ec40239 100644 --- a/http/cves/2020/CVE-2020-15050.yaml +++ b/http/cves/2020/CVE-2020-15050.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-15050 cwe-id: CWE-22 epss-score: 0.55214 - epss-percentile: 0.97601 + epss-percentile: 0.97597 cpe: cpe:2.3:a:supremainc:biostar_2:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-15129.yaml b/http/cves/2020/CVE-2020-15129.yaml index 0753ebf1e3..08bc9bcdfe 100644 --- a/http/cves/2020/CVE-2020-15129.yaml +++ b/http/cves/2020/CVE-2020-15129.yaml @@ -20,8 +20,8 @@ info: cvss-score: 4.7 cve-id: CVE-2020-15129 cwe-id: CWE-601 - epss-score: 0.00826 - epss-percentile: 0.81621 + epss-score: 0.00701 + epss-percentile: 0.7816 cpe: cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-15148.yaml b/http/cves/2020/CVE-2020-15148.yaml index 58ceaf09b1..07a32b99f6 100644 --- a/http/cves/2020/CVE-2020-15148.yaml +++ b/http/cves/2020/CVE-2020-15148.yaml @@ -19,8 +19,8 @@ info: cvss-score: 10 cve-id: CVE-2020-15148 cwe-id: CWE-502 - epss-score: 0.02822 - epss-percentile: 0.90476 + epss-score: 0.02081 + epss-percentile: 0.88831 cpe: cpe:2.3:a:yiiframework:yii:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-15895.yaml b/http/cves/2020/CVE-2020-15895.yaml index 934a6df5bf..f394848dde 100644 --- a/http/cves/2020/CVE-2020-15895.yaml +++ b/http/cves/2020/CVE-2020-15895.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-15895 cwe-id: CWE-79 epss-score: 0.00187 - epss-percentile: 0.55219 + epss-percentile: 0.55045 cpe: cpe:2.3:o:dlink:dir-816l_firmware:2.06:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-15920.yaml b/http/cves/2020/CVE-2020-15920.yaml index 3f4a4e99b0..784b453144 100644 --- a/http/cves/2020/CVE-2020-15920.yaml +++ b/http/cves/2020/CVE-2020-15920.yaml @@ -14,14 +14,13 @@ info: - http://packetstormsecurity.com/files/158991/Mida-eFramework-2.9.0-Remote-Code-Execution.html - http://packetstormsecurity.com/files/159194/Mida-Solutions-eFramework-ajaxreq.php-Command-Injection.html - https://nvd.nist.gov/vuln/detail/CVE-2020-15920 - - https://github.com/HimmelAward/Goby_POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-15920 cwe-id: CWE-78 - epss-score: 0.97239 - epss-percentile: 0.9983 + epss-score: 0.9722 + epss-percentile: 0.998 cpe: cpe:2.3:a:midasolutions:eframework:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-16846.yaml b/http/cves/2020/CVE-2020-16846.yaml index c97d446925..a4bf4dc52a 100644 --- a/http/cves/2020/CVE-2020-16846.yaml +++ b/http/cves/2020/CVE-2020-16846.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-16846 cwe-id: CWE-78 epss-score: 0.97467 - epss-percentile: 0.99956 + epss-percentile: 0.99957 cpe: cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-17362.yaml b/http/cves/2020/CVE-2020-17362.yaml index 6913422636..7176d4dbdc 100644 --- a/http/cves/2020/CVE-2020-17362.yaml +++ b/http/cves/2020/CVE-2020-17362.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-17362 cwe-id: CWE-79 epss-score: 0.00101 - epss-percentile: 0.40741 + epss-percentile: 0.412 cpe: cpe:2.3:a:themeinprogress:nova_lite:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-17496.yaml b/http/cves/2020/CVE-2020-17496.yaml index 2356f959b8..146e4e4c97 100644 --- a/http/cves/2020/CVE-2020-17496.yaml +++ b/http/cves/2020/CVE-2020-17496.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-17496 cwe-id: CWE-74 - epss-score: 0.97486 - epss-percentile: 0.99969 + epss-score: 0.97451 + epss-percentile: 0.99949 cpe: cpe:2.3:a:vbulletin:vbulletin:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-17505.yaml b/http/cves/2020/CVE-2020-17505.yaml index 0d8c7c9c53..a4f23ab207 100644 --- a/http/cves/2020/CVE-2020-17505.yaml +++ b/http/cves/2020/CVE-2020-17505.yaml @@ -20,8 +20,8 @@ info: cvss-score: 8.8 cve-id: CVE-2020-17505 cwe-id: CWE-78 - epss-score: 0.96038 - epss-percentile: 0.99451 + epss-score: 0.96502 + epss-percentile: 0.99502 cpe: cpe:2.3:a:articatech:web_proxy:4.30.000000:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-19283.yaml b/http/cves/2020/CVE-2020-19283.yaml index 5ce9d26aca..7349dcd02a 100644 --- a/http/cves/2020/CVE-2020-19283.yaml +++ b/http/cves/2020/CVE-2020-19283.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-19283 cwe-id: CWE-79 epss-score: 0.00135 - epss-percentile: 0.48038 + epss-percentile: 0.47808 cpe: cpe:2.3:a:jeesns:jeesns:1.4.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-19625.yaml b/http/cves/2020/CVE-2020-19625.yaml index 77d40fa7bf..8e68ab8b4e 100644 --- a/http/cves/2020/CVE-2020-19625.yaml +++ b/http/cves/2020/CVE-2020-19625.yaml @@ -21,7 +21,7 @@ info: cvss-score: 9.8 cve-id: CVE-2020-19625 epss-score: 0.83118 - epss-percentile: 0.98363 + epss-percentile: 0.98347 cpe: cpe:2.3:a:gridx_project:gridx:1.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-20285.yaml b/http/cves/2020/CVE-2020-20285.yaml index 2ecdd8a02f..e7993a1d98 100644 --- a/http/cves/2020/CVE-2020-20285.yaml +++ b/http/cves/2020/CVE-2020-20285.yaml @@ -13,14 +13,13 @@ info: reference: - https://github.com/iohex/ZZCMS/blob/master/zzcms2019_login_xss.md - https://nvd.nist.gov/vuln/detail/CVE-2020-20285 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2020-20285 cwe-id: CWE-79 epss-score: 0.0009 - epss-percentile: 0.37435 + epss-percentile: 0.37789 cpe: cpe:2.3:a:zzcms:zzcms:2019:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-20300.yaml b/http/cves/2020/CVE-2020-20300.yaml index 5632e8f716..a2a35f76f7 100644 --- a/http/cves/2020/CVE-2020-20300.yaml +++ b/http/cves/2020/CVE-2020-20300.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-20300 cwe-id: CWE-89 epss-score: 0.20647 - epss-percentile: 0.96282 + epss-percentile: 0.96263 cpe: cpe:2.3:a:weiphp:weiphp:5.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-2036.yaml b/http/cves/2020/CVE-2020-2036.yaml index f4fdbc9b18..be479fca2a 100644 --- a/http/cves/2020/CVE-2020-2036.yaml +++ b/http/cves/2020/CVE-2020-2036.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2020-2036 cwe-id: CWE-79 epss-score: 0.03232 - epss-percentile: 0.91049 + epss-percentile: 0.91005 cpe: cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2020/CVE-2020-20988.yaml b/http/cves/2020/CVE-2020-20988.yaml index df551cb4df..07f450bdb6 100644 --- a/http/cves/2020/CVE-2020-20988.yaml +++ b/http/cves/2020/CVE-2020-20988.yaml @@ -13,14 +13,13 @@ info: reference: - https://mycvee.blogspot.com/p/xss2.html - https://nvd.nist.gov/vuln/detail/CVE-2020-20988 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2020-20988 cwe-id: CWE-79 epss-score: 0.0009 - epss-percentile: 0.37435 + epss-percentile: 0.37789 cpe: cpe:2.3:a:domainmod:domainmod:4.13.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-2103.yaml b/http/cves/2020/CVE-2020-2103.yaml index 3dffbb3331..5adba642ed 100644 --- a/http/cves/2020/CVE-2020-2103.yaml +++ b/http/cves/2020/CVE-2020-2103.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-2103 cwe-id: CWE-200 epss-score: 0.00534 - epss-percentile: 0.76778 + epss-percentile: 0.76681 cpe: cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-2140.yaml b/http/cves/2020/CVE-2020-2140.yaml index f5d3bed661..2067c059b4 100644 --- a/http/cves/2020/CVE-2020-2140.yaml +++ b/http/cves/2020/CVE-2020-2140.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-2140 cwe-id: CWE-79 epss-score: 0.00181 - epss-percentile: 0.54637 + epss-percentile: 0.54462 cpe: cpe:2.3:a:jenkins:audit_trail:*:*:*:*:*:jenkins:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-22208.yaml b/http/cves/2020/CVE-2020-22208.yaml index 938d012832..ff8cb13e1b 100644 --- a/http/cves/2020/CVE-2020-22208.yaml +++ b/http/cves/2020/CVE-2020-22208.yaml @@ -13,14 +13,13 @@ info: reference: - https://github.com/blindkey/cve_like/issues/10 - https://nvd.nist.gov/vuln/detail/CVE-2020-22208 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-22208 cwe-id: CWE-89 - epss-score: 0.20429 - epss-percentile: 0.9627 + epss-score: 0.19578 + epss-percentile: 0.9585 cpe: cpe:2.3:a:74cms:74cms:3.2.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-22209.yaml b/http/cves/2020/CVE-2020-22209.yaml index ff0281cd14..0b164d90aa 100644 --- a/http/cves/2020/CVE-2020-22209.yaml +++ b/http/cves/2020/CVE-2020-22209.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-22209 cwe-id: CWE-89 - epss-score: 0.20429 - epss-percentile: 0.9627 + epss-score: 0.15522 + epss-percentile: 0.95775 cpe: cpe:2.3:a:74cms:74cms:3.2.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-22840.yaml b/http/cves/2020/CVE-2020-22840.yaml index 7b0cf5810e..f49f70617d 100644 --- a/http/cves/2020/CVE-2020-22840.yaml +++ b/http/cves/2020/CVE-2020-22840.yaml @@ -14,14 +14,13 @@ info: - http://packetstormsecurity.com/files/161362/b2evolution-CMS-6.11.6-Open-Redirection.html - https://www.exploit-db.com/exploits/49554 - https://nvd.nist.gov/vuln/detail/CVE-2020-22840 - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-22840 cwe-id: CWE-601 - epss-score: 0.01016 - epss-percentile: 0.83446 + epss-score: 0.01043 + epss-percentile: 0.82334 cpe: cpe:2.3:a:b2evolution:b2evolution:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-23697.yaml b/http/cves/2020/CVE-2020-23697.yaml index 0d70e86e0c..ecb351c611 100644 --- a/http/cves/2020/CVE-2020-23697.yaml +++ b/http/cves/2020/CVE-2020-23697.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-23697 cwe-id: CWE-79 epss-score: 0.0009 - epss-percentile: 0.37435 + epss-percentile: 0.37812 cpe: cpe:2.3:a:monstra:monstra_cms:3.0.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-24312.yaml b/http/cves/2020/CVE-2020-24312.yaml index 96316a2fcb..479d3e3e4b 100644 --- a/http/cves/2020/CVE-2020-24312.yaml +++ b/http/cves/2020/CVE-2020-24312.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-24312 cwe-id: CWE-552 - epss-score: 0.01622 - epss-percentile: 0.87227 + epss-score: 0.02041 + epss-percentile: 0.87791 cpe: cpe:2.3:a:webdesi9:file_manager:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-24391.yaml b/http/cves/2020/CVE-2020-24391.yaml index 1b221a58cc..37cae3cbaa 100644 --- a/http/cves/2020/CVE-2020-24391.yaml +++ b/http/cves/2020/CVE-2020-24391.yaml @@ -20,7 +20,7 @@ info: cvss-score: 9.8 cve-id: CVE-2020-24391 epss-score: 0.55667 - epss-percentile: 0.97609 + epss-percentile: 0.97606 cpe: cpe:2.3:a:mongo-express_project:mongo-express:*:*:*:*:*:node.js:*:* metadata: max-request: 3 diff --git a/http/cves/2020/CVE-2020-24902.yaml b/http/cves/2020/CVE-2020-24902.yaml index ac46357923..d74e13a076 100644 --- a/http/cves/2020/CVE-2020-24902.yaml +++ b/http/cves/2020/CVE-2020-24902.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-24902 cwe-id: CWE-79 epss-score: 0.00195 - epss-percentile: 0.5662 + epss-percentile: 0.56453 cpe: cpe:2.3:a:quixplorer_project:quixplorer:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-24912.yaml b/http/cves/2020/CVE-2020-24912.yaml index 8117cb0bc8..56b58ad4e6 100644 --- a/http/cves/2020/CVE-2020-24912.yaml +++ b/http/cves/2020/CVE-2020-24912.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-24912 cwe-id: CWE-79 epss-score: 0.00346 - epss-percentile: 0.7122 + epss-percentile: 0.7108 cpe: cpe:2.3:a:qcubed:qcubed:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2020/CVE-2020-25223.yaml b/http/cves/2020/CVE-2020-25223.yaml index 8bf949c93b..cd19370ce5 100644 --- a/http/cves/2020/CVE-2020-25223.yaml +++ b/http/cves/2020/CVE-2020-25223.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-25223 cwe-id: CWE-78 - epss-score: 0.97521 - epss-percentile: 0.99987 + epss-score: 0.97508 + epss-percentile: 0.99981 cpe: cpe:2.3:a:sophos:unified_threat_management:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-25506.yaml b/http/cves/2020/CVE-2020-25506.yaml index 73f249050e..5baf81dbeb 100644 --- a/http/cves/2020/CVE-2020-25506.yaml +++ b/http/cves/2020/CVE-2020-25506.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-25506 cwe-id: CWE-78 - epss-score: 0.97394 - epss-percentile: 0.99911 + epss-score: 0.97383 + epss-percentile: 0.99903 cpe: cpe:2.3:o:dlink:dns-320_firmware:2.06b01:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-2551.yaml b/http/cves/2020/CVE-2020-2551.yaml index e9906688e9..58d1bf46eb 100644 --- a/http/cves/2020/CVE-2020-2551.yaml +++ b/http/cves/2020/CVE-2020-2551.yaml @@ -14,14 +14,12 @@ info: - https://github.com/hktalent/CVE-2020-2551 - https://nvd.nist.gov/vuln/detail/CVE-2020-2551 - https://www.oracle.com/security-alerts/cpujan2020.html - - https://github.com/Hatcat123/my_stars - - https://github.com/Y4er/CVE-2020-2551 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-2551 - epss-score: 0.97513 - epss-percentile: 0.99983 + epss-score: 0.97491 + epss-percentile: 0.99973 cpe: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-25540.yaml b/http/cves/2020/CVE-2020-25540.yaml index 443de451fc..8557d20b49 100644 --- a/http/cves/2020/CVE-2020-25540.yaml +++ b/http/cves/2020/CVE-2020-25540.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-25540 cwe-id: CWE-22 epss-score: 0.96711 - epss-percentile: 0.99637 + epss-percentile: 0.99631 cpe: cpe:2.3:a:thinkadmin:thinkadmin:6.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-25780.yaml b/http/cves/2020/CVE-2020-25780.yaml index abddd7b8b3..40a8c9b236 100644 --- a/http/cves/2020/CVE-2020-25780.yaml +++ b/http/cves/2020/CVE-2020-25780.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-25780 cwe-id: CWE-22 - epss-score: 0.0562 - epss-percentile: 0.93142 + epss-score: 0.04166 + epss-percentile: 0.92003 cpe: cpe:2.3:a:commvault:commcell:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-26153.yaml b/http/cves/2020/CVE-2020-26153.yaml index cca9f88c48..8509b89117 100644 --- a/http/cves/2020/CVE-2020-26153.yaml +++ b/http/cves/2020/CVE-2020-26153.yaml @@ -14,22 +14,21 @@ info: - https://labs.nettitude.com/blog/cve-2020-26153-event-espresso-core-cross-site-scripting/ - https://github.com/eventespresso/event-espresso-core/compare/4.10.6.p...4.10.7.p - https://nvd.nist.gov/vuln/detail/CVE-2020-26153 - - https://github.com/ARPSyndicate/cvemon - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-26153 cwe-id: CWE-79 - epss-score: 0.00141 - epss-percentile: 0.49133 + epss-score: 0.00127 + epss-percentile: 0.47114 cpe: cpe:2.3:a:eventespresso:event_espresso:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: eventespresso - product: "event_espresso" + product: event_espresso framework: wordpress tags: cve2020,cve,xss,wordpress,wp-plugin,eventespresso + flow: http(1) && http(2) http: diff --git a/http/cves/2020/CVE-2020-26214.yaml b/http/cves/2020/CVE-2020-26214.yaml index 648608a8fd..4a4876eacf 100644 --- a/http/cves/2020/CVE-2020-26214.yaml +++ b/http/cves/2020/CVE-2020-26214.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-26214 cwe-id: CWE-287 epss-score: 0.01546 - epss-percentile: 0.86875 + epss-percentile: 0.85739 cpe: cpe:2.3:a:alerta_project:alerta:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-26217.yaml b/http/cves/2020/CVE-2020-26217.yaml index 2b99637827..bcad0d4ac7 100644 --- a/http/cves/2020/CVE-2020-26217.yaml +++ b/http/cves/2020/CVE-2020-26217.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-26217 cwe-id: CWE-78 epss-score: 0.97384 - epss-percentile: 0.99905 + epss-percentile: 0.99904 cpe: cpe:2.3:a:xstream_project:xstream:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-26248.yaml b/http/cves/2020/CVE-2020-26248.yaml index c29f1c2f56..98be999570 100644 --- a/http/cves/2020/CVE-2020-26248.yaml +++ b/http/cves/2020/CVE-2020-26248.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-26248 cwe-id: CWE-89 epss-score: 0.01617 - epss-percentile: 0.87205 + epss-percentile: 0.87187 cpe: cpe:2.3:a:prestashop:productcomments:*:*:*:*:*:prestashop:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-26258.yaml b/http/cves/2020/CVE-2020-26258.yaml index 68bc8c1c2f..ed2f7f7df1 100644 --- a/http/cves/2020/CVE-2020-26258.yaml +++ b/http/cves/2020/CVE-2020-26258.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-26258 cwe-id: CWE-918 epss-score: 0.90088 - epss-percentile: 0.98739 + epss-percentile: 0.98718 cpe: cpe:2.3:a:xstream_project:xstream:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-2733.yaml b/http/cves/2020/CVE-2020-2733.yaml index 0030b4bb58..e7a2ec4233 100644 --- a/http/cves/2020/CVE-2020-2733.yaml +++ b/http/cves/2020/CVE-2020-2733.yaml @@ -21,7 +21,7 @@ info: cvss-score: 9.8 cve-id: CVE-2020-2733 epss-score: 0.29301 - epss-percentile: 0.96802 + epss-percentile: 0.96779 cpe: cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-27735.yaml b/http/cves/2020/CVE-2020-27735.yaml index b77b1cf6ca..1c0bad2be6 100644 --- a/http/cves/2020/CVE-2020-27735.yaml +++ b/http/cves/2020/CVE-2020-27735.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2020-27735 cwe-id: CWE-79 epss-score: 0.00228 - epss-percentile: 0.60475 + epss-percentile: 0.60318 cpe: cpe:2.3:a:wftpserver:wing_ftp_server:6.4.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-27838.yaml b/http/cves/2020/CVE-2020-27838.yaml index 4f150acf60..2b26c83f60 100644 --- a/http/cves/2020/CVE-2020-27838.yaml +++ b/http/cves/2020/CVE-2020-27838.yaml @@ -21,14 +21,14 @@ info: cve-id: CVE-2020-27838 cwe-id: CWE-287 epss-score: 0.08135 - epss-percentile: 0.94216 + epss-percentile: 0.93734 cpe: cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: redhat product: keycloak shodan-query: "title:\"keycloak\"" - tags: cve,cve2020,keycloak,exposure,redhat + tags: cve,cve2020,keycloak,exposure http: - method: GET diff --git a/http/cves/2020/CVE-2020-28185.yaml b/http/cves/2020/CVE-2020-28185.yaml index c9307d8b40..7d8080615c 100644 --- a/http/cves/2020/CVE-2020-28185.yaml +++ b/http/cves/2020/CVE-2020-28185.yaml @@ -21,7 +21,7 @@ info: cvss-score: 5.3 cve-id: CVE-2020-28185 epss-score: 0.00465 - epss-percentile: 0.75038 + epss-percentile: 0.74945 cpe: cpe:2.3:o:terra-master:tos:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-28188.yaml b/http/cves/2020/CVE-2020-28188.yaml index 6df996d9de..2651659e44 100644 --- a/http/cves/2020/CVE-2020-28188.yaml +++ b/http/cves/2020/CVE-2020-28188.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-28188 cwe-id: CWE-78 - epss-score: 0.97298 - epss-percentile: 0.99857 + epss-score: 0.97279 + epss-percentile: 0.99845 cpe: cpe:2.3:o:terra-master:tos:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-28208.yaml b/http/cves/2020/CVE-2020-28208.yaml index b3614be879..c02225fcab 100644 --- a/http/cves/2020/CVE-2020-28208.yaml +++ b/http/cves/2020/CVE-2020-28208.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-28208 cwe-id: CWE-203 epss-score: 0.01197 - epss-percentile: 0.84903 + epss-percentile: 0.84869 cpe: cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-28351.yaml b/http/cves/2020/CVE-2020-28351.yaml index eb7805c8a5..4fbdc41294 100644 --- a/http/cves/2020/CVE-2020-28351.yaml +++ b/http/cves/2020/CVE-2020-28351.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2020-28351 cwe-id: CWE-79 - epss-score: 0.00359 - epss-percentile: 0.71773 + epss-score: 0.0036 + epss-percentile: 0.71646 cpe: cpe:2.3:o:mitel:shoretel_firmware:19.46.1802.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-28871.yaml b/http/cves/2020/CVE-2020-28871.yaml index 4e12454394..c8d8d0c2d1 100644 --- a/http/cves/2020/CVE-2020-28871.yaml +++ b/http/cves/2020/CVE-2020-28871.yaml @@ -27,7 +27,7 @@ info: max-request: 2 vendor: monitorr product: monitorr - tags: cve,cve2020,unauth,fileupload,monitor,edb,intrusive,packetstorm,rce,monitorr_project,monitorr + tags: cve,cve2020,unauth,fileupload,monitor,edb,intrusive,packetstorm,rce,monitorr_project http: - raw: diff --git a/http/cves/2020/CVE-2020-28976.yaml b/http/cves/2020/CVE-2020-28976.yaml index 3fdea8c379..7585eb5de8 100644 --- a/http/cves/2020/CVE-2020-28976.yaml +++ b/http/cves/2020/CVE-2020-28976.yaml @@ -24,11 +24,12 @@ info: epss-percentile: 0.78321 cpe: cpe:2.3:a:canto:canto:1.3.0:*:*:*:*:wordpress:*:* metadata: - max-request: 4 + max-request: 3 vendor: canto product: canto framework: wordpress tags: cve2020,cve,packetstorm,ssrf,wordpress,wp-plugin,oast,edb,canto + flow: http(1) && http(2) http: diff --git a/http/cves/2020/CVE-2020-29227.yaml b/http/cves/2020/CVE-2020-29227.yaml index 1d4b821987..1d68e39a0b 100644 --- a/http/cves/2020/CVE-2020-29227.yaml +++ b/http/cves/2020/CVE-2020-29227.yaml @@ -19,8 +19,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-29227 - epss-score: 0.01421 - epss-percentile: 0.86249 + epss-score: 0.01122 + epss-percentile: 0.83087 cpe: cpe:2.3:a:car_rental_management_system_project:car_rental_management_system:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-29395.yaml b/http/cves/2020/CVE-2020-29395.yaml index 8ee03c3e5f..0d94312140 100644 --- a/http/cves/2020/CVE-2020-29395.yaml +++ b/http/cves/2020/CVE-2020-29395.yaml @@ -21,14 +21,15 @@ info: cve-id: CVE-2020-29395 cwe-id: CWE-79 epss-score: 0.05489 - epss-percentile: 0.93054 + epss-percentile: 0.93026 cpe: cpe:2.3:a:myeventon:eventon:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: myeventon product: eventon framework: wordpress tags: cve,cve2020,wordpress,xss,wp-plugin,packetstorm,myeventon + flow: http(1) && http(2) http: diff --git a/http/cves/2020/CVE-2020-29597.yaml b/http/cves/2020/CVE-2020-29597.yaml index 6aa8abd66b..cf65d76241 100644 --- a/http/cves/2020/CVE-2020-29597.yaml +++ b/http/cves/2020/CVE-2020-29597.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-29597 cwe-id: CWE-434 - epss-score: 0.77921 - epss-percentile: 0.98175 + epss-score: 0.78448 + epss-percentile: 0.9817 cpe: cpe:2.3:a:incomcms_project:incomcms:2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-35489.yaml b/http/cves/2020/CVE-2020-35489.yaml index c3a9e586c4..2369c12c6a 100644 --- a/http/cves/2020/CVE-2020-35489.yaml +++ b/http/cves/2020/CVE-2020-35489.yaml @@ -20,8 +20,8 @@ info: cvss-score: 10 cve-id: CVE-2020-35489 cwe-id: CWE-434 - epss-score: 0.85054 - epss-percentile: 0.98465 + epss-score: 0.88428 + epss-percentile: 0.98435 cpe: cpe:2.3:a:rocklobster:contact_form_7:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-35749.yaml b/http/cves/2020/CVE-2020-35749.yaml index abf5941252..1145fee9cb 100644 --- a/http/cves/2020/CVE-2020-35749.yaml +++ b/http/cves/2020/CVE-2020-35749.yaml @@ -14,14 +14,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2020-35749 - https://docs.google.com/document/d/1TbePkrRGsczepBaJptIdVRvfRrjiC5hjGg_Vxdesw6E/edit?usp=sharing - http://packetstormsecurity.com/files/161050/Simple-JobBoard-Authenticated-File-Read.html - - https://github.com/Enes4xd/Enes4xd classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N cvss-score: 7.7 cve-id: CVE-2020-35749 cwe-id: CWE-22 - epss-score: 0.03303 - epss-percentile: 0.91135 + epss-score: 0.02144 + epss-percentile: 0.88116 cpe: cpe:2.3:a:presstigers:simple_board_job:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-35774.yaml b/http/cves/2020/CVE-2020-35774.yaml index 710582be7c..967de94ad6 100644 --- a/http/cves/2020/CVE-2020-35774.yaml +++ b/http/cves/2020/CVE-2020-35774.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5.4 cve-id: CVE-2020-35774 cwe-id: CWE-79 - epss-score: 0.97288 - epss-percentile: 0.9985 + epss-score: 0.97225 + epss-percentile: 0.99823 cpe: cpe:2.3:a:twitter:twitter-server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-35846.yaml b/http/cves/2020/CVE-2020-35846.yaml index be4875c43b..6018bad026 100644 --- a/http/cves/2020/CVE-2020-35846.yaml +++ b/http/cves/2020/CVE-2020-35846.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-35846 cwe-id: CWE-89 - epss-score: 0.8243 - epss-percentile: 0.98339 + epss-score: 0.78767 + epss-percentile: 0.98182 cpe: cpe:2.3:a:agentejo:cockpit:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-35847.yaml b/http/cves/2020/CVE-2020-35847.yaml index 69a7cab1b8..b0f399f261 100644 --- a/http/cves/2020/CVE-2020-35847.yaml +++ b/http/cves/2020/CVE-2020-35847.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-35847 cwe-id: CWE-89 - epss-score: 0.78865 - epss-percentile: 0.98201 + epss-score: 0.77399 + epss-percentile: 0.98139 cpe: cpe:2.3:a:agentejo:cockpit:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-35984.yaml b/http/cves/2020/CVE-2020-35984.yaml index 854278d3d0..8136dd8f95 100644 --- a/http/cves/2020/CVE-2020-35984.yaml +++ b/http/cves/2020/CVE-2020-35984.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-35984 cwe-id: CWE-79 epss-score: 0.00127 - epss-percentile: 0.46669 + epss-percentile: 0.46456 cpe: cpe:2.3:a:rukovoditel:rukovoditel:2.7.2:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2020/CVE-2020-35987.yaml b/http/cves/2020/CVE-2020-35987.yaml index e3a56aee56..eb8c02320d 100644 --- a/http/cves/2020/CVE-2020-35987.yaml +++ b/http/cves/2020/CVE-2020-35987.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-35987 cwe-id: CWE-79 epss-score: 0.00127 - epss-percentile: 0.46669 + epss-percentile: 0.47225 cpe: cpe:2.3:a:rukovoditel:rukovoditel:2.7.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-36112.yaml b/http/cves/2020/CVE-2020-36112.yaml index 4194f1febf..95be5d3413 100644 --- a/http/cves/2020/CVE-2020-36112.yaml +++ b/http/cves/2020/CVE-2020-36112.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2020-36112 cwe-id: CWE-89 epss-score: 0.40407 - epss-percentile: 0.97197 + epss-percentile: 0.9718 cpe: cpe:2.3:a:cse_bookstore_project:cse_bookstore:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-36365.yaml b/http/cves/2020/CVE-2020-36365.yaml index 65800218c2..c3116b81e6 100644 --- a/http/cves/2020/CVE-2020-36365.yaml +++ b/http/cves/2020/CVE-2020-36365.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2020-36365 cwe-id: CWE-601 - epss-score: 0.00259 - epss-percentile: 0.65206 + epss-score: 0.00244 + epss-percentile: 0.62379 cpe: cpe:2.3:a:smartstore:smartstorenet:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-36510.yaml b/http/cves/2020/CVE-2020-36510.yaml index e199577f63..bc0f0e5ae6 100644 --- a/http/cves/2020/CVE-2020-36510.yaml +++ b/http/cves/2020/CVE-2020-36510.yaml @@ -20,15 +20,16 @@ info: cve-id: CVE-2020-36510 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42379 + epss-percentile: 0.42122 cpe: cpe:2.3:a:codetipi:15zine:*:*:*:*:*:wordpress:*:* metadata: verified: "false" - max-request: 2 + max-request: 1 vendor: codetipi product: 15zine framework: wordpress tags: cve2020,cve,xss,wordpress,wp-theme,wp,wpscan,codetipi + flow: http(1) && http(2) http: diff --git a/http/cves/2020/CVE-2020-5191.yaml b/http/cves/2020/CVE-2020-5191.yaml index 16cfd3e138..07db650b42 100644 --- a/http/cves/2020/CVE-2020-5191.yaml +++ b/http/cves/2020/CVE-2020-5191.yaml @@ -14,15 +14,13 @@ info: - https://www.exploit-db.com/exploits/47841 - https://phpgurukul.com/hospital-management-system-in-php/ - https://nvd.nist.gov/vuln/detail/CVE-2020-5191 - - https://github.com/ARPSyndicate/cvemon - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-5191 cwe-id: CWE-79 epss-score: 0.00345 - epss-percentile: 0.71197 + epss-percentile: 0.68617 cpe: cpe:2.3:a:phpgurukul:hospital_management_system:4.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-5284.yaml b/http/cves/2020/CVE-2020-5284.yaml index dec95611fd..f5b538a8f4 100644 --- a/http/cves/2020/CVE-2020-5284.yaml +++ b/http/cves/2020/CVE-2020-5284.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-5284 cwe-id: CWE-22,CWE-23 epss-score: 0.00213 - epss-percentile: 0.58791 + epss-percentile: 0.58675 cpe: cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-5307.yaml b/http/cves/2020/CVE-2020-5307.yaml index 71792a993c..1cc290f1f9 100644 --- a/http/cves/2020/CVE-2020-5307.yaml +++ b/http/cves/2020/CVE-2020-5307.yaml @@ -14,14 +14,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2020-5307 - https://www.exploit-db.com/exploits/47846 - https://cinzinga.github.io/CVE-2020-5307-5308/ - - https://github.com/lennon-liu/vul_check classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-5307 cwe-id: CWE-89 - epss-score: 0.02189 - epss-percentile: 0.89203 + epss-score: 0.01863 + epss-percentile: 0.87061 cpe: cpe:2.3:a:phpgurukul:dairy_farm_shop_management_system:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-5405.yaml b/http/cves/2020/CVE-2020-5405.yaml index 5edda11a2a..8f86828ed2 100644 --- a/http/cves/2020/CVE-2020-5405.yaml +++ b/http/cves/2020/CVE-2020-5405.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2020-5405 cwe-id: CWE-22,CWE-23 - epss-score: 0.00366 - epss-percentile: 0.72065 + epss-score: 0.00258 + epss-percentile: 0.64891 cpe: cpe:2.3:a:vmware:spring_cloud_config:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-5410.yaml b/http/cves/2020/CVE-2020-5410.yaml index 3fdb320eb0..7154278d76 100644 --- a/http/cves/2020/CVE-2020-5410.yaml +++ b/http/cves/2020/CVE-2020-5410.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-5410 cwe-id: CWE-22,CWE-23 - epss-score: 0.97175 - epss-percentile: 0.99797 + epss-score: 0.96876 + epss-percentile: 0.99649 cpe: cpe:2.3:a:vmware:spring_cloud_config:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-5412.yaml b/http/cves/2020/CVE-2020-5412.yaml index 559f762075..eb8e0da897 100644 --- a/http/cves/2020/CVE-2020-5412.yaml +++ b/http/cves/2020/CVE-2020-5412.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2020-5412 cwe-id: CWE-610,CWE-441 - epss-score: 0.05499 - epss-percentile: 0.93063 + epss-score: 0.05469 + epss-percentile: 0.93009 cpe: cpe:2.3:a:vmware:spring_cloud_netflix:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-5775.yaml b/http/cves/2020/CVE-2020-5775.yaml index 64b4301f6e..a841e3af38 100644 --- a/http/cves/2020/CVE-2020-5775.yaml +++ b/http/cves/2020/CVE-2020-5775.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-5775 cwe-id: CWE-918 epss-score: 0.00194 - epss-percentile: 0.56285 + epss-percentile: 0.57293 cpe: cpe:2.3:a:instructure:canvas_learning_management_service:2020-07-29:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-5776.yaml b/http/cves/2020/CVE-2020-5776.yaml index 38d8e32779..450854ca58 100644 --- a/http/cves/2020/CVE-2020-5776.yaml +++ b/http/cves/2020/CVE-2020-5776.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-5776 cwe-id: CWE-352 epss-score: 0.50353 - epss-percentile: 0.97465 + epss-percentile: 0.97455 cpe: cpe:2.3:a:magmi_project:magmi:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2020/CVE-2020-6207.yaml b/http/cves/2020/CVE-2020-6207.yaml index 0557fa3a9f..74d1a8004d 100644 --- a/http/cves/2020/CVE-2020-6207.yaml +++ b/http/cves/2020/CVE-2020-6207.yaml @@ -22,8 +22,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-6207 cwe-id: CWE-306 - epss-score: 0.97439 - epss-percentile: 0.99944 + epss-score: 0.97437 + epss-percentile: 0.99941 cpe: cpe:2.3:a:sap:solution_manager:7.20:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-6287.yaml b/http/cves/2020/CVE-2020-6287.yaml index 68e27a07af..3e57175d56 100644 --- a/http/cves/2020/CVE-2020-6287.yaml +++ b/http/cves/2020/CVE-2020-6287.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-6287 cwe-id: CWE-306 epss-score: 0.97502 - epss-percentile: 0.99978 + epss-percentile: 0.99977 cpe: cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-6308.yaml b/http/cves/2020/CVE-2020-6308.yaml index 9e403124d6..06cde54f7a 100644 --- a/http/cves/2020/CVE-2020-6308.yaml +++ b/http/cves/2020/CVE-2020-6308.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5.3 cve-id: CVE-2020-6308 cwe-id: CWE-918 - epss-score: 0.00568 - epss-percentile: 0.77444 + epss-score: 0.004 + epss-percentile: 0.73121 cpe: cpe:2.3:a:sap:businessobjects_business_intelligence_platform:4.1:-:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-6637.yaml b/http/cves/2020/CVE-2020-6637.yaml index 6fc9ee0b33..af793bcf11 100644 --- a/http/cves/2020/CVE-2020-6637.yaml +++ b/http/cves/2020/CVE-2020-6637.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-6637 cwe-id: CWE-89 - epss-score: 0.02901 - epss-percentile: 0.90593 + epss-score: 0.02067 + epss-percentile: 0.87871 cpe: cpe:2.3:a:os4ed:opensis:7.3:*:*:*:community:*:*:* metadata: max-request: 3 diff --git a/http/cves/2020/CVE-2020-7107.yaml b/http/cves/2020/CVE-2020-7107.yaml index 9043240695..c526b5ecea 100644 --- a/http/cves/2020/CVE-2020-7107.yaml +++ b/http/cves/2020/CVE-2020-7107.yaml @@ -21,15 +21,16 @@ info: cve-id: CVE-2020-7107 cwe-id: CWE-79 epss-score: 0.00395 - epss-percentile: 0.73018 + epss-percentile: 0.70653 cpe: cpe:2.3:a:etoilewebdesign:ultimate_faq:*:*:*:*:*:wordpress:*:* metadata: verified: true - max-request: 2 + max-request: 1 vendor: etoilewebdesign - product: "ultimate_faq" + product: ultimate_faq framework: wordpress tags: cve,cve2020,ultimate-faqs,wpscan,xss,wordpress,wp-plugin,wp,etoilewebdesign + flow: http(1) && http(2) http: diff --git a/http/cves/2020/CVE-2020-7136.yaml b/http/cves/2020/CVE-2020-7136.yaml index 5b54db2270..21ef231eb1 100644 --- a/http/cves/2020/CVE-2020-7136.yaml +++ b/http/cves/2020/CVE-2020-7136.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-7136 cwe-id: CWE-288 epss-score: 0.26929 - epss-percentile: 0.96676 + epss-percentile: 0.96662 cpe: cpe:2.3:a:hpe:smart_update_manager:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-8615.yaml b/http/cves/2020/CVE-2020-8615.yaml index cd2805c76b..573c41bdc3 100644 --- a/http/cves/2020/CVE-2020-8615.yaml +++ b/http/cves/2020/CVE-2020-8615.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2020-8615 cwe-id: CWE-352 epss-score: 0.00632 - epss-percentile: 0.78688 + epss-percentile: 0.78607 cpe: cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-8644.yaml b/http/cves/2020/CVE-2020-8644.yaml index e122f735ec..aae9417521 100644 --- a/http/cves/2020/CVE-2020-8644.yaml +++ b/http/cves/2020/CVE-2020-8644.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-8644 cwe-id: CWE-94 - epss-score: 0.95993 - epss-percentile: 0.99439 + epss-score: 0.96028 + epss-percentile: 0.99356 cpe: cpe:2.3:a:playsms:playsms:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-8771.yaml b/http/cves/2020/CVE-2020-8771.yaml index a341e171ba..c98c2542b7 100644 --- a/http/cves/2020/CVE-2020-8771.yaml +++ b/http/cves/2020/CVE-2020-8771.yaml @@ -14,14 +14,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2020-8771 - https://wpvulndb.com/vulnerabilities/10010 - https://www.webarxsecurity.com/vulnerability-infinitewp-client-wp-time-capsule/ - - https://github.com/beardcodes/wordpress classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-8771 cwe-id: CWE-287 - epss-score: 0.06409 - epss-percentile: 0.93547 + epss-score: 0.07621 + epss-percentile: 0.93504 cpe: cpe:2.3:a:wptimecapsule:wp_time_capsule:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-9047.yaml b/http/cves/2020/CVE-2020-9047.yaml index 9a9de9cad5..1e73f2b6e2 100644 --- a/http/cves/2020/CVE-2020-9047.yaml +++ b/http/cves/2020/CVE-2020-9047.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2020-9047 cwe-id: CWE-347 epss-score: 0.00782 - epss-percentile: 0.81057 + epss-percentile: 0.81009 cpe: cpe:2.3:a:johnsoncontrols:exacqvision_enterprise_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-9425.yaml b/http/cves/2020/CVE-2020-9425.yaml index be4566baf9..fe00dd8dd6 100644 --- a/http/cves/2020/CVE-2020-9425.yaml +++ b/http/cves/2020/CVE-2020-9425.yaml @@ -13,15 +13,13 @@ info: - https://blog.hivint.com/rconfig-3-9-3-unauthenticated-sensitive-information-disclosure-ead4ed88f153 - https://github.com/rconfig/rconfig/commit/20f4e3d87e84663d922b937842fddd9af1b68dd9 - https://nvd.nist.gov/vuln/detail/CVE-2020-9425 - - https://github.com/Elsfa7-110/kenzer-templates - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-9425 cwe-id: CWE-670 epss-score: 0.01611 - epss-percentile: 0.87183 + epss-percentile: 0.86058 cpe: cpe:2.3:a:rconfig:rconfig:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-9496.yaml b/http/cves/2020/CVE-2020-9496.yaml index 3390c5dc0c..1caba30088 100644 --- a/http/cves/2020/CVE-2020-9496.yaml +++ b/http/cves/2020/CVE-2020-9496.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2020-9496 cwe-id: CWE-502 - epss-score: 0.90082 - epss-percentile: 0.98738 + epss-score: 0.89561 + epss-percentile: 0.98689 cpe: cpe:2.3:a:apache:ofbiz:17.12.03:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-9757.yaml b/http/cves/2020/CVE-2020-9757.yaml index ecc843630d..125ff6c462 100644 --- a/http/cves/2020/CVE-2020-9757.yaml +++ b/http/cves/2020/CVE-2020-9757.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-9757 cwe-id: CWE-74 epss-score: 0.96518 - epss-percentile: 0.99583 + epss-percentile: 0.99576 cpe: cpe:2.3:a:craftcms:craft_cms:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-1497.yaml b/http/cves/2021/CVE-2021-1497.yaml index 7686e67655..d95bfcc94e 100644 --- a/http/cves/2021/CVE-2021-1497.yaml +++ b/http/cves/2021/CVE-2021-1497.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-1497 cwe-id: CWE-78 - epss-score: 0.97528 - epss-percentile: 0.9999 + epss-score: 0.97512 + epss-percentile: 0.99982 cpe: cpe:2.3:o:cisco:hyperflex_hx_data_platform:4.0\(2a\):*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-1499.yaml b/http/cves/2021/CVE-2021-1499.yaml index 5540632594..5747bbb194 100644 --- a/http/cves/2021/CVE-2021-1499.yaml +++ b/http/cves/2021/CVE-2021-1499.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-1499 cwe-id: CWE-306 epss-score: 0.9652 - epss-percentile: 0.99585 + epss-percentile: 0.99578 cpe: cpe:2.3:o:cisco:hyperflex_hx_data_platform:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-20092.yaml b/http/cves/2021/CVE-2021-20092.yaml index 636b64d363..79459c085f 100644 --- a/http/cves/2021/CVE-2021-20092.yaml +++ b/http/cves/2021/CVE-2021-20092.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-20092 cwe-id: CWE-287 epss-score: 0.01583 - epss-percentile: 0.87068 + epss-percentile: 0.87054 cpe: cpe:2.3:o:buffalo:wsr-2533dhpl2-bk_firmware:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-20158.yaml b/http/cves/2021/CVE-2021-20158.yaml index e4d0b83db5..41df85c9ff 100644 --- a/http/cves/2021/CVE-2021-20158.yaml +++ b/http/cves/2021/CVE-2021-20158.yaml @@ -12,15 +12,13 @@ info: reference: - https://www.tenable.com/security/research/tra-2021-54 - https://nvd.nist.gov/vuln/detail/CVE-2021-20150 - - https://github.com/ARPSyndicate/kenzer-templates - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-20158 cwe-id: CWE-306 epss-score: 0.01211 - epss-percentile: 0.84998 + epss-percentile: 0.83754 cpe: cpe:2.3:o:trendnet:tew-827dru_firmware:2.08b01:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-20167.yaml b/http/cves/2021/CVE-2021-20167.yaml index 099bfd3053..68804ff1a6 100644 --- a/http/cves/2021/CVE-2021-20167.yaml +++ b/http/cves/2021/CVE-2021-20167.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2021-20167 cwe-id: CWE-77 epss-score: 0.94822 - epss-percentile: 0.99236 + epss-percentile: 0.99222 cpe: cpe:2.3:o:netgear:rax43_firmware:1.0.3.96:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-20792.yaml b/http/cves/2021/CVE-2021-20792.yaml index c207fa137b..be8fe34461 100644 --- a/http/cves/2021/CVE-2021-20792.yaml +++ b/http/cves/2021/CVE-2021-20792.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-20792 cwe-id: CWE-79 - epss-score: 0.00209 - epss-percentile: 0.58286 + epss-score: 0.00183 + epss-percentile: 0.54675 cpe: cpe:2.3:a:expresstech:quiz_and_survey_master:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-20837.yaml b/http/cves/2021/CVE-2021-20837.yaml index b55196f969..088094fef1 100644 --- a/http/cves/2021/CVE-2021-20837.yaml +++ b/http/cves/2021/CVE-2021-20837.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-20837 cwe-id: CWE-78 epss-score: 0.96998 - epss-percentile: 0.99727 + epss-percentile: 0.99689 cpe: cpe:2.3:a:sixapart:movable_type:*:*:*:*:premium:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21087.yaml b/http/cves/2021/CVE-2021-21087.yaml index 430af34277..d8102a7f67 100644 --- a/http/cves/2021/CVE-2021-21087.yaml +++ b/http/cves/2021/CVE-2021-21087.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-21087 cwe-id: CWE-79 epss-score: 0.00186 - epss-percentile: 0.55142 + epss-percentile: 0.54967 cpe: cpe:2.3:a:adobe:coldfusion:2016:-:*:*:*:*:*:* metadata: max-request: 7 diff --git a/http/cves/2021/CVE-2021-21234.yaml b/http/cves/2021/CVE-2021-21234.yaml index 6d65ff2dff..ef5c8c40b0 100644 --- a/http/cves/2021/CVE-2021-21234.yaml +++ b/http/cves/2021/CVE-2021-21234.yaml @@ -22,8 +22,8 @@ info: cvss-score: 7.7 cve-id: CVE-2021-21234 cwe-id: CWE-22 - epss-score: 0.96845 - epss-percentile: 0.99679 + epss-score: 0.96798 + epss-percentile: 0.99621 cpe: cpe:2.3:a:spring-boot-actuator-logview_project:spring-boot-actuator-logview:*:*:*:*:*:*:*:* metadata: max-request: 4 diff --git a/http/cves/2021/CVE-2021-21311.yaml b/http/cves/2021/CVE-2021-21311.yaml index 0c57d314c6..deec236dce 100644 --- a/http/cves/2021/CVE-2021-21311.yaml +++ b/http/cves/2021/CVE-2021-21311.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.2 cve-id: CVE-2021-21311 cwe-id: CWE-918 - epss-score: 0.02092 - epss-percentile: 0.889 + epss-score: 0.01485 + epss-percentile: 0.85417 cpe: cpe:2.3:a:adminer:adminer:*:*:*:*:*:*:*:* metadata: max-request: 6 diff --git a/http/cves/2021/CVE-2021-21315.yaml b/http/cves/2021/CVE-2021-21315.yaml index ef3ac4118c..e8f3a80ca9 100644 --- a/http/cves/2021/CVE-2021-21315.yaml +++ b/http/cves/2021/CVE-2021-21315.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-21315 cwe-id: CWE-78 epss-score: 0.97233 - epss-percentile: 0.99828 + epss-percentile: 0.99827 cpe: cpe:2.3:a:systeminformation:systeminformation:*:*:*:*:*:node.js:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21345.yaml b/http/cves/2021/CVE-2021-21345.yaml index a700a90fcf..b56b65a5f9 100644 --- a/http/cves/2021/CVE-2021-21345.yaml +++ b/http/cves/2021/CVE-2021-21345.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.9 cve-id: CVE-2021-21345 cwe-id: CWE-78,CWE-502 - epss-score: 0.4541 - epss-percentile: 0.97334 + epss-score: 0.4876 + epss-percentile: 0.9721 cpe: cpe:2.3:a:xstream_project:xstream:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21402.yaml b/http/cves/2021/CVE-2021-21402.yaml index eebb637df8..e90378933e 100644 --- a/http/cves/2021/CVE-2021-21402.yaml +++ b/http/cves/2021/CVE-2021-21402.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-21402 cwe-id: CWE-22 epss-score: 0.15589 - epss-percentile: 0.95795 + epss-percentile: 0.95782 cpe: cpe:2.3:a:jellyfin:jellyfin:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-21745.yaml b/http/cves/2021/CVE-2021-21745.yaml index 39499924de..c54a547634 100644 --- a/http/cves/2021/CVE-2021-21745.yaml +++ b/http/cves/2021/CVE-2021-21745.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-21745 cwe-id: CWE-352 epss-score: 0.26168 - epss-percentile: 0.96634 + epss-percentile: 0.96622 cpe: cpe:2.3:o:zte:mf971r_firmware:v1.0.0b05:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21799.yaml b/http/cves/2021/CVE-2021-21799.yaml index a40c4f0f85..1eda609ee0 100644 --- a/http/cves/2021/CVE-2021-21799.yaml +++ b/http/cves/2021/CVE-2021-21799.yaml @@ -13,16 +13,13 @@ info: reference: - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1270 - https://nvd.nist.gov/vuln/detail/CVE-2021-21799 - - https://github.com/ARPSyndicate/cvemon - - https://github.com/ARPSyndicate/kenzer-templates - - https://github.com/Live-Hack-CVE/CVE-2021-21799 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-21799 cwe-id: CWE-79 - epss-score: 0.79822 - epss-percentile: 0.98233 + epss-score: 0.83144 + epss-percentile: 0.98156 cpe: cpe:2.3:a:advantech:r-seenet:2.4.12:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-21801.yaml b/http/cves/2021/CVE-2021-21801.yaml index fe694240db..a04d3decde 100644 --- a/http/cves/2021/CVE-2021-21801.yaml +++ b/http/cves/2021/CVE-2021-21801.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-21801 cwe-id: CWE-79 - epss-score: 0.79822 - epss-percentile: 0.98233 + epss-score: 0.83144 + epss-percentile: 0.98185 cpe: cpe:2.3:a:advantech:r-seenet:2.4.12:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21816.yaml b/http/cves/2021/CVE-2021-21816.yaml index 031e4ce11b..29bac1e008 100644 --- a/http/cves/2021/CVE-2021-21816.yaml +++ b/http/cves/2021/CVE-2021-21816.yaml @@ -19,8 +19,8 @@ info: cvss-score: 4.3 cve-id: CVE-2021-21816 cwe-id: CWE-200 - epss-score: 0.00243 - epss-percentile: 0.63865 + epss-score: 0.00229 + epss-percentile: 0.60334 cpe: cpe:2.3:o:dlink:dir-3040_firmware:1.13b03:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21881.yaml b/http/cves/2021/CVE-2021-21881.yaml index 88ffae4dee..45061f9c32 100644 --- a/http/cves/2021/CVE-2021-21881.yaml +++ b/http/cves/2021/CVE-2021-21881.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-21881 cwe-id: CWE-78 epss-score: 0.97001 - epss-percentile: 0.99728 + epss-percentile: 0.99723 cpe: cpe:2.3:o:lantronix:premierwave_2050_firmware:8.9.0.0:r4:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-21978.yaml b/http/cves/2021/CVE-2021-21978.yaml index 9c12e27212..dd10fe8e66 100644 --- a/http/cves/2021/CVE-2021-21978.yaml +++ b/http/cves/2021/CVE-2021-21978.yaml @@ -24,7 +24,7 @@ info: cve-id: CVE-2021-21978 cwe-id: CWE-20 epss-score: 0.97469 - epss-percentile: 0.99957 + epss-percentile: 0.99959 cpe: cpe:2.3:a:vmware:view_planner:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21985.yaml b/http/cves/2021/CVE-2021-21985.yaml index f1187b23aa..a7ad7f0a67 100644 --- a/http/cves/2021/CVE-2021-21985.yaml +++ b/http/cves/2021/CVE-2021-21985.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-21985 cwe-id: CWE-20 epss-score: 0.97407 - epss-percentile: 0.99923 + epss-percentile: 0.9992 cpe: cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-22053.yaml b/http/cves/2021/CVE-2021-22053.yaml index 747643d383..cc98baa4c0 100644 --- a/http/cves/2021/CVE-2021-22053.yaml +++ b/http/cves/2021/CVE-2021-22053.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2021-22053 cwe-id: CWE-94 - epss-score: 0.54052 - epss-percentile: 0.97572 + epss-score: 0.51942 + epss-percentile: 0.97288 cpe: cpe:2.3:a:vmware:spring_cloud_netflix:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-22054.yaml b/http/cves/2021/CVE-2021-22054.yaml index c4a935a52e..e96b40f597 100644 --- a/http/cves/2021/CVE-2021-22054.yaml +++ b/http/cves/2021/CVE-2021-22054.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-22054 cwe-id: CWE-918 - epss-score: 0.7582 - epss-percentile: 0.98106 + epss-score: 0.74813 + epss-percentile: 0.98065 cpe: cpe:2.3:a:vmware:workspace_one_uem_console:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-22122.yaml b/http/cves/2021/CVE-2021-22122.yaml index 3dd8f21b0f..35cf72e9b8 100644 --- a/http/cves/2021/CVE-2021-22122.yaml +++ b/http/cves/2021/CVE-2021-22122.yaml @@ -15,14 +15,13 @@ info: - https://twitter.com/ptswarm/status/1357316793753362433 - https://fortiguard.com/advisory/FG-IR-20-122 - https://nvd.nist.gov/vuln/detail/CVE-2021-22122 - - https://github.com/sobinge/nuclei-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-22122 cwe-id: CWE-79 - epss-score: 0.04564 - epss-percentile: 0.9235 + epss-score: 0.00609 + epss-percentile: 0.76286 cpe: cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-22205.yaml b/http/cves/2021/CVE-2021-22205.yaml index 17251d0529..9909ce0fba 100644 --- a/http/cves/2021/CVE-2021-22205.yaml +++ b/http/cves/2021/CVE-2021-22205.yaml @@ -22,8 +22,8 @@ info: cvss-score: 10 cve-id: CVE-2021-22205 cwe-id: CWE-94 - epss-score: 0.97463 - epss-percentile: 0.99951 + epss-score: 0.97333 + epss-percentile: 0.99868 cpe: cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-22502.yaml b/http/cves/2021/CVE-2021-22502.yaml index b83fd51e6f..cb68b9daba 100644 --- a/http/cves/2021/CVE-2021-22502.yaml +++ b/http/cves/2021/CVE-2021-22502.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-22502 cwe-id: CWE-78 epss-score: 0.95993 - epss-percentile: 0.99439 + epss-percentile: 0.99434 cpe: cpe:2.3:a:microfocus:operation_bridge_reporter:10.40:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-22707.yaml b/http/cves/2021/CVE-2021-22707.yaml index c5b4ed29e1..843d4a9253 100644 --- a/http/cves/2021/CVE-2021-22707.yaml +++ b/http/cves/2021/CVE-2021-22707.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-22707 cwe-id: CWE-798 - epss-score: 0.29559 - epss-percentile: 0.96817 + epss-score: 0.27092 + epss-percentile: 0.96671 cpe: cpe:2.3:o:schneider-electric:evlink_city_evc1s22p4_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-22911.yaml b/http/cves/2021/CVE-2021-22911.yaml index 88c5d02cb0..8ae52aa88f 100644 --- a/http/cves/2021/CVE-2021-22911.yaml +++ b/http/cves/2021/CVE-2021-22911.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-22911 cwe-id: CWE-75,NVD-CWE-Other epss-score: 0.94773 - epss-percentile: 0.99228 + epss-percentile: 0.99209 cpe: cpe:2.3:a:rocket.chat:rocket.chat:3.11.0:-:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24155.yaml b/http/cves/2021/CVE-2021-24155.yaml index 366ea8fba3..244295f61e 100644 --- a/http/cves/2021/CVE-2021-24155.yaml +++ b/http/cves/2021/CVE-2021-24155.yaml @@ -14,14 +14,13 @@ info: - https://wordpress.org/plugins/backup/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24155 - http://packetstormsecurity.com/files/163382/WordPress-Backup-Guard-1.5.8-Shell-Upload.html - - https://github.com/Hacker5preme/Exploits classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2021-24155 cwe-id: CWE-434 - epss-score: 0.96326 - epss-percentile: 0.9952 + epss-score: 0.95488 + epss-percentile: 0.99234 cpe: cpe:2.3:a:backup-guard:backup_guard:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24210.yaml b/http/cves/2021/CVE-2021-24210.yaml index b4044f325b..b7f98bd5fd 100644 --- a/http/cves/2021/CVE-2021-24210.yaml +++ b/http/cves/2021/CVE-2021-24210.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-24210 cwe-id: CWE-601 epss-score: 0.00129 - epss-percentile: 0.46988 + epss-percentile: 0.47553 cpe: cpe:2.3:a:kiboit:phastpress:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24214.yaml b/http/cves/2021/CVE-2021-24214.yaml index 62b7dd3475..4595b089bc 100644 --- a/http/cves/2021/CVE-2021-24214.yaml +++ b/http/cves/2021/CVE-2021-24214.yaml @@ -25,11 +25,12 @@ info: cpe: cpe:2.3:a:daggerhartlab:openid_connect_generic_client:3.8.0:*:*:*:*:wordpress:*:* metadata: verified: true - max-request: 2 + max-request: 1 vendor: daggerhartlab - product: "openid_connect_generic_client" + product: openid_connect_generic_client framework: wordpress tags: cve2021,cve,wpscan,wordpress,xss,wp-plugin,wp,openid,daggerhartlab + flow: http(1) && http(2) http: diff --git a/http/cves/2021/CVE-2021-24215.yaml b/http/cves/2021/CVE-2021-24215.yaml index cf781b7791..663bb6f686 100644 --- a/http/cves/2021/CVE-2021-24215.yaml +++ b/http/cves/2021/CVE-2021-24215.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-24215 cwe-id: CWE-425,CWE-284 - epss-score: 0.30288 - epss-percentile: 0.96847 + epss-score: 0.19113 + epss-percentile: 0.9615 cpe: cpe:2.3:a:wpruby:controlled_admin_access:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24226.yaml b/http/cves/2021/CVE-2021-24226.yaml index 74ab08bc07..0c2abeb26f 100644 --- a/http/cves/2021/CVE-2021-24226.yaml +++ b/http/cves/2021/CVE-2021-24226.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-24226 cwe-id: CWE-200 epss-score: 0.03058 - epss-percentile: 0.90813 + epss-percentile: 0.90773 cpe: cpe:2.3:a:accessally:accessally:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24227.yaml b/http/cves/2021/CVE-2021-24227.yaml index c54a9728cc..547d54e72c 100644 --- a/http/cves/2021/CVE-2021-24227.yaml +++ b/http/cves/2021/CVE-2021-24227.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-24227 cwe-id: CWE-200 epss-score: 0.02607 - epss-percentile: 0.90096 + epss-percentile: 0.9006 cpe: cpe:2.3:a:patreon:patreon_wordpress:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24236.yaml b/http/cves/2021/CVE-2021-24236.yaml index 114fddd0f9..d670c0c1cb 100644 --- a/http/cves/2021/CVE-2021-24236.yaml +++ b/http/cves/2021/CVE-2021-24236.yaml @@ -15,14 +15,13 @@ info: - https://wordpress.org/plugins/imagements/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24236 - https://nvd.nist.gov/vuln/detail/CVE-2021-24236 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: "CVE-2021-24236" cwe-id: CWE-434 - epss-score: 0.16906 - epss-percentile: 0.95942 + epss-score: 0.15028 + epss-percentile: 0.95292 cpe: cpe:2.3:a:imagements_project:imagements:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24237.yaml b/http/cves/2021/CVE-2021-24237.yaml index 68f5735a4e..21a538f9ff 100644 --- a/http/cves/2021/CVE-2021-24237.yaml +++ b/http/cves/2021/CVE-2021-24237.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-24237 cwe-id: CWE-79 epss-score: 0.00265 - epss-percentile: 0.65655 + epss-percentile: 0.65501 cpe: cpe:2.3:a:purethemes:findeo:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24239.yaml b/http/cves/2021/CVE-2021-24239.yaml index 6210150c8b..ffb9928f4c 100644 --- a/http/cves/2021/CVE-2021-24239.yaml +++ b/http/cves/2021/CVE-2021-24239.yaml @@ -19,15 +19,16 @@ info: cve-id: CVE-2021-24239 cwe-id: CWE-79 epss-score: 0.00129 - epss-percentile: 0.46988 + epss-percentile: 0.47461 cpe: cpe:2.3:a:genetechsolutions:pie_register:*:*:*:*:*:wordpress:*:* metadata: verified: true - max-request: 2 + max-request: 1 vendor: genetechsolutions - product: "pie_register" + product: pie_register framework: wordpress tags: cve2021,cve,xss,pie-register,wp,wpscan,genetechsolutions,wordpress + flow: http(1) && http(2) http: diff --git a/http/cves/2021/CVE-2021-24245.yaml b/http/cves/2021/CVE-2021-24245.yaml index 74ea297e4d..d2c93c402b 100644 --- a/http/cves/2021/CVE-2021-24245.yaml +++ b/http/cves/2021/CVE-2021-24245.yaml @@ -24,11 +24,12 @@ info: epss-percentile: 0.60494 cpe: cpe:2.3:a:trumani:stop_spammers:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: trumani - product: "stop_spammers" + product: stop_spammers framework: wordpress tags: cve2021,cve,wpscan,wordpress,xss,wp-plugin,packetstorm,trumani + flow: http(1) && http(2) http: diff --git a/http/cves/2021/CVE-2021-24275.yaml b/http/cves/2021/CVE-2021-24275.yaml index 60ad92268f..b1ce96f7aa 100644 --- a/http/cves/2021/CVE-2021-24275.yaml +++ b/http/cves/2021/CVE-2021-24275.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-24275 cwe-id: CWE-79 epss-score: 0.00231 - epss-percentile: 0.60645 + epss-percentile: 0.60494 cpe: cpe:2.3:a:supsystic:popup:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24285.yaml b/http/cves/2021/CVE-2021-24285.yaml index 4056d311c3..ae2c5774ce 100644 --- a/http/cves/2021/CVE-2021-24285.yaml +++ b/http/cves/2021/CVE-2021-24285.yaml @@ -13,15 +13,13 @@ info: - https://codevigilant.com/disclosure/2021/wp-plugin-cars-seller-auto-classifieds-script-sql-injection/ - https://wpscan.com/vulnerability/f35d6ab7-dd52-48b3-a79c-3f89edf24162 - https://codevigilant.com/disclosure/2021/24-04-2021-wp-plugin-cars-seller-auto-classifieds-script-sql-injection/ - - https://github.com/ARPSyndicate/cvemon - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-24285 cwe-id: CWE-89 - epss-score: 0.10381 - epss-percentile: 0.94878 + epss-score: 0.21023 + epss-percentile: 0.95973 cpe: cpe:2.3:a:cars-seller-auto-classifieds-script_project:cars-seller-auto-classifieds-script:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24286.yaml b/http/cves/2021/CVE-2021-24286.yaml index 38c8888b52..88ac97423a 100644 --- a/http/cves/2021/CVE-2021-24286.yaml +++ b/http/cves/2021/CVE-2021-24286.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2021-24286 cwe-id: CWE-79 epss-score: 0.00231 - epss-percentile: 0.60645 + epss-percentile: 0.60494 cpe: cpe:2.3:a:mooveagency:redirect_404_to_parent:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24287.yaml b/http/cves/2021/CVE-2021-24287.yaml index 561ab7405e..74cc20d62f 100644 --- a/http/cves/2021/CVE-2021-24287.yaml +++ b/http/cves/2021/CVE-2021-24287.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-24287 cwe-id: CWE-79 epss-score: 0.00231 - epss-percentile: 0.60645 + epss-percentile: 0.60494 cpe: cpe:2.3:a:mooveagency:select_all_categories_and_taxonomies\,_change_checkbox_to_radio_buttons:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24288.yaml b/http/cves/2021/CVE-2021-24288.yaml index 51c531ce11..5c4fd0d54d 100644 --- a/http/cves/2021/CVE-2021-24288.yaml +++ b/http/cves/2021/CVE-2021-24288.yaml @@ -12,15 +12,13 @@ info: reference: - https://wpscan.com/vulnerability/56628862-1687-4862-9ed4-145d8dfbca97 - https://nvd.nist.gov/vuln/detail/CVE-2021-24288 - - https://github.com/ARPSyndicate/kenzer-templates - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24288 cwe-id: CWE-601 - epss-score: 0.00137 - epss-percentile: 0.48509 + epss-score: 0.00129 + epss-percentile: 0.47456 cpe: cpe:2.3:a:acymailing:acymailing:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24291.yaml b/http/cves/2021/CVE-2021-24291.yaml index a82274d7d6..ce684b06b9 100644 --- a/http/cves/2021/CVE-2021-24291.yaml +++ b/http/cves/2021/CVE-2021-24291.yaml @@ -14,15 +14,13 @@ info: - https://wpscan.com/vulnerability/cfb982b2-8b6d-4345-b3ab-3d2b130b873a - https://packetstormsecurity.com/files/162227/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24291 - - https://github.com/ARPSyndicate/cvemon - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24291 cwe-id: CWE-79 - epss-score: 0.0012 - epss-percentile: 0.45597 + epss-score: 0.00084 + epss-percentile: 0.34815 cpe: cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24298.yaml b/http/cves/2021/CVE-2021-24298.yaml index 87ff1dbc11..6b404a1450 100644 --- a/http/cves/2021/CVE-2021-24298.yaml +++ b/http/cves/2021/CVE-2021-24298.yaml @@ -22,14 +22,15 @@ info: cve-id: CVE-2021-24298 cwe-id: CWE-79 epss-score: 0.00123 - epss-percentile: 0.45967 + epss-percentile: 0.45761 cpe: cpe:2.3:a:ibenic:simple_giveaways:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: ibenic - product: "simple_giveaways" + product: simple_giveaways framework: wordpress tags: cve2021,cve,wpscan,wordpress,xss,wp-plugin,ibenic + flow: http(1) && http(2) http: diff --git a/http/cves/2021/CVE-2021-24320.yaml b/http/cves/2021/CVE-2021-24320.yaml index a0602df7eb..931e5c7568 100644 --- a/http/cves/2021/CVE-2021-24320.yaml +++ b/http/cves/2021/CVE-2021-24320.yaml @@ -24,11 +24,12 @@ info: epss-percentile: 0.45256 cpe: cpe:2.3:a:bold-themes:bello:*:*:*:*:*:wordpress:*:* metadata: - max-request: 3 - vendor: "bold-themes" + max-request: 1 + vendor: bold-themes product: bello framework: wordpress tags: cve2021,cve,wordpress,xss,wp-plugin,wpscan,bold-themes + flow: http(1) && http(2) http: diff --git a/http/cves/2021/CVE-2021-24335.yaml b/http/cves/2021/CVE-2021-24335.yaml index 7e0481e720..7fb2a3b0f2 100644 --- a/http/cves/2021/CVE-2021-24335.yaml +++ b/http/cves/2021/CVE-2021-24335.yaml @@ -24,11 +24,12 @@ info: epss-percentile: 0.54412 cpe: cpe:2.3:a:smartdatasoft:car_repair_services_\&_auto_mechanic:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: smartdatasoft - product: "car_repair_services_\\&_auto_mechanic" + product: car_repair_services_\&_auto_mechanic framework: wordpress tags: cve2021,cve,wordpress,xss,wp-plugin,wpscan,smartdatasoft + flow: http(1) && http(2) http: diff --git a/http/cves/2021/CVE-2021-24340.yaml b/http/cves/2021/CVE-2021-24340.yaml index 4f155e4e22..8a3bc70e9e 100644 --- a/http/cves/2021/CVE-2021-24340.yaml +++ b/http/cves/2021/CVE-2021-24340.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2021-24340 cwe-id: CWE-89 epss-score: 0.01937 - epss-percentile: 0.88416 + epss-percentile: 0.88371 cpe: cpe:2.3:a:veronalabs:wp_statistics:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24342.yaml b/http/cves/2021/CVE-2021-24342.yaml index 9287b73782..1bef78b439 100644 --- a/http/cves/2021/CVE-2021-24342.yaml +++ b/http/cves/2021/CVE-2021-24342.yaml @@ -20,14 +20,15 @@ info: cve-id: CVE-2021-24342 cwe-id: CWE-79 epss-score: 0.00113 - epss-percentile: 0.44091 + epss-percentile: 0.43845 cpe: cpe:2.3:a:jnews:jnews:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: jnews product: jnews framework: wordpress tags: cve2021,cve,wordpress,xss,wp-plugin,wpscan,jnews + flow: http(1) && http(2) http: diff --git a/http/cves/2021/CVE-2021-24364.yaml b/http/cves/2021/CVE-2021-24364.yaml index 1b5f58316b..be784166b6 100644 --- a/http/cves/2021/CVE-2021-24364.yaml +++ b/http/cves/2021/CVE-2021-24364.yaml @@ -21,14 +21,15 @@ info: cve-id: CVE-2021-24364 cwe-id: CWE-79 epss-score: 0.00113 - epss-percentile: 0.44091 + epss-percentile: 0.43845 cpe: cpe:2.3:a:tielabs:jannah:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: tielabs product: jannah framework: wordpress tags: cve2021,cve,wordpress,xss,wp-theme,wpscan,tielabs + flow: http(1) && http(2) http: diff --git a/http/cves/2021/CVE-2021-24370.yaml b/http/cves/2021/CVE-2021-24370.yaml index 1b6dc9bb3b..a06cf1d193 100644 --- a/http/cves/2021/CVE-2021-24370.yaml +++ b/http/cves/2021/CVE-2021-24370.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-24370 cwe-id: CWE-434 - epss-score: 0.12534 - epss-percentile: 0.9533 + epss-score: 0.11015 + epss-percentile: 0.95013 cpe: cpe:2.3:a:radykal:fancy_product_designer:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24387.yaml b/http/cves/2021/CVE-2021-24387.yaml index a4fa89e81f..08e7ae5460 100644 --- a/http/cves/2021/CVE-2021-24387.yaml +++ b/http/cves/2021/CVE-2021-24387.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-24387 cwe-id: CWE-79 epss-score: 0.00154 - epss-percentile: 0.50971 + epss-percentile: 0.50743 cpe: cpe:2.3:a:contempothemes:real_estate_7:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24389.yaml b/http/cves/2021/CVE-2021-24389.yaml index 64b8642401..5942caf4dc 100644 --- a/http/cves/2021/CVE-2021-24389.yaml +++ b/http/cves/2021/CVE-2021-24389.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-24389 cwe-id: CWE-79 epss-score: 0.00168 - epss-percentile: 0.52795 + epss-percentile: 0.526 cpe: cpe:2.3:a:chimpgroup:foodbakery:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24407.yaml b/http/cves/2021/CVE-2021-24407.yaml index 7835c492da..ebcb45d7dd 100644 --- a/http/cves/2021/CVE-2021-24407.yaml +++ b/http/cves/2021/CVE-2021-24407.yaml @@ -23,11 +23,12 @@ info: epss-percentile: 0.58055 cpe: cpe:2.3:a:tielabs:jannah:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 + max-request: 1 vendor: tielabs product: jannah framework: wordpress tags: cve2021,cve,wordpress,xss,wp-theme,wpscan,tielabs + flow: http(1) && http(2) http: diff --git a/http/cves/2021/CVE-2021-24409.yaml b/http/cves/2021/CVE-2021-24409.yaml index 82107f12da..f91d354aeb 100644 --- a/http/cves/2021/CVE-2021-24409.yaml +++ b/http/cves/2021/CVE-2021-24409.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-24409 cwe-id: CWE-79 - epss-score: 0.00171 - epss-percentile: 0.53365 + epss-score: 0.00161 + epss-percentile: 0.51755 cpe: cpe:2.3:a:plugin-planet:prismatic:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24435.yaml b/http/cves/2021/CVE-2021-24435.yaml index 594ce8f538..e8d4e6ca7e 100644 --- a/http/cves/2021/CVE-2021-24435.yaml +++ b/http/cves/2021/CVE-2021-24435.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-24435 cwe-id: CWE-79 epss-score: 0.0014 - epss-percentile: 0.48889 + epss-percentile: 0.4866 cpe: cpe:2.3:a:gambit:titan_framework:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24436.yaml b/http/cves/2021/CVE-2021-24436.yaml index a3eb2a4d1c..899f45d529 100644 --- a/http/cves/2021/CVE-2021-24436.yaml +++ b/http/cves/2021/CVE-2021-24436.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-24436 cwe-id: CWE-79 - epss-score: 0.00106 - epss-percentile: 0.42403 + epss-score: 0.001 + epss-percentile: 0.4009 cpe: cpe:2.3:a:boldgrid:w3_total_cache:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24442.yaml b/http/cves/2021/CVE-2021-24442.yaml index 6864009424..b27503e1ae 100644 --- a/http/cves/2021/CVE-2021-24442.yaml +++ b/http/cves/2021/CVE-2021-24442.yaml @@ -26,7 +26,7 @@ info: product: poll\,_survey\,_questionnaire_and_voting_system framework: wordpress publicwww-query: "/wp-content/plugins/polls-widget/" - tags: wpscan,cve,cve2021,wp,wp-plugin,wordpress,polls-widget,sqli,wpdevart + tags: wpscan,cve,cve2021,wp,wp-plugin,wordpress,polls-widget,sqli http: - raw: diff --git a/http/cves/2021/CVE-2021-24452.yaml b/http/cves/2021/CVE-2021-24452.yaml index 525f5636ad..6788b79fdb 100644 --- a/http/cves/2021/CVE-2021-24452.yaml +++ b/http/cves/2021/CVE-2021-24452.yaml @@ -13,14 +13,13 @@ info: - https://wpscan.com/vulnerability/3e855e09-056f-45b5-89a9-d644b7d8c9d0 - https://wordpress.org/plugins/w3-total-cache/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24452 - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24452 cwe-id: CWE-79 - epss-score: 0.00106 - epss-percentile: 0.42403 + epss-score: 0.001 + epss-percentile: 0.4078 cpe: cpe:2.3:a:boldgrid:w3_total_cache:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24472.yaml b/http/cves/2021/CVE-2021-24472.yaml index 6d51b4931f..8745bb19f8 100644 --- a/http/cves/2021/CVE-2021-24472.yaml +++ b/http/cves/2021/CVE-2021-24472.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-24472 cwe-id: CWE-918 epss-score: 0.04362 - epss-percentile: 0.92189 + epss-percentile: 0.92159 cpe: cpe:2.3:a:qantumthemes:kentharadio:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24499.yaml b/http/cves/2021/CVE-2021-24499.yaml index 7a9b814e12..a77f371ed5 100644 --- a/http/cves/2021/CVE-2021-24499.yaml +++ b/http/cves/2021/CVE-2021-24499.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-24499 cwe-id: CWE-434 epss-score: 0.16767 - epss-percentile: 0.95918 + epss-percentile: 0.9591 cpe: cpe:2.3:a:amentotech:workreap:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24554.yaml b/http/cves/2021/CVE-2021-24554.yaml index ec14ebe6a9..eb76bcf50c 100644 --- a/http/cves/2021/CVE-2021-24554.yaml +++ b/http/cves/2021/CVE-2021-24554.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.2 cve-id: CVE-2021-24554 cwe-id: CWE-89 - epss-score: 0.30355 - epss-percentile: 0.96852 + epss-score: 0.20268 + epss-percentile: 0.95935 cpe: cpe:2.3:a:freelancetoindia:paytm-pay:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24627.yaml b/http/cves/2021/CVE-2021-24627.yaml index ef74117340..23ec47cec5 100644 --- a/http/cves/2021/CVE-2021-24627.yaml +++ b/http/cves/2021/CVE-2021-24627.yaml @@ -16,8 +16,8 @@ info: cvss-score: 7.2 cve-id: CVE-2021-24627 cwe-id: CWE-89 - epss-score: 0.20268 - epss-percentile: 0.96259 + epss-score: 0.14515 + epss-percentile: 0.95609 cpe: cpe:2.3:a:g_auto-hyperlink_project:g_auto-hyperlink:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24731.yaml b/http/cves/2021/CVE-2021-24731.yaml index c0e0de3c13..34085ea7cf 100644 --- a/http/cves/2021/CVE-2021-24731.yaml +++ b/http/cves/2021/CVE-2021-24731.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-24731 cwe-id: CWE-89 - epss-score: 0.18177 - epss-percentile: 0.96073 + epss-score: 0.14786 + epss-percentile: 0.95651 cpe: cpe:2.3:a:genetechsolutions:pie_register:*:*:*:*:*:wordpress:*:* metadata: verified: "true" diff --git a/http/cves/2021/CVE-2021-24746.yaml b/http/cves/2021/CVE-2021-24746.yaml index c4c316e435..e70a4f07bc 100644 --- a/http/cves/2021/CVE-2021-24746.yaml +++ b/http/cves/2021/CVE-2021-24746.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2021-24746 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42379 + epss-percentile: 0.42122 cpe: cpe:2.3:a:heateor:sassy_social_share:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24827.yaml b/http/cves/2021/CVE-2021-24827.yaml index 978238ef4a..b5fcefc9e4 100644 --- a/http/cves/2021/CVE-2021-24827.yaml +++ b/http/cves/2021/CVE-2021-24827.yaml @@ -15,14 +15,13 @@ info: - https://wordpress.org/plugins/asgaros-forum/ - https://plugins.trac.wordpress.org/changeset/2611560/asgaros-forum - https://nvd.nist.gov/vuln/detail/CVE-2021-24827 - - https://github.com/20142995/sectool classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-24827 cwe-id: CWE-89 - epss-score: 0.12887 - epss-percentile: 0.95383 + epss-score: 0.11843 + epss-percentile: 0.94798 cpe: cpe:2.3:a:asgaros:asgaros_forum:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24849.yaml b/http/cves/2021/CVE-2021-24849.yaml index 1864ddc701..8709514ac1 100644 --- a/http/cves/2021/CVE-2021-24849.yaml +++ b/http/cves/2021/CVE-2021-24849.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2021-24849 cwe-id: CWE-89 epss-score: 0.02367 - epss-percentile: 0.89609 + epss-percentile: 0.89583 cpe: cpe:2.3:a:wclovers:frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -26,7 +26,7 @@ info: product: "frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible" framework: wordpress publicwww-query: "/wp-content/plugins/wc-multivendor-marketplace" - tags: wpscan,cve,cve2021,wp,wp-plugin,wordpress,wc-multivendor-marketplace,sqli,wclovers + tags: wpscan,cve,cve2021,wp,wp-plugin,wordpress,wc-multivendor-marketplace,sqli flow: http(1) && http(2) http: diff --git a/http/cves/2021/CVE-2021-24862.yaml b/http/cves/2021/CVE-2021-24862.yaml index 01d1c1fefe..1f03c3cb18 100644 --- a/http/cves/2021/CVE-2021-24862.yaml +++ b/http/cves/2021/CVE-2021-24862.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.2 cve-id: CVE-2021-24862 cwe-id: CWE-89 - epss-score: 0.74553 - epss-percentile: 0.98079 + epss-score: 0.72686 + epss-percentile: 0.97816 cpe: cpe:2.3:a:metagauss:registrationmagic:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24875.yaml b/http/cves/2021/CVE-2021-24875.yaml index cfce15bf72..523b7e7fbc 100644 --- a/http/cves/2021/CVE-2021-24875.yaml +++ b/http/cves/2021/CVE-2021-24875.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-24875 cwe-id: CWE-79 epss-score: 0.00143 - epss-percentile: 0.49441 + epss-percentile: 0.50097 cpe: cpe:2.3:a:implecode:ecommerce_product_catalog:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24891.yaml b/http/cves/2021/CVE-2021-24891.yaml index 101c23ab26..adeac5087a 100644 --- a/http/cves/2021/CVE-2021-24891.yaml +++ b/http/cves/2021/CVE-2021-24891.yaml @@ -23,11 +23,12 @@ info: epss-percentile: 0.45185 cpe: cpe:2.3:a:elementor:website_builder:*:*:*:*:*:wordpress:*:* metadata: - max-request: 3 + max-request: 2 vendor: elementor - product: "website_builder" + product: website_builder framework: wordpress tags: cve2021,cve,wordpress,wp-plugin,elementor,wpscan,dom,xss + flow: http(1) && http(2) http: diff --git a/http/cves/2021/CVE-2021-24910.yaml b/http/cves/2021/CVE-2021-24910.yaml index fcbb0a2dab..27372f4be3 100644 --- a/http/cves/2021/CVE-2021-24910.yaml +++ b/http/cves/2021/CVE-2021-24910.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-24910 cwe-id: CWE-79 epss-score: 0.00086 - epss-percentile: 0.35592 + epss-percentile: 0.35299 cpe: cpe:2.3:a:transposh:transposh_wordpress_translation:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24915.yaml b/http/cves/2021/CVE-2021-24915.yaml index bae1e76b1b..c52440bb78 100644 --- a/http/cves/2021/CVE-2021-24915.yaml +++ b/http/cves/2021/CVE-2021-24915.yaml @@ -16,8 +16,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-24915 cwe-id: CWE-89 - epss-score: 0.22232 - epss-percentile: 0.96391 + epss-score: 0.22351 + epss-percentile: 0.96057 cpe: cpe:2.3:a:contest_gallery:contest_gallery:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24917.yaml b/http/cves/2021/CVE-2021-24917.yaml index 85006e4b41..28a468b30b 100644 --- a/http/cves/2021/CVE-2021-24917.yaml +++ b/http/cves/2021/CVE-2021-24917.yaml @@ -12,15 +12,13 @@ info: - https://wpscan.com/vulnerability/15bb711a-7d70-4891-b7a2-c473e3e8b375 - https://nvd.nist.gov/vuln/detail/CVE-2021-24917 - https://wordpress.org/support/topic/bypass-security-issue/ - - https://github.com/Whiteh4tWolf/pentest - - https://github.com/dikalasenjadatang/CVE-2021-24917 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-24917 cwe-id: CWE-863 - epss-score: 0.02933 - epss-percentile: 0.90636 + epss-score: 0.03563 + epss-percentile: 0.90675 cpe: cpe:2.3:a:wpserveur:wps_hide_login:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24940.yaml b/http/cves/2021/CVE-2021-24940.yaml index ac6d2823ed..6eb73e7bd6 100644 --- a/http/cves/2021/CVE-2021-24940.yaml +++ b/http/cves/2021/CVE-2021-24940.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-24940 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42379 + epss-percentile: 0.42899 cpe: cpe:2.3:a:woocommerce:persian-woocommerce:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24943.yaml b/http/cves/2021/CVE-2021-24943.yaml index 9cebf4ea82..b85b13fc17 100644 --- a/http/cves/2021/CVE-2021-24943.yaml +++ b/http/cves/2021/CVE-2021-24943.yaml @@ -26,7 +26,7 @@ info: product: registrations_for_the_events_calendar framework: wordpress publicwww-query: "/wp-content/plugins/registrations-for-the-events-calendar/" - tags: wpscan,cve,cve2021,wp,wp-plugin,wordpress,sqli,registrations-for-the-events-calendar,roundupwp + tags: wpscan,cve,cve2021,wp,wp-plugin,wordpress,sqli,registrations-for-the-events-calendar variables: text: "{{rand_base(5)}}" diff --git a/http/cves/2021/CVE-2021-24946.yaml b/http/cves/2021/CVE-2021-24946.yaml index 3e5773ad41..77765a0524 100644 --- a/http/cves/2021/CVE-2021-24946.yaml +++ b/http/cves/2021/CVE-2021-24946.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-24946 cwe-id: CWE-89 - epss-score: 0.12753 - epss-percentile: 0.95359 + epss-score: 0.12445 + epss-percentile: 0.94942 cpe: cpe:2.3:a:webnus:modern_events_calendar_lite:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24947.yaml b/http/cves/2021/CVE-2021-24947.yaml index 9fca6e0d2a..9796ad8438 100644 --- a/http/cves/2021/CVE-2021-24947.yaml +++ b/http/cves/2021/CVE-2021-24947.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2021-24947 cwe-id: CWE-352,CWE-863 - epss-score: 0.00348 - epss-percentile: 0.71305 + epss-score: 0.00315 + epss-percentile: 0.69672 cpe: cpe:2.3:a:thinkupthemes:responsive_vector_maps:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24956.yaml b/http/cves/2021/CVE-2021-24956.yaml index 0340ebc3dc..9b4a2d747b 100644 --- a/http/cves/2021/CVE-2021-24956.yaml +++ b/http/cves/2021/CVE-2021-24956.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2021-24956 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42379 + epss-percentile: 0.42122 cpe: cpe:2.3:a:adenion:blog2social:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24970.yaml b/http/cves/2021/CVE-2021-24970.yaml index 79d034c760..cdc485b1ed 100644 --- a/http/cves/2021/CVE-2021-24970.yaml +++ b/http/cves/2021/CVE-2021-24970.yaml @@ -13,14 +13,13 @@ info: - https://wpscan.com/vulnerability/9b15d47e-43b6-49a8-b2c3-b99c92101e10 - https://wordpress.org/plugins/all-in-one-video-gallery - https://nvd.nist.gov/vuln/detail/CVE-2021-24970 - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2021-24970 cwe-id: CWE-22 - epss-score: 0.0297 - epss-percentile: 0.90684 + epss-score: 0.03639 + epss-percentile: 0.90767 cpe: cpe:2.3:a:plugins360:all-in-one_video_gallery:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24979.yaml b/http/cves/2021/CVE-2021-24979.yaml index c0e90e6b5d..7ec3b86095 100644 --- a/http/cves/2021/CVE-2021-24979.yaml +++ b/http/cves/2021/CVE-2021-24979.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2021-24979 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40385 + epss-percentile: 0.40832 cpe: cpe:2.3:a:strangerstudios:paid_memberships_pro:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24991.yaml b/http/cves/2021/CVE-2021-24991.yaml index e9629fc5b8..cd027638f0 100644 --- a/http/cves/2021/CVE-2021-24991.yaml +++ b/http/cves/2021/CVE-2021-24991.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-24991 cwe-id: CWE-79 epss-score: 0.00069 - epss-percentile: 0.28841 + epss-percentile: 0.28508 cpe: cpe:2.3:a:wpovernight:woocommerce_pdf_invoices\&_packing_slips:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-25065.yaml b/http/cves/2021/CVE-2021-25065.yaml index 5b24c139e8..b93d7867d1 100644 --- a/http/cves/2021/CVE-2021-25065.yaml +++ b/http/cves/2021/CVE-2021-25065.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2021-25065 cwe-id: CWE-79 epss-score: 0.00069 - epss-percentile: 0.28649 + epss-percentile: 0.2831 cpe: cpe:2.3:a:smashballoon:smash_balloon_social_post_feed:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25074.yaml b/http/cves/2021/CVE-2021-25074.yaml index eb86b28964..726e7dd13e 100644 --- a/http/cves/2021/CVE-2021-25074.yaml +++ b/http/cves/2021/CVE-2021-25074.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-25074 cwe-id: CWE-601 epss-score: 0.00106 - epss-percentile: 0.42379 + epss-percentile: 0.42122 cpe: cpe:2.3:a:webp_converter_for_media_project:webp_converter_for_media:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-25078.yaml b/http/cves/2021/CVE-2021-25078.yaml index b2069a3598..40a84382ea 100644 --- a/http/cves/2021/CVE-2021-25078.yaml +++ b/http/cves/2021/CVE-2021-25078.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-25078 cwe-id: CWE-79 epss-score: 0.00382 - epss-percentile: 0.72632 + epss-percentile: 0.72505 cpe: cpe:2.3:a:wpaffiliatemanager:affiliates_manager:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25079.yaml b/http/cves/2021/CVE-2021-25079.yaml index 39a853c837..8966b0c494 100644 --- a/http/cves/2021/CVE-2021-25079.yaml +++ b/http/cves/2021/CVE-2021-25079.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2021-25079 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40385 + epss-percentile: 0.40882 cpe: cpe:2.3:a:crmperks:contact_form_entries:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25104.yaml b/http/cves/2021/CVE-2021-25104.yaml index dfbf940547..ece0c65050 100644 --- a/http/cves/2021/CVE-2021-25104.yaml +++ b/http/cves/2021/CVE-2021-25104.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-25104 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42379 + epss-percentile: 0.42122 cpe: cpe:2.3:a:oceanwp:ocean_extra:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25114.yaml b/http/cves/2021/CVE-2021-25114.yaml index ed6ab05cb7..6b5942531e 100644 --- a/http/cves/2021/CVE-2021-25114.yaml +++ b/http/cves/2021/CVE-2021-25114.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-25114 cwe-id: CWE-89 epss-score: 0.0412 - epss-percentile: 0.91994 + epss-percentile: 0.91962 cpe: cpe:2.3:a:strangerstudios:paid_memberships_pro:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25120.yaml b/http/cves/2021/CVE-2021-25120.yaml index 52035e3791..88e63fa569 100644 --- a/http/cves/2021/CVE-2021-25120.yaml +++ b/http/cves/2021/CVE-2021-25120.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2021-25120 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42379 + epss-percentile: 0.42122 cpe: cpe:2.3:a:easysocialfeed:easy_social_feed:*:*:*:*:pro:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-25296.yaml b/http/cves/2021/CVE-2021-25296.yaml index 386bf79f80..bcf503b7ff 100644 --- a/http/cves/2021/CVE-2021-25296.yaml +++ b/http/cves/2021/CVE-2021-25296.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2021-25296 cwe-id: CWE-78 - epss-score: 0.90308 - epss-percentile: 0.98756 + epss-score: 0.89514 + epss-percentile: 0.98511 cpe: cpe:2.3:a:nagios:nagios_xi:5.7.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25297.yaml b/http/cves/2021/CVE-2021-25297.yaml index 179210efa3..389f33f82b 100644 --- a/http/cves/2021/CVE-2021-25297.yaml +++ b/http/cves/2021/CVE-2021-25297.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2021-25297 cwe-id: CWE-78 - epss-score: 0.90308 - epss-percentile: 0.98756 + epss-score: 0.90211 + epss-percentile: 0.98732 cpe: cpe:2.3:a:nagios:nagios_xi:5.7.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25298.yaml b/http/cves/2021/CVE-2021-25298.yaml index 2b2cd67108..214437d510 100644 --- a/http/cves/2021/CVE-2021-25298.yaml +++ b/http/cves/2021/CVE-2021-25298.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2021-25298 cwe-id: CWE-78 - epss-score: 0.97296 - epss-percentile: 0.99855 + epss-score: 0.97349 + epss-percentile: 0.9988 cpe: cpe:2.3:a:nagios:nagios_xi:5.7.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25899.yaml b/http/cves/2021/CVE-2021-25899.yaml index 021d47d2bb..1042351d65 100644 --- a/http/cves/2021/CVE-2021-25899.yaml +++ b/http/cves/2021/CVE-2021-25899.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-25899 cwe-id: CWE-89 epss-score: 0.50721 - epss-percentile: 0.97473 + epss-percentile: 0.9747 cpe: cpe:2.3:a:void:aurall_rec_monitor:9.0.0.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-26086.yaml b/http/cves/2021/CVE-2021-26086.yaml index d70c6339e5..ade22c35b2 100644 --- a/http/cves/2021/CVE-2021-26086.yaml +++ b/http/cves/2021/CVE-2021-26086.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5.3 cve-id: CVE-2021-26086 cwe-id: CWE-22 - epss-score: 0.919 - epss-percentile: 0.98876 + epss-score: 0.54993 + epss-percentile: 0.97368 cpe: cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-26247.yaml b/http/cves/2021/CVE-2021-26247.yaml index 907732a840..aed11f963e 100644 --- a/http/cves/2021/CVE-2021-26247.yaml +++ b/http/cves/2021/CVE-2021-26247.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-26247 cwe-id: CWE-79 epss-score: 0.00255 - epss-percentile: 0.64836 + epss-percentile: 0.647 cpe: cpe:2.3:a:cacti:cacti:0.8.7g:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-27132.yaml b/http/cves/2021/CVE-2021-27132.yaml index 942210b631..258f439695 100644 --- a/http/cves/2021/CVE-2021-27132.yaml +++ b/http/cves/2021/CVE-2021-27132.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-27132 cwe-id: CWE-74 epss-score: 0.04569 - epss-percentile: 0.92355 + epss-percentile: 0.92334 cpe: cpe:2.3:o:sercomm:agcombo_vd625_firmware:agsot_2.1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-27309.yaml b/http/cves/2021/CVE-2021-27309.yaml index c6b3c4aa2a..f8a8753b88 100644 --- a/http/cves/2021/CVE-2021-27309.yaml +++ b/http/cves/2021/CVE-2021-27309.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-27309 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42403 + epss-percentile: 0.42925 cpe: cpe:2.3:a:csphere:clansphere:2011.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-27319.yaml b/http/cves/2021/CVE-2021-27319.yaml index 3a2e52ee93..79a39b0365 100644 --- a/http/cves/2021/CVE-2021-27319.yaml +++ b/http/cves/2021/CVE-2021-27319.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-27319 cwe-id: CWE-89 - epss-score: 0.08145 - epss-percentile: 0.94221 + epss-score: 0.08052 + epss-percentile: 0.9371 cpe: cpe:2.3:a:doctor_appointment_system_project:doctor_appointment_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-27330.yaml b/http/cves/2021/CVE-2021-27330.yaml index c6209c67c4..4053b5d34e 100644 --- a/http/cves/2021/CVE-2021-27330.yaml +++ b/http/cves/2021/CVE-2021-27330.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-27330 cwe-id: CWE-79 epss-score: 0.00437 - epss-percentile: 0.74322 + epss-percentile: 0.74213 cpe: cpe:2.3:a:triconsole:datepicker_calendar:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-27520.yaml b/http/cves/2021/CVE-2021-27520.yaml index 97b4a037dd..4554d3323b 100644 --- a/http/cves/2021/CVE-2021-27520.yaml +++ b/http/cves/2021/CVE-2021-27520.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-27520 cwe-id: CWE-79 epss-score: 0.00217 - epss-percentile: 0.5913 + epss-percentile: 0.59015 cpe: cpe:2.3:a:fudforum:fudforum:3.1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-27850.yaml b/http/cves/2021/CVE-2021-27850.yaml index ef6eb54015..e174da05da 100644 --- a/http/cves/2021/CVE-2021-27850.yaml +++ b/http/cves/2021/CVE-2021-27850.yaml @@ -15,14 +15,13 @@ info: - https://lists.apache.org/thread.html/r237ff7f286bda31682c254550c1ebf92b0ec61329b32fbeb2d1c8751%40%3Cusers.tapestry.apache.org%3E - http://www.openwall.com/lists/oss-security/2021/04/15/1 - https://security.netapp.com/advisory/ntap-20210528-0002/ - - https://github.com/HimmelAward/Goby_POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-27850 cwe-id: CWE-502,CWE-200 - epss-score: 0.97403 - epss-percentile: 0.99919 + epss-score: 0.97388 + epss-percentile: 0.99903 cpe: cpe:2.3:a:apache:tapestry:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-28164.yaml b/http/cves/2021/CVE-2021-28164.yaml index 7ab8c13419..5eb0b5cd04 100644 --- a/http/cves/2021/CVE-2021-28164.yaml +++ b/http/cves/2021/CVE-2021-28164.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-28164 cwe-id: CWE-200,NVD-CWE-Other epss-score: 0.04805 - epss-percentile: 0.92562 + epss-percentile: 0.9254 cpe: cpe:2.3:a:eclipse:jetty:9.4.37:20210219:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-28169.yaml b/http/cves/2021/CVE-2021-28169.yaml index bf922809d7..3ccf2f9491 100644 --- a/http/cves/2021/CVE-2021-28169.yaml +++ b/http/cves/2021/CVE-2021-28169.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5.3 cve-id: CVE-2021-28169 cwe-id: CWE-200,NVD-CWE-Other - epss-score: 0.00436 - epss-percentile: 0.743 + epss-score: 0.00401 + epss-percentile: 0.70865 cpe: cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-28377.yaml b/http/cves/2021/CVE-2021-28377.yaml index 4d5f797665..1959824f21 100644 --- a/http/cves/2021/CVE-2021-28377.yaml +++ b/http/cves/2021/CVE-2021-28377.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2021-28377 cwe-id: CWE-22 epss-score: 0.00106 - epss-percentile: 0.4239 + epss-percentile: 0.42913 cpe: cpe:2.3:a:chronoengine:chronoforums:2.0.11:*:*:*:*:joomla:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-28937.yaml b/http/cves/2021/CVE-2021-28937.yaml index 42cd8292eb..c6825729e2 100644 --- a/http/cves/2021/CVE-2021-28937.yaml +++ b/http/cves/2021/CVE-2021-28937.yaml @@ -13,15 +13,13 @@ info: - https://blog-ssh3ll.medium.com/acexy-wireless-n-wifi-repeater-vulnerabilities-8bd5d14a2990 - http://acexy.com - https://nvd.nist.gov/vuln/detail/CVE-2021-28937 - - https://github.com/ARPSyndicate/cvemon - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-28937 cwe-id: CWE-312 - epss-score: 0.03261 - epss-percentile: 0.91084 + epss-score: 0.02476 + epss-percentile: 0.88958 cpe: cpe:2.3:o:acexy:wireless-n_wifi_repeater_firmware:28.08.06.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-29200.yaml b/http/cves/2021/CVE-2021-29200.yaml index bc21f18ef2..3c02de645f 100644 --- a/http/cves/2021/CVE-2021-29200.yaml +++ b/http/cves/2021/CVE-2021-29200.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-29200 cwe-id: CWE-502 - epss-score: 0.86664 - epss-percentile: 0.98539 + epss-score: 0.90403 + epss-percentile: 0.98567 cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-29203.yaml b/http/cves/2021/CVE-2021-29203.yaml index 044b5c5028..b18961aec3 100644 --- a/http/cves/2021/CVE-2021-29203.yaml +++ b/http/cves/2021/CVE-2021-29203.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-29203 cwe-id: CWE-306 - epss-score: 0.95415 - epss-percentile: 0.99329 + epss-score: 0.95519 + epss-percentile: 0.99258 cpe: cpe:2.3:a:hp:edgeline_infrastructure_manager:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-29441.yaml b/http/cves/2021/CVE-2021-29441.yaml index 614b5c171c..da543fd483 100644 --- a/http/cves/2021/CVE-2021-29441.yaml +++ b/http/cves/2021/CVE-2021-29441.yaml @@ -28,7 +28,7 @@ info: cve-id: CVE-2021-29441 cwe-id: CWE-290 epss-score: 0.96598 - epss-percentile: 0.99605 + epss-percentile: 0.99603 cpe: cpe:2.3:a:alibaba:nacos:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-29442.yaml b/http/cves/2021/CVE-2021-29442.yaml index 91fe5a7f46..a1e8009c16 100644 --- a/http/cves/2021/CVE-2021-29442.yaml +++ b/http/cves/2021/CVE-2021-29442.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-29442 cwe-id: CWE-306 - epss-score: 0.96724 - epss-percentile: 0.99642 + epss-score: 0.9676 + epss-percentile: 0.99596 cpe: cpe:2.3:a:alibaba:nacos:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-29622.yaml b/http/cves/2021/CVE-2021-29622.yaml index 7e6c092c43..97e6c6a595 100644 --- a/http/cves/2021/CVE-2021-29622.yaml +++ b/http/cves/2021/CVE-2021-29622.yaml @@ -13,14 +13,13 @@ info: - https://github.com/prometheus/prometheus/releases/tag/v2.26.1 - https://github.com/prometheus/prometheus/releases/tag/v2.27.1 - https://nvd.nist.gov/vuln/detail/CVE-2021-29622 - - https://github.com/StarCrossPortal/scalpel classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-29622 cwe-id: CWE-601 - epss-score: 0.00287 - epss-percentile: 0.68351 + epss-score: 0.00269 + epss-percentile: 0.64358 cpe: cpe:2.3:a:prometheus:prometheus:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-29625.yaml b/http/cves/2021/CVE-2021-29625.yaml index 7106894ed0..8d1ab155a5 100644 --- a/http/cves/2021/CVE-2021-29625.yaml +++ b/http/cves/2021/CVE-2021-29625.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-29625 cwe-id: CWE-79 - epss-score: 0.00236 - epss-percentile: 0.61146 + epss-score: 0.00222 + epss-percentile: 0.60557 cpe: cpe:2.3:a:adminer:adminer:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-30134.yaml b/http/cves/2021/CVE-2021-30134.yaml index a80c2ab9a3..73e42c7040 100644 --- a/http/cves/2021/CVE-2021-30134.yaml +++ b/http/cves/2021/CVE-2021-30134.yaml @@ -13,14 +13,13 @@ info: reference: - https://wpscan.com/vulnerability/0b547728-27d2-402e-ae17-90d539344ec7 - https://nvd.nist.gov/vuln/detail/CVE-2021-30134 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-30134 cwe-id: CWE-79 - epss-score: 0.00099 - epss-percentile: 0.40109 + epss-score: 0.00097 + epss-percentile: 0.40139 cpe: cpe:2.3:a:php_curl_class_project:php_curl_class:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-3017.yaml b/http/cves/2021/CVE-2021-3017.yaml index a2b69fcc04..ec903a4255 100644 --- a/http/cves/2021/CVE-2021-3017.yaml +++ b/http/cves/2021/CVE-2021-3017.yaml @@ -20,7 +20,7 @@ info: cvss-score: 7.5 cve-id: CVE-2021-3017 epss-score: 0.01527 - epss-percentile: 0.86787 + epss-percentile: 0.86768 cpe: cpe:2.3:o:intelbras:win_300_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-3019.yaml b/http/cves/2021/CVE-2021-3019.yaml index c87404413a..81cd4fd3aa 100644 --- a/http/cves/2021/CVE-2021-3019.yaml +++ b/http/cves/2021/CVE-2021-3019.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-3019 cwe-id: CWE-22 epss-score: 0.00832 - epss-percentile: 0.81706 + epss-percentile: 0.81646 cpe: cpe:2.3:a:lanproxy_project:lanproxy:0.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-30213.yaml b/http/cves/2021/CVE-2021-30213.yaml index 4ea283e05b..c7db2df945 100644 --- a/http/cves/2021/CVE-2021-30213.yaml +++ b/http/cves/2021/CVE-2021-30213.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-30213 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42403 + epss-percentile: 0.42145 cpe: cpe:2.3:a:eng:knowage:7.3.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-3110.yaml b/http/cves/2021/CVE-2021-3110.yaml index 70af7f987c..ca1e66df46 100644 --- a/http/cves/2021/CVE-2021-3110.yaml +++ b/http/cves/2021/CVE-2021-3110.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-3110 cwe-id: CWE-89 epss-score: 0.83896 - epss-percentile: 0.98405 + epss-percentile: 0.98387 cpe: cpe:2.3:a:prestashop:prestashop:1.7.7.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-31195.yaml b/http/cves/2021/CVE-2021-31195.yaml index 7a18f2f3d6..6c895b086f 100644 --- a/http/cves/2021/CVE-2021-31195.yaml +++ b/http/cves/2021/CVE-2021-31195.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2021-31195 cwe-id: CWE-79 - epss-score: 0.93247 - epss-percentile: 0.99028 + epss-score: 0.92095 + epss-percentile: 0.98883 cpe: cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-31249.yaml b/http/cves/2021/CVE-2021-31249.yaml index ce9b99e1a9..a57cd84820 100644 --- a/http/cves/2021/CVE-2021-31249.yaml +++ b/http/cves/2021/CVE-2021-31249.yaml @@ -14,14 +14,13 @@ info: - https://www.chiyu-tech.com/msg/message-Firmware-update-87.html - https://seguranca-informatica.pt/dancing-in-the-iot-chiyu-devices-vulnerable-to-remote-attacks/ - https://nvd.nist.gov/vuln/detail/CVE-2021-31249 - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N cvss-score: 6.5 cve-id: CVE-2021-31249 cwe-id: CWE-74 epss-score: 0.00331 - epss-percentile: 0.70642 + epss-percentile: 0.68046 cpe: cpe:2.3:o:chiyu-tech:bf-430_firmware:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-31250.yaml b/http/cves/2021/CVE-2021-31250.yaml index 6350fb588b..d41300c112 100644 --- a/http/cves/2021/CVE-2021-31250.yaml +++ b/http/cves/2021/CVE-2021-31250.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-31250 cwe-id: CWE-79 epss-score: 0.97079 - epss-percentile: 0.99756 + epss-percentile: 0.99728 cpe: cpe:2.3:o:chiyu-tech:bf-430_firmware:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-3129.yaml b/http/cves/2021/CVE-2021-3129.yaml index 92b880699b..1cf253f02b 100644 --- a/http/cves/2021/CVE-2021-3129.yaml +++ b/http/cves/2021/CVE-2021-3129.yaml @@ -20,7 +20,7 @@ info: cvss-score: 9.8 cve-id: CVE-2021-3129 epss-score: 0.97468 - epss-percentile: 0.99957 + epss-percentile: 0.99958 cpe: cpe:2.3:a:facade:ignition:*:*:*:*:*:laravel:*:* metadata: max-request: 6 diff --git a/http/cves/2021/CVE-2021-31581.yaml b/http/cves/2021/CVE-2021-31581.yaml index 9933b769b1..8deb6bf7e7 100644 --- a/http/cves/2021/CVE-2021-31581.yaml +++ b/http/cves/2021/CVE-2021-31581.yaml @@ -12,15 +12,13 @@ info: - https://threatpost.com/unpatched-bugs-provisioning-cisco-uc/166882/ - https://www.rapid7.com/blog/post/2021/06/08/akkadian-provisioning-manager-multiple-vulnerabilities-disclosure/ - https://nvd.nist.gov/vuln/detail/CVE-2021-31581 - - https://github.com/ARPSyndicate/kenzer-templates - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N cvss-score: 4.4 cve-id: CVE-2021-31581 cwe-id: CWE-312,CWE-269 - epss-score: 0.00213 - epss-percentile: 0.58705 + epss-score: 0.00285 + epss-percentile: 0.65373 cpe: cpe:2.3:a:akkadianlabs:ova_appliance:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-31589.yaml b/http/cves/2021/CVE-2021-31589.yaml index bfeee2fe67..1e4a75e5bd 100644 --- a/http/cves/2021/CVE-2021-31589.yaml +++ b/http/cves/2021/CVE-2021-31589.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-31589 cwe-id: CWE-79 epss-score: 0.00286 - epss-percentile: 0.68306 + epss-percentile: 0.65537 cpe: cpe:2.3:o:beyondtrust:appliance_base_software:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-31602.yaml b/http/cves/2021/CVE-2021-31602.yaml index 5bd8d4cfaf..e17f57dc74 100644 --- a/http/cves/2021/CVE-2021-31602.yaml +++ b/http/cves/2021/CVE-2021-31602.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-31602 cwe-id: CWE-287 epss-score: 0.36115 - epss-percentile: 0.97064 + epss-percentile: 0.97042 cpe: cpe:2.3:a:hitachi:vantara_pentaho:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-32030.yaml b/http/cves/2021/CVE-2021-32030.yaml index 6b8d23a390..25b19de27b 100644 --- a/http/cves/2021/CVE-2021-32030.yaml +++ b/http/cves/2021/CVE-2021-32030.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-32030 cwe-id: CWE-287 epss-score: 0.48092 - epss-percentile: 0.97412 + epss-percentile: 0.9739 cpe: cpe:2.3:o:asus:gt-ac2900_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-32618.yaml b/http/cves/2021/CVE-2021-32618.yaml index 807a51b36d..aad17cfa4e 100644 --- a/http/cves/2021/CVE-2021-32618.yaml +++ b/http/cves/2021/CVE-2021-32618.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-32618 cwe-id: CWE-601 epss-score: 0.00113 - epss-percentile: 0.44006 + epss-percentile: 0.43765 cpe: cpe:2.3:a:flask-security_project:flask-security:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-32789.yaml b/http/cves/2021/CVE-2021-32789.yaml index fcb686039c..c81574a4a4 100644 --- a/http/cves/2021/CVE-2021-32789.yaml +++ b/http/cves/2021/CVE-2021-32789.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-32789 cwe-id: CWE-89 - epss-score: 0.11906 - epss-percentile: 0.9522 + epss-score: 0.09336 + epss-percentile: 0.94559 cpe: cpe:2.3:a:automattic:woocommerce_blocks:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-32820.yaml b/http/cves/2021/CVE-2021-32820.yaml index 9b6484e30c..14579e4856 100644 --- a/http/cves/2021/CVE-2021-32820.yaml +++ b/http/cves/2021/CVE-2021-32820.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-32820 cwe-id: CWE-94,CWE-200 epss-score: 0.01304 - epss-percentile: 0.85621 + epss-percentile: 0.85598 cpe: cpe:2.3:a:express_handlebars_project:express_handlebars:*:*:*:*:*:node.js:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-32853.yaml b/http/cves/2021/CVE-2021-32853.yaml index 2b6842cdae..5c5fd48f84 100644 --- a/http/cves/2021/CVE-2021-32853.yaml +++ b/http/cves/2021/CVE-2021-32853.yaml @@ -14,14 +14,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-3285 - https://github.com/erxes/erxes/blob/f131b49add72032650d483f044d00658908aaf4a/widgets/server/views/widget.ejs#L14 - https://github.com/erxes/erxes/blob/f131b49add72032650d483f044d00658908aaf4a/widgets/server/index.ts#L54 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H cvss-score: 9.6 cve-id: CVE-2021-32853 cwe-id: CWE-79 - epss-score: 0.01809 - epss-percentile: 0.87919 + epss-score: 0.01224 + epss-percentile: 0.83856 cpe: cpe:2.3:a:erxes:erxes:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-3293.yaml b/http/cves/2021/CVE-2021-3293.yaml index d23f35b8c7..30cb8939c1 100644 --- a/http/cves/2021/CVE-2021-3293.yaml +++ b/http/cves/2021/CVE-2021-3293.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-3293 cwe-id: CWE-22 epss-score: 0.003 - epss-percentile: 0.69051 + epss-percentile: 0.68887 cpe: cpe:2.3:a:emlog:emlog:5.3.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-33044.yaml b/http/cves/2021/CVE-2021-33044.yaml index d3aa02b681..169ea1437a 100644 --- a/http/cves/2021/CVE-2021-33044.yaml +++ b/http/cves/2021/CVE-2021-33044.yaml @@ -14,14 +14,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-33044 - https://seclists.org/fulldisclosure/2021/Oct/13 - https://www.dahuasecurity.com/support/cybersecurity/details/957 - - https://github.com/Z0fhack/Goby_POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-33044 cwe-id: CWE-287 epss-score: 0.29051 - epss-percentile: 0.96789 + epss-percentile: 0.96446 cpe: cpe:2.3:o:dahuasecurity:ipc-hum7xxx_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-3374.yaml b/http/cves/2021/CVE-2021-3374.yaml index 884f69f63b..0aac62c649 100644 --- a/http/cves/2021/CVE-2021-3374.yaml +++ b/http/cves/2021/CVE-2021-3374.yaml @@ -13,15 +13,13 @@ info: - https://github.com/colemanjp/shinyserver-directory-traversal-source-code-leak - https://blog.rstudio.com/2021/01/13/shiny-server-1-5-16-update/ - https://nvd.nist.gov/vuln/detail/CVE-2021-3374 - - https://github.com/Elsfa7-110/kenzer-templates - - https://github.com/colemanjp/rstudio-shiny-server-directory-traversal-source-code-leak classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2021-3374 cwe-id: CWE-22 epss-score: 0.00235 - epss-percentile: 0.60998 + epss-percentile: 0.61534 cpe: cpe:2.3:a:rstudio:shiny_server:*:*:*:*:pro:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-3377.yaml b/http/cves/2021/CVE-2021-3377.yaml index 0be92ce0eb..e4d7af1171 100644 --- a/http/cves/2021/CVE-2021-3377.yaml +++ b/http/cves/2021/CVE-2021-3377.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-3377 cwe-id: CWE-79 epss-score: 0.00129 - epss-percentile: 0.46988 + epss-percentile: 0.46774 cpe: cpe:2.3:a:ansi_up_project:ansi_up:*:*:*:*:*:node.js:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-34429.yaml b/http/cves/2021/CVE-2021-34429.yaml index b959b1294c..549950afe5 100644 --- a/http/cves/2021/CVE-2021-34429.yaml +++ b/http/cves/2021/CVE-2021-34429.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5.3 cve-id: CVE-2021-34429 cwe-id: CWE-200,NVD-CWE-Other - epss-score: 0.47555 - epss-percentile: 0.97399 + epss-score: 0.45704 + epss-percentile: 0.97324 cpe: cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-34640.yaml b/http/cves/2021/CVE-2021-34640.yaml index 6c9b79a8ff..7dd6ecef37 100644 --- a/http/cves/2021/CVE-2021-34640.yaml +++ b/http/cves/2021/CVE-2021-34640.yaml @@ -14,14 +14,13 @@ info: - https://www.wordfence.com/vulnerability-advisories/#CVE-2021-34640 - https://plugins.trac.wordpress.org/browser/securimage-wp-fixed/trunk/securimage-wp.php#L628 - https://nvd.nist.gov/vuln/detail/CVE-2021-34640 - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-34640 cwe-id: CWE-79 epss-score: 0.00116 - epss-percentile: 0.44635 + epss-percentile: 0.45185 cpe: cpe:2.3:a:securimage-wp-fixed_project:securimage-wp-fixed:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-35336.yaml b/http/cves/2021/CVE-2021-35336.yaml index fbce0c0220..3ee693b34b 100644 --- a/http/cves/2021/CVE-2021-35336.yaml +++ b/http/cves/2021/CVE-2021-35336.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-35336 cwe-id: CWE-1188 - epss-score: 0.06037 - epss-percentile: 0.93358 + epss-score: 0.0793 + epss-percentile: 0.94105 cpe: cpe:2.3:o:tieline:ip_audtio_gateway_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-35380.yaml b/http/cves/2021/CVE-2021-35380.yaml index a40ae8b6a2..b596169069 100644 --- a/http/cves/2021/CVE-2021-35380.yaml +++ b/http/cves/2021/CVE-2021-35380.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-35380 cwe-id: CWE-22 - epss-score: 0.40357 - epss-percentile: 0.97194 + epss-score: 0.23467 + epss-percentile: 0.96147 cpe: cpe:2.3:a:solari:termtalk_server:3.24.0.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-35395.yaml b/http/cves/2021/CVE-2021-35395.yaml index 7c0fa46f44..b585dcd25f 100644 --- a/http/cves/2021/CVE-2021-35395.yaml +++ b/http/cves/2021/CVE-2021-35395.yaml @@ -12,13 +12,12 @@ info: - https://blogs.juniper.net/en-us/threat-research/attacks-continue-against-realtek-vulnerabilities - https://www.realtek.com/en/cu-1-en/cu-1-taiwan-en - https://www.realtek.com/images/safe-report/Realtek_APRouter_SDK_Advisory-CVE-2021-35392_35395.pdf - - https://github.com/Knighthana/YABWF classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-35395 - epss-score: 0.96915 - epss-percentile: 0.99699 + epss-score: 0.97119 + epss-percentile: 0.99744 cpe: cpe:2.3:a:realtek:realtek_jungle_sdk:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-36356.yaml b/http/cves/2021/CVE-2021-36356.yaml index 719656b0b6..8dbb5f01fd 100644 --- a/http/cves/2021/CVE-2021-36356.yaml +++ b/http/cves/2021/CVE-2021-36356.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-36356 cwe-id: CWE-434 - epss-score: 0.8918 - epss-percentile: 0.98686 + epss-score: 0.90558 + epss-percentile: 0.98752 cpe: cpe:2.3:a:kramerav:viaware:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-36450.yaml b/http/cves/2021/CVE-2021-36450.yaml index 7644f789c0..9b1384b83b 100644 --- a/http/cves/2021/CVE-2021-36450.yaml +++ b/http/cves/2021/CVE-2021-36450.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-36450 cwe-id: CWE-79 epss-score: 0.00229 - epss-percentile: 0.60556 + epss-percentile: 0.61111 cpe: cpe:2.3:a:verint:workforce_optimization:15.2.8.10048:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-3654.yaml b/http/cves/2021/CVE-2021-3654.yaml index 7b6d77e5be..8aa4290aa7 100644 --- a/http/cves/2021/CVE-2021-3654.yaml +++ b/http/cves/2021/CVE-2021-3654.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-3654 cwe-id: CWE-601 epss-score: 0.92596 - epss-percentile: 0.98956 + epss-percentile: 0.98944 cpe: cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-36748.yaml b/http/cves/2021/CVE-2021-36748.yaml index 3a88cefeda..b0fbfc8323 100644 --- a/http/cves/2021/CVE-2021-36748.yaml +++ b/http/cves/2021/CVE-2021-36748.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-36748 cwe-id: CWE-89 - epss-score: 0.00641 - epss-percentile: 0.78856 + epss-score: 0.0061 + epss-percentile: 0.78175 cpe: cpe:2.3:a:prestahome:blog:*:*:*:*:*:prestashop:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-37304.yaml b/http/cves/2021/CVE-2021-37304.yaml index e512d5144d..b104b46306 100644 --- a/http/cves/2021/CVE-2021-37304.yaml +++ b/http/cves/2021/CVE-2021-37304.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2021-37304 cwe-id: CWE-732 epss-score: 0.00703 - epss-percentile: 0.7997 + epss-percentile: 0.79899 cpe: cpe:2.3:a:jeecg:jeecg:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-37305.yaml b/http/cves/2021/CVE-2021-37305.yaml index e9f0cf587f..cedd33c523 100644 --- a/http/cves/2021/CVE-2021-37305.yaml +++ b/http/cves/2021/CVE-2021-37305.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2021-37305 cwe-id: CWE-732 epss-score: 0.00416 - epss-percentile: 0.73681 + epss-percentile: 0.73616 cpe: cpe:2.3:a:jeecg:jeecg:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-37416.yaml b/http/cves/2021/CVE-2021-37416.yaml index 79e2170f94..7f39e871e9 100644 --- a/http/cves/2021/CVE-2021-37416.yaml +++ b/http/cves/2021/CVE-2021-37416.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-37416 cwe-id: CWE-79 - epss-score: 0.0014 - epss-percentile: 0.49028 + epss-score: 0.00118 + epss-percentile: 0.44933 cpe: cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-37573.yaml b/http/cves/2021/CVE-2021-37573.yaml index 086e32617d..6719103fb9 100644 --- a/http/cves/2021/CVE-2021-37573.yaml +++ b/http/cves/2021/CVE-2021-37573.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-37573 cwe-id: CWE-79 epss-score: 0.00303 - epss-percentile: 0.692 + epss-percentile: 0.69043 cpe: cpe:2.3:a:tiny_java_web_server_project:tiny_java_web_server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-37704.yaml b/http/cves/2021/CVE-2021-37704.yaml index ab27c14680..424a0a1b8c 100644 --- a/http/cves/2021/CVE-2021-37704.yaml +++ b/http/cves/2021/CVE-2021-37704.yaml @@ -20,8 +20,8 @@ info: cvss-score: 4.3 cve-id: CVE-2021-37704 cwe-id: CWE-668,CWE-200 - epss-score: 0.0062 - epss-percentile: 0.78464 + epss-score: 0.00547 + epss-percentile: 0.76969 cpe: cpe:2.3:a:phpfastcache:phpfastcache:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-38540.yaml b/http/cves/2021/CVE-2021-38540.yaml index 3ea28ccc5e..4b7c585909 100644 --- a/http/cves/2021/CVE-2021-38540.yaml +++ b/http/cves/2021/CVE-2021-38540.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-38540 cwe-id: CWE-306,CWE-269 - epss-score: 0.01647 - epss-percentile: 0.87328 + epss-score: 0.01445 + epss-percentile: 0.8529 cpe: cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-38704.yaml b/http/cves/2021/CVE-2021-38704.yaml index cdfbac1569..4973f46fed 100644 --- a/http/cves/2021/CVE-2021-38704.yaml +++ b/http/cves/2021/CVE-2021-38704.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-38704 cwe-id: CWE-79 epss-score: 0.00141 - epss-percentile: 0.4913 + epss-percentile: 0.48901 cpe: cpe:2.3:a:cliniccases:cliniccases:7.3.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-38751.yaml b/http/cves/2021/CVE-2021-38751.yaml index 32a15f789a..5bacfe740c 100644 --- a/http/cves/2021/CVE-2021-38751.yaml +++ b/http/cves/2021/CVE-2021-38751.yaml @@ -13,15 +13,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-38751 - https://github.com/exponentcms/exponent-cms/issues/1544 - https://github.com/exponentcms/exponent-cms/blob/a9fa9358c5e8dc2ce7ad61d7d5bea38505b8515c/exponent_constants.php#L56-L64 - - https://github.com/ARPSyndicate/cvemon - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N cvss-score: 4.3 cve-id: CVE-2021-38751 cwe-id: CWE-116 - epss-score: 0.00128 - epss-percentile: 0.46855 + epss-score: 0.00242 + epss-percentile: 0.62095 cpe: cpe:2.3:a:exponentcms:exponentcms:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-39141.yaml b/http/cves/2021/CVE-2021-39141.yaml index 6a0601f52a..d42bbcd990 100644 --- a/http/cves/2021/CVE-2021-39141.yaml +++ b/http/cves/2021/CVE-2021-39141.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-39141 cwe-id: CWE-434 epss-score: 0.25418 - epss-percentile: 0.96597 + epss-percentile: 0.96584 cpe: cpe:2.3:a:xstream_project:xstream:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-39316.yaml b/http/cves/2021/CVE-2021-39316.yaml index e42c51a3e0..b761114089 100644 --- a/http/cves/2021/CVE-2021-39316.yaml +++ b/http/cves/2021/CVE-2021-39316.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-39316 cwe-id: CWE-22 - epss-score: 0.36054 - epss-percentile: 0.97062 + epss-score: 0.38985 + epss-percentile: 0.96896 cpe: cpe:2.3:a:digitalzoomstudio:zoomsounds:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-39320.yaml b/http/cves/2021/CVE-2021-39320.yaml index 856863cc85..77710a19be 100644 --- a/http/cves/2021/CVE-2021-39320.yaml +++ b/http/cves/2021/CVE-2021-39320.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-39320 cwe-id: CWE-79 - epss-score: 0.00214 - epss-percentile: 0.5887 + epss-score: 0.0021 + epss-percentile: 0.58322 cpe: cpe:2.3:a:underconstruction_project:underconstruction:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-39350.yaml b/http/cves/2021/CVE-2021-39350.yaml index 0492934e2f..351539e0d1 100644 --- a/http/cves/2021/CVE-2021-39350.yaml +++ b/http/cves/2021/CVE-2021-39350.yaml @@ -14,14 +14,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-39350 - https://plugins.trac.wordpress.org/changeset/2580834/fv-wordpress-flowplayer/trunk/view/stats.php - https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39350 - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-39350 cwe-id: CWE-79 epss-score: 0.00104 - epss-percentile: 0.41738 + epss-percentile: 0.42206 cpe: cpe:2.3:a:foliovision:fv_flowplayer_video_player:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-39433.yaml b/http/cves/2021/CVE-2021-39433.yaml index 20e022166f..dad8ac22ba 100644 --- a/http/cves/2021/CVE-2021-39433.yaml +++ b/http/cves/2021/CVE-2021-39433.yaml @@ -20,7 +20,7 @@ info: cvss-score: 7.5 cve-id: CVE-2021-39433 epss-score: 0.00637 - epss-percentile: 0.78773 + epss-percentile: 0.78687 cpe: cpe:2.3:a:biqs:biqsdrive:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-39501.yaml b/http/cves/2021/CVE-2021-39501.yaml index 73a49acc39..82b8c6507e 100644 --- a/http/cves/2021/CVE-2021-39501.yaml +++ b/http/cves/2021/CVE-2021-39501.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-39501 cwe-id: CWE-601 epss-score: 0.00093 - epss-percentile: 0.38735 + epss-percentile: 0.38461 cpe: cpe:2.3:a:eyoucms:eyoucms:1.5.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-40150.yaml b/http/cves/2021/CVE-2021-40150.yaml index 6886129d52..2cbbd16b00 100644 --- a/http/cves/2021/CVE-2021-40150.yaml +++ b/http/cves/2021/CVE-2021-40150.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-40150 cwe-id: CWE-552 - epss-score: 0.01059 - epss-percentile: 0.83815 + epss-score: 0.01099 + epss-percentile: 0.82891 cpe: cpe:2.3:o:reolink:e1_zoom_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-40438.yaml b/http/cves/2021/CVE-2021-40438.yaml index 18c7adcb7c..e2fb207a28 100644 --- a/http/cves/2021/CVE-2021-40438.yaml +++ b/http/cves/2021/CVE-2021-40438.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9 cve-id: CVE-2021-40438 cwe-id: CWE-918 - epss-score: 0.97406 - epss-percentile: 0.99923 + epss-score: 0.97372 + epss-percentile: 0.99897 cpe: cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-40651.yaml b/http/cves/2021/CVE-2021-40651.yaml index c7ffe2ffd1..0cb298f8fb 100644 --- a/http/cves/2021/CVE-2021-40651.yaml +++ b/http/cves/2021/CVE-2021-40651.yaml @@ -19,8 +19,8 @@ info: cpe: cpe:2.3:a:os4ed:opensis:8.0:*:*:*:community:*:*:* metadata: max-request: 2 - vendor: os4ed product: opensis + vendor: os4ed shodan-query: "title:\"openSIS\"" tags: cve,cve2021,lfi,os4ed,opensis,authenticated diff --git a/http/cves/2021/CVE-2021-40661.yaml b/http/cves/2021/CVE-2021-40661.yaml index 7afba0553d..c1fffcff14 100644 --- a/http/cves/2021/CVE-2021-40661.yaml +++ b/http/cves/2021/CVE-2021-40661.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-40661 cwe-id: CWE-22 epss-score: 0.01137 - epss-percentile: 0.84453 + epss-percentile: 0.84411 cpe: cpe:2.3:o:mt:ind780_firmware:7.2.10:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-40856.yaml b/http/cves/2021/CVE-2021-40856.yaml index 3cb600ee4a..37a9e66718 100644 --- a/http/cves/2021/CVE-2021-40856.yaml +++ b/http/cves/2021/CVE-2021-40856.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-40856 cwe-id: CWE-706 epss-score: 0.19673 - epss-percentile: 0.96212 + epss-percentile: 0.96195 cpe: cpe:2.3:o:auerswald:comfortel_3600_ip_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-40870.yaml b/http/cves/2021/CVE-2021-40870.yaml index 1624870581..3ee7ed2562 100644 --- a/http/cves/2021/CVE-2021-40870.yaml +++ b/http/cves/2021/CVE-2021-40870.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-40870 cwe-id: CWE-23 - epss-score: 0.92199 - epss-percentile: 0.98902 + epss-score: 0.85536 + epss-percentile: 0.98294 cpe: cpe:2.3:a:aviatrix:controller:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-40875.yaml b/http/cves/2021/CVE-2021-40875.yaml index cf6c886e06..7eefb59c54 100644 --- a/http/cves/2021/CVE-2021-40875.yaml +++ b/http/cves/2021/CVE-2021-40875.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-40875 cwe-id: CWE-425 epss-score: 0.25891 - epss-percentile: 0.96622 + epss-percentile: 0.96608 cpe: cpe:2.3:a:gurock:testrail:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-40968.yaml b/http/cves/2021/CVE-2021-40968.yaml index 0319c9e0dd..6e545de39b 100644 --- a/http/cves/2021/CVE-2021-40968.yaml +++ b/http/cves/2021/CVE-2021-40968.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-40968 cwe-id: CWE-79 epss-score: 0.00152 - epss-percentile: 0.5069 + epss-percentile: 0.50482 cpe: cpe:2.3:a:spotweb_project:spotweb:*:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2021/CVE-2021-40969.yaml b/http/cves/2021/CVE-2021-40969.yaml index aed21ebbc6..3c7e768608 100644 --- a/http/cves/2021/CVE-2021-40969.yaml +++ b/http/cves/2021/CVE-2021-40969.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-40969 cwe-id: CWE-79 epss-score: 0.00152 - epss-percentile: 0.5069 + epss-percentile: 0.51305 cpe: cpe:2.3:a:spotweb_project:spotweb:*:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2021/CVE-2021-41192.yaml b/http/cves/2021/CVE-2021-41192.yaml index 3c9de58db6..6de3ff1b9c 100644 --- a/http/cves/2021/CVE-2021-41192.yaml +++ b/http/cves/2021/CVE-2021-41192.yaml @@ -14,14 +14,13 @@ info: - https://github.com/getredash/redash/security/advisories/GHSA-g8xr-f424-h2rv - https://nvd.nist.gov/vuln/detail/CVE-2021-41192 - https://github.com/getredash/redash/commit/ce60d20c4e3d1537581f2f70f1308fe77ab6a214 - - https://github.com/fardeen-ahmed/Bug-bounty-Writeups classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N cvss-score: 6.5 cve-id: CVE-2021-41192 cwe-id: CWE-1188 - epss-score: 0.00807 - epss-percentile: 0.81401 + epss-score: 0.00805 + epss-percentile: 0.79795 cpe: cpe:2.3:a:redash:redash:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-41266.yaml b/http/cves/2021/CVE-2021-41266.yaml index 51a8767faf..4f568f7cd0 100644 --- a/http/cves/2021/CVE-2021-41266.yaml +++ b/http/cves/2021/CVE-2021-41266.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-41266 cwe-id: CWE-306 epss-score: 0.05383 - epss-percentile: 0.92971 + epss-percentile: 0.92945 cpe: cpe:2.3:a:min:minio_console:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-41277.yaml b/http/cves/2021/CVE-2021-41277.yaml index 3f514d17cd..7729cab239 100644 --- a/http/cves/2021/CVE-2021-41277.yaml +++ b/http/cves/2021/CVE-2021-41277.yaml @@ -25,11 +25,11 @@ info: epss-percentile: 0.99363 cpe: cpe:2.3:a:metabase:metabase:0.40.0:-:*:*:*:*:*:* metadata: - max-request: 2 + max-request: 1 vendor: metabase product: metabase - shodan-query: "http.title:\"Metabase\"" - fofa-query: "app=\"Metabase\"" + shodan-query: http.title:"Metabase" + fofa-query: app="Metabase" tags: cve2021,cve,metabase,lfi http: diff --git a/http/cves/2021/CVE-2021-41282.yaml b/http/cves/2021/CVE-2021-41282.yaml index 08ef2f0799..54567b4bd3 100644 --- a/http/cves/2021/CVE-2021-41282.yaml +++ b/http/cves/2021/CVE-2021-41282.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2021-41282 cwe-id: CWE-74 - epss-score: 0.97251 - epss-percentile: 0.99833 + epss-score: 0.97305 + epss-percentile: 0.9986 cpe: cpe:2.3:a:pfsense:pfsense:2.5.2:*:*:*:*:*:*:* metadata: max-request: 4 diff --git a/http/cves/2021/CVE-2021-41293.yaml b/http/cves/2021/CVE-2021-41293.yaml index 67531a42b2..9b96cd6fbc 100644 --- a/http/cves/2021/CVE-2021-41293.yaml +++ b/http/cves/2021/CVE-2021-41293.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-41293 cwe-id: CWE-22 - epss-score: 0.05275 - epss-percentile: 0.92896 + epss-score: 0.05376 + epss-percentile: 0.92942 cpe: cpe:2.3:o:ecoa:ecs_router_controller-ecs_firmware:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-41381.yaml b/http/cves/2021/CVE-2021-41381.yaml index c0ae395b82..afb1ce8685 100644 --- a/http/cves/2021/CVE-2021-41381.yaml +++ b/http/cves/2021/CVE-2021-41381.yaml @@ -14,14 +14,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-41381 - https://www.payara.fish - http://packetstormsecurity.com/files/164365/Payara-Micro-Community-5.2021.6-Directory-Traversal.html - - https://github.com/Net-hunter121/CVE-2021-41381 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-41381 cwe-id: CWE-22 - epss-score: 0.10583 - epss-percentile: 0.94925 + epss-score: 0.10127 + epss-percentile: 0.94375 cpe: cpe:2.3:a:payara:micro_community:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-41569.yaml b/http/cves/2021/CVE-2021-41569.yaml index 16b5cbe297..8368ef8fa0 100644 --- a/http/cves/2021/CVE-2021-41569.yaml +++ b/http/cves/2021/CVE-2021-41569.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-41569 cwe-id: CWE-829 epss-score: 0.0083 - epss-percentile: 0.81669 + epss-percentile: 0.81604 cpe: cpe:2.3:a:sas:sas\/intrnet:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-41648.yaml b/http/cves/2021/CVE-2021-41648.yaml index ff5d763035..ee2b469f76 100644 --- a/http/cves/2021/CVE-2021-41648.yaml +++ b/http/cves/2021/CVE-2021-41648.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-41648 cwe-id: CWE-89 epss-score: 0.06237 - epss-percentile: 0.93456 + epss-percentile: 0.93438 cpe: cpe:2.3:a:online-shopping-system-advanced_project:online-shopping-system-advanced:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-41649.yaml b/http/cves/2021/CVE-2021-41649.yaml index 78cf660216..27865f7693 100644 --- a/http/cves/2021/CVE-2021-41649.yaml +++ b/http/cves/2021/CVE-2021-41649.yaml @@ -13,15 +13,13 @@ info: - https://github.com/MobiusBinary/CVE-2021-41649 - https://awesomeopensource.com/project/PuneethReddyHC/online-shopping-system - https://nvd.nist.gov/vuln/detail/CVE-2021-41649 - - https://github.com/ARPSyndicate/cvemon - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-41649 cwe-id: CWE-89 - epss-score: 0.07782 - epss-percentile: 0.94088 + epss-score: 0.03607 + epss-percentile: 0.90729 cpe: cpe:2.3:a:online-shopping-system-advanced_project:online-shopping-system-advanced:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-4191.yaml b/http/cves/2021/CVE-2021-4191.yaml index 2800e881f5..599a58daa6 100644 --- a/http/cves/2021/CVE-2021-4191.yaml +++ b/http/cves/2021/CVE-2021-4191.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5.3 cve-id: CVE-2021-4191 cwe-id: CWE-287 - epss-score: 0.78609 - epss-percentile: 0.98194 + epss-score: 0.24657 + epss-percentile: 0.96207 cpe: cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-41951.yaml b/http/cves/2021/CVE-2021-41951.yaml index dbe6e879f9..50fc4f78a2 100644 --- a/http/cves/2021/CVE-2021-41951.yaml +++ b/http/cves/2021/CVE-2021-41951.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-41951 cwe-id: CWE-79 epss-score: 0.74322 - epss-percentile: 0.98071 + epss-percentile: 0.9805 cpe: cpe:2.3:a:montala:resourcespace:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-42063.yaml b/http/cves/2021/CVE-2021-42063.yaml index ae261e1d82..8a99b75474 100644 --- a/http/cves/2021/CVE-2021-42063.yaml +++ b/http/cves/2021/CVE-2021-42063.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-42063 cwe-id: CWE-79 epss-score: 0.00418 - epss-percentile: 0.73734 + epss-percentile: 0.73669 cpe: cpe:2.3:a:sap:knowledge_warehouse:7.30:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-42192.yaml b/http/cves/2021/CVE-2021-42192.yaml index 95cde85119..a4cd97729f 100644 --- a/http/cves/2021/CVE-2021-42192.yaml +++ b/http/cves/2021/CVE-2021-42192.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-42192 cwe-id: CWE-863 epss-score: 0.04146 - epss-percentile: 0.92017 + epss-percentile: 0.91987 cpe: cpe:2.3:a:konga_project:konga:0.14.9:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2021/CVE-2021-42237.yaml b/http/cves/2021/CVE-2021-42237.yaml index a0ab307228..b153f30f63 100644 --- a/http/cves/2021/CVE-2021-42237.yaml +++ b/http/cves/2021/CVE-2021-42237.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-42237 cwe-id: CWE-502 - epss-score: 0.97545 - epss-percentile: 0.99995 + epss-score: 0.97503 + epss-percentile: 0.99978 cpe: cpe:2.3:a:sitecore:experience_platform:7.5:-:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-42565.yaml b/http/cves/2021/CVE-2021-42565.yaml index 5f1d5e2947..8857080df8 100644 --- a/http/cves/2021/CVE-2021-42565.yaml +++ b/http/cves/2021/CVE-2021-42565.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-42565 cwe-id: CWE-79 epss-score: 0.00102 - epss-percentile: 0.40778 + epss-percentile: 0.40517 cpe: cpe:2.3:a:myfactory:fms:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-42667.yaml b/http/cves/2021/CVE-2021-42667.yaml index 3343ddd3f9..d45b646220 100644 --- a/http/cves/2021/CVE-2021-42667.yaml +++ b/http/cves/2021/CVE-2021-42667.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-42667 cwe-id: CWE-89 - epss-score: 0.07393 - epss-percentile: 0.93969 + epss-score: 0.04318 + epss-percentile: 0.91499 cpe: cpe:2.3:a:online_event_booking_and_reservation_system_project:online_event_booking_and_reservation_system:2.3.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-43495.yaml b/http/cves/2021/CVE-2021-43495.yaml index e3585ae95d..a93dedb3b8 100644 --- a/http/cves/2021/CVE-2021-43495.yaml +++ b/http/cves/2021/CVE-2021-43495.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-43495 cwe-id: CWE-22 epss-score: 0.03503 - epss-percentile: 0.91371 + epss-percentile: 0.9064 cpe: cpe:2.3:a:alquistai:alquist:2017-06-13:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-43798.yaml b/http/cves/2021/CVE-2021-43798.yaml index 6dd3c06bb6..7e0ba71aa8 100644 --- a/http/cves/2021/CVE-2021-43798.yaml +++ b/http/cves/2021/CVE-2021-43798.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-43798 cwe-id: CWE-22 epss-score: 0.97474 - epss-percentile: 0.99962 + epss-percentile: 0.99963 cpe: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2021/CVE-2021-44139.yaml b/http/cves/2021/CVE-2021-44139.yaml index ce1306eba8..99c8f046f5 100644 --- a/http/cves/2021/CVE-2021-44139.yaml +++ b/http/cves/2021/CVE-2021-44139.yaml @@ -17,8 +17,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-44139 cwe-id: CWE-918 - epss-score: 0.01303 - epss-percentile: 0.85618 + epss-score: 0.01355 + epss-percentile: 0.84732 cpe: cpe:2.3:a:hashicorp:sentinel:1.8.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-44152.yaml b/http/cves/2021/CVE-2021-44152.yaml index 6fd815987f..bb870b65a1 100644 --- a/http/cves/2021/CVE-2021-44152.yaml +++ b/http/cves/2021/CVE-2021-44152.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-44152 cwe-id: CWE-306 epss-score: 0.86031 - epss-percentile: 0.98508 + epss-percentile: 0.98489 cpe: cpe:2.3:a:reprisesoftware:reprise_license_manager:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-44228.yaml b/http/cves/2021/CVE-2021-44228.yaml index f2f238afff..781410683c 100644 --- a/http/cves/2021/CVE-2021-44228.yaml +++ b/http/cves/2021/CVE-2021-44228.yaml @@ -19,8 +19,8 @@ info: cvss-score: 10 cve-id: CVE-2021-44228 cwe-id: CWE-20,CWE-917 - epss-score: 0.97562 - epss-percentile: 0.99998 + epss-score: 0.97453 + epss-percentile: 0.99942 cpe: cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-44451.yaml b/http/cves/2021/CVE-2021-44451.yaml index e30e4555b0..2ef89c22a9 100644 --- a/http/cves/2021/CVE-2021-44451.yaml +++ b/http/cves/2021/CVE-2021-44451.yaml @@ -13,15 +13,13 @@ info: - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/apache-superset-default-credentials.json - https://lists.apache.org/thread/xww1pccs2ckb5506wrf1v4lmxg198vkb - https://nvd.nist.gov/vuln/detail/CVE-2021-44451 - - https://github.com/ARPSyndicate/cvemon - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 6.5 cve-id: CVE-2021-44451 cwe-id: CWE-522 - epss-score: 0.00382 - epss-percentile: 0.72622 + epss-score: 0.00518 + epss-percentile: 0.74232 cpe: cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-44515.yaml b/http/cves/2021/CVE-2021-44515.yaml index 67d086d747..ee675dcc14 100644 --- a/http/cves/2021/CVE-2021-44515.yaml +++ b/http/cves/2021/CVE-2021-44515.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-44515 cwe-id: CWE-287 - epss-score: 0.97426 - epss-percentile: 0.99935 + epss-score: 0.97233 + epss-percentile: 0.99811 cpe: cpe:2.3:a:zohocorp:manageengine_desktop_central:*:*:*:*:enterprise:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-44848.yaml b/http/cves/2021/CVE-2021-44848.yaml index 2c3851a6d9..ce50ce6618 100644 --- a/http/cves/2021/CVE-2021-44848.yaml +++ b/http/cves/2021/CVE-2021-44848.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-44848 cwe-id: CWE-203 epss-score: 0.02038 - epss-percentile: 0.8875 + epss-percentile: 0.8871 cpe: cpe:2.3:a:cybelesoft:thinfinity_virtualui:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-45046.yaml b/http/cves/2021/CVE-2021-45046.yaml index ac7863a42b..8e19ad446d 100644 --- a/http/cves/2021/CVE-2021-45046.yaml +++ b/http/cves/2021/CVE-2021-45046.yaml @@ -19,15 +19,14 @@ info: cvss-score: 9 cve-id: CVE-2021-45046 cwe-id: CWE-917 - epss-score: 0.97363 - epss-percentile: 0.99893 + epss-score: 0.9741 + epss-percentile: 0.99904 cpe: cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: apache product: log4j tags: cve2021,cve,rce,oast,log4j,injection,kev,apache - http: - raw: - | diff --git a/http/cves/2021/CVE-2021-45380.yaml b/http/cves/2021/CVE-2021-45380.yaml index 7e7e1c3325..a0fe57ff5f 100644 --- a/http/cves/2021/CVE-2021-45380.yaml +++ b/http/cves/2021/CVE-2021-45380.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-45380 cwe-id: CWE-79 epss-score: 0.00314 - epss-percentile: 0.69772 + epss-percentile: 0.69628 cpe: cpe:2.3:a:appcms:appcms:2.0.101:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-45428.yaml b/http/cves/2021/CVE-2021-45428.yaml index c96e4ad1ed..8b2a48eadd 100644 --- a/http/cves/2021/CVE-2021-45428.yaml +++ b/http/cves/2021/CVE-2021-45428.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-45428 cwe-id: CWE-639 - epss-score: 0.07905 - epss-percentile: 0.94136 + epss-score: 0.08441 + epss-percentile: 0.94265 cpe: cpe:2.3:o:telesquare:tlr-2005ksh_firmware:-:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-46005.yaml b/http/cves/2021/CVE-2021-46005.yaml index e146994d4d..a3b0e982d7 100644 --- a/http/cves/2021/CVE-2021-46005.yaml +++ b/http/cves/2021/CVE-2021-46005.yaml @@ -13,15 +13,13 @@ info: - https://www.exploit-db.com/exploits/49546 - https://nvd.nist.gov/vuln/detail/CVE-2021-46005 - https://www.sourcecodester.com/cc/14145/online-car-rental-system-using-phpmysql.html - - https://github.com/SYRTI/POC_to_review - - https://github.com/WhooAmii/POC_to_review classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2021-46005 cwe-id: CWE-79 epss-score: 0.00143 - epss-percentile: 0.49464 + epss-percentile: 0.50055 cpe: cpe:2.3:a:car_rental_management_system_project:car_rental_management_system:1.0:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2021/CVE-2021-46387.yaml b/http/cves/2021/CVE-2021-46387.yaml index 350fd5ad4c..482e8a17b5 100644 --- a/http/cves/2021/CVE-2021-46387.yaml +++ b/http/cves/2021/CVE-2021-46387.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-46387 cwe-id: CWE-79 - epss-score: 0.01764 - epss-percentile: 0.87755 + epss-score: 0.00628 + epss-percentile: 0.76726 cpe: cpe:2.3:o:zyxel:zywall_2_plus_internet_security_appliance_firmware:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-46417.yaml b/http/cves/2021/CVE-2021-46417.yaml index 1e4f37dcb2..2751a88c00 100644 --- a/http/cves/2021/CVE-2021-46417.yaml +++ b/http/cves/2021/CVE-2021-46417.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-46417 cwe-id: CWE-22 - epss-score: 0.71332 - epss-percentile: 0.97998 + epss-score: 0.70988 + epss-percentile: 0.97776 cpe: cpe:2.3:o:franklinfueling:colibri_firmware:1.8.19.8580:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-46418.yaml b/http/cves/2021/CVE-2021-46418.yaml index 0e914b1f1e..5d23fb79d8 100644 --- a/http/cves/2021/CVE-2021-46418.yaml +++ b/http/cves/2021/CVE-2021-46418.yaml @@ -19,11 +19,12 @@ info: cpe: cpe:2.3:o:telesquare:tlr-2855ks6_firmware:-:*:*:*:*:*:*:* metadata: verified: true - max-request: 2 + max-request: 1 vendor: telesquare - product: "tlr-2855ks6_firmware" - fofa-query: "product==\"TELESQUARE-TLR-2855KS6\"" + product: tlr-2855ks6_firmware + fofa-query: product=="TELESQUARE-TLR-2855KS6" tags: packetstorm,cve,cve2021,telesquare,intrusive + variables: filename: "{{rand_base(6)}}" diff --git a/http/cves/2021/CVE-2021-46419.yaml b/http/cves/2021/CVE-2021-46419.yaml index 8c694c3710..e8bcf54405 100644 --- a/http/cves/2021/CVE-2021-46419.yaml +++ b/http/cves/2021/CVE-2021-46419.yaml @@ -14,17 +14,18 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H cvss-score: 9.1 cve-id: CVE-2021-46419 - epss-score: 0.36968 - epss-percentile: 0.97097 + epss-score: 0.31802 + epss-percentile: 0.96898 cpe: cpe:2.3:o:telesquare:tlr-2855ks6_firmware:-:*:*:*:*:*:*:* metadata: verified: true - max-request: 2 + max-request: 1 vendor: telesquare - product: "tlr-2855ks6_firmware" - shodan-query: "title:\"Login to TLR-2855KS6\"" - fofa-query: "product==\"TELESQUARE-TLR-2855KS6\"" + product: tlr-2855ks6_firmware + shodan-query: title:"Login to TLR-2855KS6" + fofa-query: product=="TELESQUARE-TLR-2855KS6" tags: packetstorm,cve,cve2021,telesquare,intrusive + variables: filename: "{{rand_base(6)}}" diff --git a/http/cves/2022/CVE-2022-0140.yaml b/http/cves/2022/CVE-2022-0140.yaml index b90ac81572..5c5b1d5e09 100644 --- a/http/cves/2022/CVE-2022-0140.yaml +++ b/http/cves/2022/CVE-2022-0140.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-0140 cwe-id: CWE-306 epss-score: 0.00966 - epss-percentile: 0.83025 + epss-percentile: 0.8297 cpe: cpe:2.3:a:vfbpro:visual_form_builder:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0150.yaml b/http/cves/2022/CVE-2022-0150.yaml index d5375aebad..a257a7ebed 100644 --- a/http/cves/2022/CVE-2022-0150.yaml +++ b/http/cves/2022/CVE-2022-0150.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-0150 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40385 + epss-percentile: 0.40882 cpe: cpe:2.3:a:wp_accessibility_helper_project:wp_accessibility_helper:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0189.yaml b/http/cves/2022/CVE-2022-0189.yaml index 6d09e1ffbb..e19759eb49 100644 --- a/http/cves/2022/CVE-2022-0189.yaml +++ b/http/cves/2022/CVE-2022-0189.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-0189 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40385 + epss-percentile: 0.40139 cpe: cpe:2.3:a:wprssaggregator:wp_rss_aggregator:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-0220.yaml b/http/cves/2022/CVE-2022-0220.yaml index e87948f72a..03c5cbb12f 100644 --- a/http/cves/2022/CVE-2022-0220.yaml +++ b/http/cves/2022/CVE-2022-0220.yaml @@ -12,15 +12,13 @@ info: reference: - https://wpscan.com/vulnerability/a91a01b9-7e36-4280-bc50-f6cff3e66059 - https://nvd.nist.gov/vuln/detail/CVE-2022-0220 - - https://github.com/ARPSyndicate/cvemon - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-0220 cwe-id: CWE-116 epss-score: 0.00124 - epss-percentile: 0.46113 + epss-percentile: 0.46641 cpe: cpe:2.3:a:welaunch:wordpress_gdpr\&ccpa:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-0228.yaml b/http/cves/2022/CVE-2022-0228.yaml index b3bc8da724..4c16cd61d4 100644 --- a/http/cves/2022/CVE-2022-0228.yaml +++ b/http/cves/2022/CVE-2022-0228.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2022-0228 cwe-id: CWE-89 epss-score: 0.03069 - epss-percentile: 0.90827 + epss-percentile: 0.90788 cpe: cpe:2.3:a:sygnoos:popup_builder:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0234.yaml b/http/cves/2022/CVE-2022-0234.yaml index 39aec80de4..21c12d3822 100644 --- a/http/cves/2022/CVE-2022-0234.yaml +++ b/http/cves/2022/CVE-2022-0234.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-0234 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40385 + epss-percentile: 0.40139 cpe: cpe:2.3:a:pluginus:woocs:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0288.yaml b/http/cves/2022/CVE-2022-0288.yaml index 9b3293e296..6fe7c560eb 100644 --- a/http/cves/2022/CVE-2022-0288.yaml +++ b/http/cves/2022/CVE-2022-0288.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-0288 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42379 + epss-percentile: 0.42122 cpe: cpe:2.3:a:ad_inserter_pro_project:ad_inserter_pro:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0342.yaml b/http/cves/2022/CVE-2022-0342.yaml index 722dfffdef..88cfcbcf2a 100644 --- a/http/cves/2022/CVE-2022-0342.yaml +++ b/http/cves/2022/CVE-2022-0342.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2022-0342 cwe-id: CWE-287 epss-score: 0.08015 - epss-percentile: 0.9418 + epss-percentile: 0.94132 cpe: cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0349.yaml b/http/cves/2022/CVE-2022-0349.yaml index 88bbbb6053..4073e55fe7 100644 --- a/http/cves/2022/CVE-2022-0349.yaml +++ b/http/cves/2022/CVE-2022-0349.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-0349 cwe-id: CWE-89 epss-score: 0.02414 - epss-percentile: 0.89715 + epss-percentile: 0.89687 cpe: cpe:2.3:a:wpdeveloper:notificationx:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0378.yaml b/http/cves/2022/CVE-2022-0378.yaml index f139de0494..415dc9f2b2 100644 --- a/http/cves/2022/CVE-2022-0378.yaml +++ b/http/cves/2022/CVE-2022-0378.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-0378 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40385 + epss-percentile: 0.40139 cpe: cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0381.yaml b/http/cves/2022/CVE-2022-0381.yaml index 9eedff76b0..885fbbe07c 100644 --- a/http/cves/2022/CVE-2022-0381.yaml +++ b/http/cves/2022/CVE-2022-0381.yaml @@ -25,11 +25,12 @@ info: epss-percentile: 0.59134 cpe: cpe:2.3:a:embed_swagger_project:embed_swagger:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 - vendor: "embed_swagger_project" - product: "embed_swagger" + max-request: 1 + vendor: embed_swagger_project + product: embed_swagger framework: wordpress tags: cve,cve2022,swagger,xss,wordpress,embed_swagger_project + flow: http(1) && http(2) http: diff --git a/http/cves/2022/CVE-2022-0432.yaml b/http/cves/2022/CVE-2022-0432.yaml index b351b42bc8..3d5c34a880 100644 --- a/http/cves/2022/CVE-2022-0432.yaml +++ b/http/cves/2022/CVE-2022-0432.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-0432 cwe-id: CWE-1321 epss-score: 0.001 - epss-percentile: 0.40385 + epss-percentile: 0.40139 cpe: cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0437.yaml b/http/cves/2022/CVE-2022-0437.yaml index 90d2f02ff0..377800bce4 100644 --- a/http/cves/2022/CVE-2022-0437.yaml +++ b/http/cves/2022/CVE-2022-0437.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-0437 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40385 + epss-percentile: 0.40882 cpe: cpe:2.3:a:karma_project:karma:*:*:*:*:*:node.js:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-0482.yaml b/http/cves/2022/CVE-2022-0482.yaml index 5c743642eb..1ea0cef27f 100644 --- a/http/cves/2022/CVE-2022-0482.yaml +++ b/http/cves/2022/CVE-2022-0482.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.1 cve-id: CVE-2022-0482 cwe-id: CWE-359,CWE-863 - epss-score: 0.16183 - epss-percentile: 0.95863 + epss-score: 0.04316 + epss-percentile: 0.91494 cpe: cpe:2.3:a:easyappointments:easyappointments:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-0535.yaml b/http/cves/2022/CVE-2022-0535.yaml index 2a44c27c23..fb04004b06 100644 --- a/http/cves/2022/CVE-2022-0535.yaml +++ b/http/cves/2022/CVE-2022-0535.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-0535 cwe-id: CWE-79 epss-score: 0.00084 - epss-percentile: 0.34648 + epss-percentile: 0.34344 cpe: cpe:2.3:a:e2pdf:e2pdf:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0540.yaml b/http/cves/2022/CVE-2022-0540.yaml index f5f497b1cc..477db3d259 100644 --- a/http/cves/2022/CVE-2022-0540.yaml +++ b/http/cves/2022/CVE-2022-0540.yaml @@ -21,13 +21,13 @@ info: cve-id: CVE-2022-0540 cwe-id: CWE-287 epss-score: 0.2507 - epss-percentile: 0.96581 + epss-percentile: 0.96565 cpe: cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:* metadata: - max-request: 2 + max-request: 1 vendor: atlassian - product: "jira_data_center" - shodan-query: "http.component:\"Atlassian Jira\"" + product: jira_data_center + shodan-query: http.component:"Atlassian Jira" tags: cve,cve2022,atlassian,jira,exposure,auth-bypass http: diff --git a/http/cves/2022/CVE-2022-0591.yaml b/http/cves/2022/CVE-2022-0591.yaml index 7e63b1c738..fbc9d485a3 100644 --- a/http/cves/2022/CVE-2022-0591.yaml +++ b/http/cves/2022/CVE-2022-0591.yaml @@ -13,25 +13,23 @@ info: reference: - https://wpscan.com/vulnerability/b5303e63-d640-4178-9237-d0f524b13d47 - https://nvd.nist.gov/vuln/detail/CVE-2022-0591 - - https://github.com/nomi-sec/PoC-in-GitHub - - https://github.com/20142995/sectool - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N cvss-score: 9.1 cve-id: CVE-2022-0591 cwe-id: CWE-918 - epss-score: 0.03494 - epss-percentile: 0.91359 + epss-score: 0.03628 + epss-percentile: 0.90752 cpe: cpe:2.3:a:subtlewebinc:formcraft3:*:*:*:*:*:wordpress:*:* metadata: verified: true - max-request: 2 + max-request: 1 vendor: subtlewebinc product: formcraft3 framework: wordpress - fofa-query: "body=\"formcraft3\" && body=\"wp-\"" + fofa-query: body="formcraft3" && body="wp-" tags: cve,cve2022,wp,wp-plugin,wordpress,formcraft3,wpscan,ssrf,unauth,subtlewebinc + flow: http(1) && http(2) http: diff --git a/http/cves/2022/CVE-2022-0594.yaml b/http/cves/2022/CVE-2022-0594.yaml index 044856b689..a23d3ef545 100644 --- a/http/cves/2022/CVE-2022-0594.yaml +++ b/http/cves/2022/CVE-2022-0594.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-0594 cwe-id: CWE-863 epss-score: 0.00188 - epss-percentile: 0.55479 + epss-percentile: 0.55305 cpe: cpe:2.3:a:shareaholic:shareaholic:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0597.yaml b/http/cves/2022/CVE-2022-0597.yaml index 494e6e5e3a..43550a1baa 100644 --- a/http/cves/2022/CVE-2022-0597.yaml +++ b/http/cves/2022/CVE-2022-0597.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2022-0597 cwe-id: CWE-601 epss-score: 0.00115 - epss-percentile: 0.44402 + epss-percentile: 0.45025 cpe: cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0599.yaml b/http/cves/2022/CVE-2022-0599.yaml index 93e6359d26..52049ee911 100644 --- a/http/cves/2022/CVE-2022-0599.yaml +++ b/http/cves/2022/CVE-2022-0599.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-0599 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42379 + epss-percentile: 0.42122 cpe: cpe:2.3:a:mapping_multiple_urls_redirect_same_page_project:mapping_multiple_urls_redirect_same_page:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-0658.yaml b/http/cves/2022/CVE-2022-0658.yaml index 84e016b291..49fdf094e6 100644 --- a/http/cves/2022/CVE-2022-0658.yaml +++ b/http/cves/2022/CVE-2022-0658.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2022-0658 cwe-id: CWE-89 epss-score: 0.04032 - epss-percentile: 0.91908 + epss-percentile: 0.91879 cpe: cpe:2.3:a:wielebenwir:commonsbooking:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0660.yaml b/http/cves/2022/CVE-2022-0660.yaml index e5ed7dadcc..03acf180ab 100644 --- a/http/cves/2022/CVE-2022-0660.yaml +++ b/http/cves/2022/CVE-2022-0660.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-0660 cwe-id: CWE-209 - epss-score: 0.00691 - epss-percentile: 0.79797 + epss-score: 0.00719 + epss-percentile: 0.78502 cpe: cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0760.yaml b/http/cves/2022/CVE-2022-0760.yaml index 013abb2205..1d9a8d2123 100644 --- a/http/cves/2022/CVE-2022-0760.yaml +++ b/http/cves/2022/CVE-2022-0760.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-0760 cwe-id: CWE-89 - epss-score: 0.02705 - epss-percentile: 0.90292 + epss-score: 0.02788 + epss-percentile: 0.89602 cpe: cpe:2.3:a:quantumcloud:simple_link_directory:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0773.yaml b/http/cves/2022/CVE-2022-0773.yaml index 35f59442fe..466a26aa73 100644 --- a/http/cves/2022/CVE-2022-0773.yaml +++ b/http/cves/2022/CVE-2022-0773.yaml @@ -14,15 +14,13 @@ info: - https://wpscan.com/vulnerability/55b89de0-30ed-4f98-935e-51f069faf6fc - https://wordpress.org/plugins/documentor-lite/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0773 - - https://github.com/20142995/sectool - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0773 cwe-id: CWE-89 - epss-score: 0.04043 - epss-percentile: 0.91924 + epss-score: 0.05057 + epss-percentile: 0.92125 cpe: cpe:2.3:a:documentor_project:documentor:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0817.yaml b/http/cves/2022/CVE-2022-0817.yaml index 9dc488eb9a..e75bdc7c5f 100644 --- a/http/cves/2022/CVE-2022-0817.yaml +++ b/http/cves/2022/CVE-2022-0817.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-0817 cwe-id: CWE-89 - epss-score: 0.04043 - epss-percentile: 0.91924 + epss-score: 0.03633 + epss-percentile: 0.91467 cpe: cpe:2.3:a:badgeos:badgeos:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0870.yaml b/http/cves/2022/CVE-2022-0870.yaml index 09d82fc50d..c7fb438fed 100644 --- a/http/cves/2022/CVE-2022-0870.yaml +++ b/http/cves/2022/CVE-2022-0870.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5.3 cve-id: CVE-2022-0870 cwe-id: CWE-918 - epss-score: 0.00173 - epss-percentile: 0.53651 + epss-score: 0.00179 + epss-percentile: 0.54242 cpe: cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0885.yaml b/http/cves/2022/CVE-2022-0885.yaml index 120f734b5f..0629f52cff 100644 --- a/http/cves/2022/CVE-2022-0885.yaml +++ b/http/cves/2022/CVE-2022-0885.yaml @@ -14,14 +14,13 @@ info: - https://wpscan.com/vulnerability/8b08b72e-5584-4f25-ab73-5ab0f47412df - https://wordpress.org/plugins/member-hero/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0885 - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0885 cwe-id: CWE-862 - epss-score: 0.28394 - epss-percentile: 0.96757 + epss-score: 0.31455 + epss-percentile: 0.96571 cpe: cpe:2.3:a:memberhero:member_hero:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0899.yaml b/http/cves/2022/CVE-2022-0899.yaml index a0222884a8..4a3c0ebcce 100644 --- a/http/cves/2022/CVE-2022-0899.yaml +++ b/http/cves/2022/CVE-2022-0899.yaml @@ -15,7 +15,7 @@ info: cve-id: CVE-2022-0899 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42379 + epss-percentile: 0.42122 cpe: cpe:2.3:a:draftpress:header_footer_code_manager:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0952.yaml b/http/cves/2022/CVE-2022-0952.yaml index b803c4bf4a..50fbad080b 100644 --- a/http/cves/2022/CVE-2022-0952.yaml +++ b/http/cves/2022/CVE-2022-0952.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-0952 cwe-id: CWE-352 epss-score: 0.33816 - epss-percentile: 0.96986 + epss-percentile: 0.96965 cpe: cpe:2.3:a:sitemap_project:sitemap:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1020.yaml b/http/cves/2022/CVE-2022-1020.yaml index 2fc1465a91..df20e1924a 100644 --- a/http/cves/2022/CVE-2022-1020.yaml +++ b/http/cves/2022/CVE-2022-1020.yaml @@ -12,16 +12,13 @@ info: reference: - https://wpscan.com/vulnerability/04fe89b3-8ad1-482f-a96d-759d1d3a0dd5 - https://nvd.nist.gov/vuln/detail/CVE-2022-1020 - - https://github.com/20142995/sectool - - https://github.com/ARPSyndicate/cvemon - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-1020 cwe-id: CWE-352 - epss-score: 0.02673 - epss-percentile: 0.90223 + epss-score: 0.01578 + epss-percentile: 0.8591 cpe: cpe:2.3:a:codeastrology:woo_product_table:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-1040.yaml b/http/cves/2022/CVE-2022-1040.yaml index 0b365e94b5..e304c7bb7c 100644 --- a/http/cves/2022/CVE-2022-1040.yaml +++ b/http/cves/2022/CVE-2022-1040.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-1040 cwe-id: CWE-287 epss-score: 0.97434 - epss-percentile: 0.9994 + epss-percentile: 0.99939 cpe: cpe:2.3:o:sophos:sfos:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1162.yaml b/http/cves/2022/CVE-2022-1162.yaml index 636007ecca..6ad9ef2ab1 100644 --- a/http/cves/2022/CVE-2022-1162.yaml +++ b/http/cves/2022/CVE-2022-1162.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-1162 cwe-id: CWE-798 epss-score: 0.24455 - epss-percentile: 0.96526 + epss-percentile: 0.96514 cpe: cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-1170.yaml b/http/cves/2022/CVE-2022-1170.yaml index b989794ef5..70083869b4 100644 --- a/http/cves/2022/CVE-2022-1170.yaml +++ b/http/cves/2022/CVE-2022-1170.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2022-1170 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40385 + epss-percentile: 0.40139 cpe: cpe:2.3:a:nootheme:jobmonster:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1386.yaml b/http/cves/2022/CVE-2022-1386.yaml index 4473cf8ec7..e4dc9c8029 100644 --- a/http/cves/2022/CVE-2022-1386.yaml +++ b/http/cves/2022/CVE-2022-1386.yaml @@ -29,7 +29,7 @@ info: vendor: fusion_builder_project product: fusion_builder framework: wordpress - tags: cve,cve2022,wpscan,wordpress,ssrf,themefusion,wp,fusion,avada,intrusive,theme-fusion,fusion_builder_project + tags: cve,cve2022,wpscan,wordpress,ssrf,themefusion,wp,fusion,avada,intrusive,theme-fusion http: - raw: diff --git a/http/cves/2022/CVE-2022-1609.yaml b/http/cves/2022/CVE-2022-1609.yaml index dea30ad832..4e6b12b21f 100644 --- a/http/cves/2022/CVE-2022-1609.yaml +++ b/http/cves/2022/CVE-2022-1609.yaml @@ -29,7 +29,7 @@ info: vendor: weblizar product: school_management framework: wordpress - tags: cve,cve2022,rce,wp,backdoor,wpscan,wordpress,weblizar + tags: cve,cve2022,rce,wp,backdoor,wpscan,wordpress variables: cmd: "echo CVE-2022-1609 | rev" diff --git a/http/cves/2022/CVE-2022-1713.yaml b/http/cves/2022/CVE-2022-1713.yaml index 6e9d4a1420..047d066d04 100644 --- a/http/cves/2022/CVE-2022-1713.yaml +++ b/http/cves/2022/CVE-2022-1713.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-1713 cwe-id: CWE-918 epss-score: 0.0258 - epss-percentile: 0.90041 + epss-percentile: 0.90003 cpe: cpe:2.3:a:diagrams:drawio:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1724.yaml b/http/cves/2022/CVE-2022-1724.yaml index ef72c6a6d1..f0d37f6ab5 100644 --- a/http/cves/2022/CVE-2022-1724.yaml +++ b/http/cves/2022/CVE-2022-1724.yaml @@ -25,11 +25,12 @@ info: cpe: cpe:2.3:a:simple-membership-plugin:simple_membership:*:*:*:*:*:wordpress:*:* metadata: verified: true - max-request: 2 - vendor: "simple-membership-plugin" - product: "simple_membership" + max-request: 1 + vendor: simple-membership-plugin + product: simple_membership framework: wordpress tags: cve,cve2022,xss,wp,wordpress,wpscan,wp-plugin,simple-membership-plugin + flow: http(1) && http(2) http: diff --git a/http/cves/2022/CVE-2022-1756.yaml b/http/cves/2022/CVE-2022-1756.yaml index 1599153a26..ef39f7d039 100644 --- a/http/cves/2022/CVE-2022-1756.yaml +++ b/http/cves/2022/CVE-2022-1756.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-1756 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36646 + epss-percentile: 0.36967 cpe: cpe:2.3:a:thenewsletterplugin:newsletter:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1815.yaml b/http/cves/2022/CVE-2022-1815.yaml index 555af22aa0..4a3bd44221 100644 --- a/http/cves/2022/CVE-2022-1815.yaml +++ b/http/cves/2022/CVE-2022-1815.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-1815 cwe-id: CWE-918,CWE-200 epss-score: 0.02327 - epss-percentile: 0.89524 + epss-percentile: 0.89496 cpe: cpe:2.3:a:diagrams:drawio:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1883.yaml b/http/cves/2022/CVE-2022-1883.yaml index 06669c0467..f8efe05078 100644 --- a/http/cves/2022/CVE-2022-1883.yaml +++ b/http/cves/2022/CVE-2022-1883.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-1883 cwe-id: CWE-89 - epss-score: 0.09458 - epss-percentile: 0.94627 + epss-score: 0.1005 + epss-percentile: 0.94774 cpe: cpe:2.3:a:camptocamp:terraboard:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-1904.yaml b/http/cves/2022/CVE-2022-1904.yaml index 3baa68965d..3820f0dda5 100644 --- a/http/cves/2022/CVE-2022-1904.yaml +++ b/http/cves/2022/CVE-2022-1904.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-1904 cwe-id: CWE-79 epss-score: 0.00086 - epss-percentile: 0.35592 + epss-percentile: 0.35299 cpe: cpe:2.3:a:fatcatapps:easy_pricing_tables:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1906.yaml b/http/cves/2022/CVE-2022-1906.yaml index 484583c6fc..c7f69c82e4 100644 --- a/http/cves/2022/CVE-2022-1906.yaml +++ b/http/cves/2022/CVE-2022-1906.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-1906 cwe-id: CWE-79 epss-score: 0.00086 - epss-percentile: 0.35592 + epss-percentile: 0.35299 cpe: cpe:2.3:a:digiprove:copyright_proof:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1916.yaml b/http/cves/2022/CVE-2022-1916.yaml index c096ec78ab..2b4afa9ad8 100644 --- a/http/cves/2022/CVE-2022-1916.yaml +++ b/http/cves/2022/CVE-2022-1916.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-1916 cwe-id: CWE-79 epss-score: 0.00086 - epss-percentile: 0.35592 + epss-percentile: 0.35299 cpe: cpe:2.3:a:pluginus:woot:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-1937.yaml b/http/cves/2022/CVE-2022-1937.yaml index 7bc3248791..d258094795 100644 --- a/http/cves/2022/CVE-2022-1937.yaml +++ b/http/cves/2022/CVE-2022-1937.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-1937 cwe-id: CWE-79 epss-score: 0.00086 - epss-percentile: 0.35592 + epss-percentile: 0.35299 cpe: cpe:2.3:a:awin:awin_data_feed:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1952.yaml b/http/cves/2022/CVE-2022-1952.yaml index f32f7e7141..f42d8daa3a 100644 --- a/http/cves/2022/CVE-2022-1952.yaml +++ b/http/cves/2022/CVE-2022-1952.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-1952 cwe-id: CWE-434 - epss-score: 0.83488 - epss-percentile: 0.98384 + epss-score: 0.93584 + epss-percentile: 0.99051 cpe: cpe:2.3:a:syntactics:free_booking_plugin_for_hotels\,_restaurant_and_car_rental:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2034.yaml b/http/cves/2022/CVE-2022-2034.yaml index 8044825ab6..923972b6fa 100644 --- a/http/cves/2022/CVE-2022-2034.yaml +++ b/http/cves/2022/CVE-2022-2034.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-2034 cwe-id: CWE-639 epss-score: 0.00506 - epss-percentile: 0.76117 + epss-percentile: 0.76026 cpe: cpe:2.3:a:automattic:sensei_lms:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-21500.yaml b/http/cves/2022/CVE-2022-21500.yaml index 0ea4ac76ab..578dc0e7cb 100644 --- a/http/cves/2022/CVE-2022-21500.yaml +++ b/http/cves/2022/CVE-2022-21500.yaml @@ -21,7 +21,7 @@ info: cvss-score: 7.5 cve-id: CVE-2022-21500 epss-score: 0.92631 - epss-percentile: 0.98959 + epss-percentile: 0.98947 cpe: cpe:2.3:a:oracle:e-business_suite:12.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-21661.yaml b/http/cves/2022/CVE-2022-21661.yaml index f40c7161a3..12a501de58 100644 --- a/http/cves/2022/CVE-2022-21661.yaml +++ b/http/cves/2022/CVE-2022-21661.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-21661 cwe-id: CWE-89 epss-score: 0.93536 - epss-percentile: 0.99055 + epss-percentile: 0.99044 cpe: cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-21705.yaml b/http/cves/2022/CVE-2022-21705.yaml index f93ce813d6..b697414512 100644 --- a/http/cves/2022/CVE-2022-21705.yaml +++ b/http/cves/2022/CVE-2022-21705.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-21705 cwe-id: CWE-74,NVD-CWE-Other epss-score: 0.00522 - epss-percentile: 0.76501 + epss-percentile: 0.76405 cpe: cpe:2.3:a:octobercms:october:*:*:*:*:*:*:*:* metadata: max-request: 5 diff --git a/http/cves/2022/CVE-2022-2187.yaml b/http/cves/2022/CVE-2022-2187.yaml index d00d7f8feb..d09c6195c5 100644 --- a/http/cves/2022/CVE-2022-2187.yaml +++ b/http/cves/2022/CVE-2022-2187.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-2187 cwe-id: CWE-79 - epss-score: 0.00106 - epss-percentile: 0.42379 + epss-score: 0.00122 + epss-percentile: 0.46372 cpe: cpe:2.3:a:contact_form_7_captcha_project:contact_form_7_captcha:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-22242.yaml b/http/cves/2022/CVE-2022-22242.yaml index 7f23aea426..0cf4e3db0a 100644 --- a/http/cves/2022/CVE-2022-22242.yaml +++ b/http/cves/2022/CVE-2022-22242.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-22242 cwe-id: CWE-79 - epss-score: 0.46771 - epss-percentile: 0.97377 + epss-score: 0.41023 + epss-percentile: 0.972 cpe: cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-22733.yaml b/http/cves/2022/CVE-2022-22733.yaml index a408ff703a..f1619bc1af 100644 --- a/http/cves/2022/CVE-2022-22733.yaml +++ b/http/cves/2022/CVE-2022-22733.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-22733 cwe-id: CWE-200 epss-score: 0.12656 - epss-percentile: 0.95351 + epss-percentile: 0.95328 cpe: cpe:2.3:a:apache:shardingsphere_elasticjob-ui:3.0.0:-:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2290.yaml b/http/cves/2022/CVE-2022-2290.yaml index 732702469b..dff0f8b418 100644 --- a/http/cves/2022/CVE-2022-2290.yaml +++ b/http/cves/2022/CVE-2022-2290.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-2290 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40385 + epss-percentile: 0.40139 cpe: cpe:2.3:a:trilium_project:trilium:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-22963.yaml b/http/cves/2022/CVE-2022-22963.yaml index 40b0e81707..39a36176e1 100644 --- a/http/cves/2022/CVE-2022-22963.yaml +++ b/http/cves/2022/CVE-2022-22963.yaml @@ -21,9 +21,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-22963 - cwe-id: CWE-917,CWE-94 + cwe-id: CWE-94,CWE-917 epss-score: 0.97537 - epss-percentile: 0.99994 + epss-percentile: 0.99993 cpe: cpe:2.3:a:vmware:spring_cloud_function:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-22965.yaml b/http/cves/2022/CVE-2022-22965.yaml index 7e29e87f2d..1aa4ae577d 100644 --- a/http/cves/2022/CVE-2022-22965.yaml +++ b/http/cves/2022/CVE-2022-22965.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-22965 cwe-id: CWE-94 epss-score: 0.97493 - epss-percentile: 0.99974 + epss-percentile: 0.99972 cpe: cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:* metadata: max-request: 4 diff --git a/http/cves/2022/CVE-2022-23348.yaml b/http/cves/2022/CVE-2022-23348.yaml index 6efc5cf404..9e7bd3de0f 100644 --- a/http/cves/2022/CVE-2022-23348.yaml +++ b/http/cves/2022/CVE-2022-23348.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-23348 cwe-id: CWE-916 epss-score: 0.00425 - epss-percentile: 0.73927 + epss-percentile: 0.71717 cpe: cpe:2.3:a:bigantsoft:bigant_server:5.6.06:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2373.yaml b/http/cves/2022/CVE-2022-2373.yaml index 44d300071a..1da0b22d07 100644 --- a/http/cves/2022/CVE-2022-2373.yaml +++ b/http/cves/2022/CVE-2022-2373.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-2373 cwe-id: CWE-862 epss-score: 0.00292 - epss-percentile: 0.68694 + epss-percentile: 0.68538 cpe: cpe:2.3:a:nsqua:simply_schedule_appointments:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-23808.yaml b/http/cves/2022/CVE-2022-23808.yaml index b5f016b2c1..4d9d63a2b9 100644 --- a/http/cves/2022/CVE-2022-23808.yaml +++ b/http/cves/2022/CVE-2022-23808.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-23808 cwe-id: CWE-79 - epss-score: 0.01039 - epss-percentile: 0.83654 + epss-score: 0.00743 + epss-percentile: 0.78912 cpe: cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2383.yaml b/http/cves/2022/CVE-2022-2383.yaml index c2096c6de7..57f57cb54d 100644 --- a/http/cves/2022/CVE-2022-2383.yaml +++ b/http/cves/2022/CVE-2022-2383.yaml @@ -14,23 +14,22 @@ info: - https://wpscan.com/vulnerability/4a3b3023-e740-411c-a77c-6477b80d7531 - https://wordpress.org/plugins/feed-them-social/ - https://nvd.nist.gov/vuln/detail/CVE-2022-2383 - - https://github.com/ARPSyndicate/cvemon - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-2383 cwe-id: CWE-79 - epss-score: 0.00106 - epss-percentile: 0.42379 + epss-score: 0.00119 + epss-percentile: 0.45893 cpe: cpe:2.3:a:slickremix:feed_them_social:*:*:*:*:*:wordpress:*:* metadata: verified: true - max-request: 2 + max-request: 1 vendor: slickremix - product: "feed_them_social" + product: feed_them_social framework: wordpress tags: cve,cve2022,wp,wordpress,wp-plugin,wpscan,xss,slickremix + flow: http(1) && http(2) http: diff --git a/http/cves/2022/CVE-2022-23854.yaml b/http/cves/2022/CVE-2022-23854.yaml index 12ba5874bd..f85f68fd1d 100644 --- a/http/cves/2022/CVE-2022-23854.yaml +++ b/http/cves/2022/CVE-2022-23854.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-23854 cwe-id: CWE-22,CWE-23 epss-score: 0.66314 - epss-percentile: 0.9786 + epss-percentile: 0.97841 cpe: cpe:2.3:a:aveva:intouch_access_anywhere:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24124.yaml b/http/cves/2022/CVE-2022-24124.yaml index 328e2bcaa3..dfd0bce904 100644 --- a/http/cves/2022/CVE-2022-24124.yaml +++ b/http/cves/2022/CVE-2022-24124.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-24124 cwe-id: CWE-89 - epss-score: 0.08991 - epss-percentile: 0.94484 + epss-score: 0.07543 + epss-percentile: 0.93981 cpe: cpe:2.3:a:casbin:casdoor:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-24129.yaml b/http/cves/2022/CVE-2022-24129.yaml index 02bc48bfb4..ae129fe8d2 100644 --- a/http/cves/2022/CVE-2022-24129.yaml +++ b/http/cves/2022/CVE-2022-24129.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-24129 cwe-id: CWE-918 epss-score: 0.00647 - epss-percentile: 0.78946 + epss-percentile: 0.77074 cpe: cpe:2.3:a:shibboleth:oidc_op:*:*:*:*:*:identity_provider:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-2414.yaml b/http/cves/2022/CVE-2022-2414.yaml index 9e375f426b..0f72b8b9b3 100644 --- a/http/cves/2022/CVE-2022-2414.yaml +++ b/http/cves/2022/CVE-2022-2414.yaml @@ -14,15 +14,13 @@ info: - https://github.com/PeiQi0/PeiQi-WIKI-Book/blob/main/docs/wiki/webapp/Dogtag/Dogtag%20PKI%20XML%E5%AE%9E%E4%BD%93%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E%20CVE-2022-2414.md - https://nvd.nist.gov/vuln/detail/CVE-2022-2414 - https://github.com/dogtagpki/pki/pull/4021 - - https://github.com/k0mi-tg/CVE-POC - - https://github.com/satyasai1460/CVE-2022-2414 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-2414 cwe-id: CWE-611 - epss-score: 0.02818 - epss-percentile: 0.90472 + epss-score: 0.01256 + epss-percentile: 0.84092 cpe: cpe:2.3:a:dogtagpki:dogtagpki:10.5.18:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24181.yaml b/http/cves/2022/CVE-2022-24181.yaml index bb1dfbb037..b3b7ce9f12 100644 --- a/http/cves/2022/CVE-2022-24181.yaml +++ b/http/cves/2022/CVE-2022-24181.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-24181 cwe-id: CWE-79 - epss-score: 0.00241 - epss-percentile: 0.63677 + epss-score: 0.0017 + epss-percentile: 0.53018 cpe: cpe:2.3:a:public_knowledge_project:open_journal_systems:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24223.yaml b/http/cves/2022/CVE-2022-24223.yaml index 110a78b954..50d11c14b2 100644 --- a/http/cves/2022/CVE-2022-24223.yaml +++ b/http/cves/2022/CVE-2022-24223.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-24223 cwe-id: CWE-89 epss-score: 0.27442 - epss-percentile: 0.96706 + epss-percentile: 0.96689 cpe: cpe:2.3:a:thedigitalcraft:atomcms:2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24260.yaml b/http/cves/2022/CVE-2022-24260.yaml index 229160c8c0..b23a28e956 100644 --- a/http/cves/2022/CVE-2022-24260.yaml +++ b/http/cves/2022/CVE-2022-24260.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-24260 cwe-id: CWE-89 epss-score: 0.28138 - epss-percentile: 0.96744 + epss-percentile: 0.96726 cpe: cpe:2.3:a:voipmonitor:voipmonitor:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-24264.yaml b/http/cves/2022/CVE-2022-24264.yaml index 975e79ec36..8b01b0a101 100644 --- a/http/cves/2022/CVE-2022-24264.yaml +++ b/http/cves/2022/CVE-2022-24264.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-24264 cwe-id: CWE-89 - epss-score: 0.05327 - epss-percentile: 0.92931 + epss-score: 0.04717 + epss-percentile: 0.91844 cpe: cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24265.yaml b/http/cves/2022/CVE-2022-24265.yaml index c513a11964..9fb0696a2e 100644 --- a/http/cves/2022/CVE-2022-24265.yaml +++ b/http/cves/2022/CVE-2022-24265.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-24265 cwe-id: CWE-89 - epss-score: 0.05327 - epss-percentile: 0.92931 + epss-score: 0.05054 + epss-percentile: 0.92726 cpe: cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24266.yaml b/http/cves/2022/CVE-2022-24266.yaml index 2e486b2f32..c8fabc2f2b 100644 --- a/http/cves/2022/CVE-2022-24266.yaml +++ b/http/cves/2022/CVE-2022-24266.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-24266 cwe-id: CWE-89 - epss-score: 0.03601 - epss-percentile: 0.91465 + epss-score: 0.03412 + epss-percentile: 0.91229 cpe: cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24288.yaml b/http/cves/2022/CVE-2022-24288.yaml index 6fc1010795..8aa55a92ad 100644 --- a/http/cves/2022/CVE-2022-24288.yaml +++ b/http/cves/2022/CVE-2022-24288.yaml @@ -20,8 +20,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-24288 cwe-id: CWE-78 - epss-score: 0.83848 - epss-percentile: 0.98402 + epss-score: 0.81676 + epss-percentile: 0.98279 cpe: cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2462.yaml b/http/cves/2022/CVE-2022-2462.yaml index 3a287668a9..fe117426c4 100644 --- a/http/cves/2022/CVE-2022-2462.yaml +++ b/http/cves/2022/CVE-2022-2462.yaml @@ -29,7 +29,7 @@ info: vendor: transposh product: transposh_wordpress_translation framework: wordpress - tags: cve,cve2022,wordpress,disclosure,wp-plugin,packetstorm,transposh,xss + tags: cve,cve2022,wordpress,disclosure,wp-plugin,packetstorm,transposh http: - method: POST diff --git a/http/cves/2022/CVE-2022-2467.yaml b/http/cves/2022/CVE-2022-2467.yaml index 0e3088d821..17675e9e2e 100644 --- a/http/cves/2022/CVE-2022-2467.yaml +++ b/http/cves/2022/CVE-2022-2467.yaml @@ -14,15 +14,13 @@ info: - https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Garage-Management-System.md - https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html - https://nvd.nist.gov/vuln/detail/CVE-2022-2467 - - https://github.com/ARPSyndicate/kenzer-templates - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-2467 cwe-id: CWE-89 - epss-score: 0.0553 - epss-percentile: 0.93081 + epss-score: 0.01309 + epss-percentile: 0.8445 cpe: cpe:2.3:a:garage_management_system_project:garage_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24856.yaml b/http/cves/2022/CVE-2022-24856.yaml index a583724335..867ca9a9d9 100644 --- a/http/cves/2022/CVE-2022-24856.yaml +++ b/http/cves/2022/CVE-2022-24856.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-24856 cwe-id: CWE-918 epss-score: 0.08397 - epss-percentile: 0.94296 + epss-percentile: 0.94255 cpe: cpe:2.3:a:flyte:flyte_console:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-2486.yaml b/http/cves/2022/CVE-2022-2486.yaml index b05984fa29..3d4861baab 100644 --- a/http/cves/2022/CVE-2022-2486.yaml +++ b/http/cves/2022/CVE-2022-2486.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-2486 cwe-id: CWE-78 epss-score: 0.97331 - epss-percentile: 0.99878 + epss-percentile: 0.99879 cpe: cpe:2.3:o:wavlink:wl-wn535k2_firmware:-:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2487.yaml b/http/cves/2022/CVE-2022-2487.yaml index 2821c87ae6..10b7510a7e 100644 --- a/http/cves/2022/CVE-2022-2487.yaml +++ b/http/cves/2022/CVE-2022-2487.yaml @@ -15,14 +15,13 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2487 - https://vuldb.com/?id.204538 - https://nvd.nist.gov/vuln/detail/CVE-2022-2487 - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-2487 cwe-id: CWE-78 - epss-score: 0.97409 - epss-percentile: 0.99925 + epss-score: 0.97404 + epss-percentile: 0.99916 cpe: cpe:2.3:o:wavlink:wl-wn535k2_firmware:-:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2488.yaml b/http/cves/2022/CVE-2022-2488.yaml index c1088a9b6e..3f428bc088 100644 --- a/http/cves/2022/CVE-2022-2488.yaml +++ b/http/cves/2022/CVE-2022-2488.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-2488 cwe-id: CWE-78 - epss-score: 0.97398 - epss-percentile: 0.99914 + epss-score: 0.97392 + epss-percentile: 0.99908 cpe: cpe:2.3:o:wavlink:wl-wn535k2_firmware:-:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24899.yaml b/http/cves/2022/CVE-2022-24899.yaml index 1858d49d25..ec78a7b42d 100644 --- a/http/cves/2022/CVE-2022-24899.yaml +++ b/http/cves/2022/CVE-2022-24899.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-24899 cwe-id: CWE-79 epss-score: 0.00342 - epss-percentile: 0.71067 + epss-percentile: 0.70926 cpe: cpe:2.3:a:contao:contao:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-25082.yaml b/http/cves/2022/CVE-2022-25082.yaml index ef5c62ab6c..5c748465de 100644 --- a/http/cves/2022/CVE-2022-25082.yaml +++ b/http/cves/2022/CVE-2022-25082.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-25082 cwe-id: CWE-78 epss-score: 0.0417 - epss-percentile: 0.92039 + epss-percentile: 0.92009 cpe: cpe:2.3:o:totolink:a950rg_firmware:4.1.2cu.5204_b20210112:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-25125.yaml b/http/cves/2022/CVE-2022-25125.yaml index cdc76cd33f..913fdf5257 100644 --- a/http/cves/2022/CVE-2022-25125.yaml +++ b/http/cves/2022/CVE-2022-25125.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-25125 cwe-id: CWE-89 - epss-score: 0.0161 - epss-percentile: 0.87179 + epss-score: 0.02031 + epss-percentile: 0.87716 cpe: cpe:2.3:a:mingsoft:mcms:5.2.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-25148.yaml b/http/cves/2022/CVE-2022-25148.yaml index a1fb60e72e..c60b1f9c37 100644 --- a/http/cves/2022/CVE-2022-25148.yaml +++ b/http/cves/2022/CVE-2022-25148.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-25148 cwe-id: CWE-89 - epss-score: 0.43105 - epss-percentile: 0.97272 + epss-score: 0.10089 + epss-percentile: 0.94364 cpe: cpe:2.3:a:veronalabs:wp_statistics:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2546.yaml b/http/cves/2022/CVE-2022-2546.yaml index dcfc191c6f..a8a68d14b5 100644 --- a/http/cves/2022/CVE-2022-2546.yaml +++ b/http/cves/2022/CVE-2022-2546.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-2546 cwe-id: CWE-79 epss-score: 0.00252 - epss-percentile: 0.64586 + epss-percentile: 0.64447 cpe: cpe:2.3:a:servmask:all-in-one_wp_migration:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-25486.yaml b/http/cves/2022/CVE-2022-25486.yaml index b335046064..7c0e1a6919 100644 --- a/http/cves/2022/CVE-2022-25486.yaml +++ b/http/cves/2022/CVE-2022-25486.yaml @@ -13,14 +13,13 @@ info: reference: - https://github.com/CuppaCMS/CuppaCMS - https://nvd.nist.gov/vuln/detail/CVE-2022-25486 - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H cvss-score: 7.8 cve-id: CVE-2022-25486 cwe-id: CWE-829 - epss-score: 0.01525 - epss-percentile: 0.86777 + epss-score: 0.01775 + epss-percentile: 0.8667 cpe: cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-25487.yaml b/http/cves/2022/CVE-2022-25487.yaml index 9a6af1bc05..d24b4dd4cb 100644 --- a/http/cves/2022/CVE-2022-25487.yaml +++ b/http/cves/2022/CVE-2022-25487.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-25487 cwe-id: CWE-434 - epss-score: 0.83132 - epss-percentile: 0.98364 + epss-score: 0.84615 + epss-percentile: 0.98422 cpe: cpe:2.3:a:thedigitalcraft:atomcms:2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-25568.yaml b/http/cves/2022/CVE-2022-25568.yaml index 482577378a..69e144b774 100644 --- a/http/cves/2022/CVE-2022-25568.yaml +++ b/http/cves/2022/CVE-2022-25568.yaml @@ -10,15 +10,13 @@ info: - https://www.pizzapower.me/2022/02/17/motioneye-config-info-disclosure/ - https://github.com/ccrisan/motioneye/issues/2292 - https://nvd.nist.gov/vuln/detail/cve-2022-25568 - - https://github.com/ARPSyndicate/cvemon - - https://github.com/ArrestX/--POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-25568 cwe-id: CWE-1188 - epss-score: 0.01768 - epss-percentile: 0.87769 + epss-score: 0.01838 + epss-percentile: 0.86962 cpe: cpe:2.3:a:motioneye_project:motioneye:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2599.yaml b/http/cves/2022/CVE-2022-2599.yaml index 894e7a8dd7..9c2c7a2a42 100644 --- a/http/cves/2022/CVE-2022-2599.yaml +++ b/http/cves/2022/CVE-2022-2599.yaml @@ -29,7 +29,7 @@ info: vendor: anti-malware_security_and_brute-force_firewall_project product: anti-malware_security_and_brute-force_firewall framework: wordpress - tags: cve,cve2022,wordpress,wp-plugin,xss,gotmls,authenticated,wpscan,anti-malware_security_and_brute-force_firewall_project + tags: cve,cve2022,wordpress,wp-plugin,xss,gotmls,authenticated,wpscan http: - raw: diff --git a/http/cves/2022/CVE-2022-26138.yaml b/http/cves/2022/CVE-2022-26138.yaml index 98b344fb17..10f5282faf 100644 --- a/http/cves/2022/CVE-2022-26138.yaml +++ b/http/cves/2022/CVE-2022-26138.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-26138 cwe-id: CWE-798 - epss-score: 0.97269 - epss-percentile: 0.99838 + epss-score: 0.97262 + epss-percentile: 0.99834 cpe: cpe:2.3:a:atlassian:questions_for_confluence:2.7.34:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-26263.yaml b/http/cves/2022/CVE-2022-26263.yaml index 7d9ad51393..177bda32c5 100644 --- a/http/cves/2022/CVE-2022-26263.yaml +++ b/http/cves/2022/CVE-2022-26263.yaml @@ -22,14 +22,14 @@ info: cve-id: CVE-2022-26263 cwe-id: CWE-79 epss-score: 0.00147 - epss-percentile: 0.49945 + epss-percentile: 0.49736 cpe: cpe:2.3:a:yonyou:u8\+:13.0:*:*:*:*:*:*:* metadata: verified: true vendor: yonyou product: u8\+ google-query: inurl:/u8sl/WebHelp - tags: cve,cve2022,yonyou,xss,headless + tags: cve,cve2022,yonyou,xss headless: - steps: - args: diff --git a/http/cves/2022/CVE-2022-26564.yaml b/http/cves/2022/CVE-2022-26564.yaml index 114d00539c..0dcca515bd 100644 --- a/http/cves/2022/CVE-2022-26564.yaml +++ b/http/cves/2022/CVE-2022-26564.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-26564 cwe-id: CWE-79 epss-score: 0.00097 - epss-percentile: 0.39652 + epss-percentile: 0.39401 cpe: cpe:2.3:a:digitaldruid:hoteldruid:3.0.3:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2022/CVE-2022-26960.yaml b/http/cves/2022/CVE-2022-26960.yaml index 69a8362374..e231a5d9bb 100644 --- a/http/cves/2022/CVE-2022-26960.yaml +++ b/http/cves/2022/CVE-2022-26960.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-26960 cwe-id: CWE-22 epss-score: 0.85922 - epss-percentile: 0.98501 + epss-percentile: 0.98481 cpe: cpe:2.3:a:std42:elfinder:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-27849.yaml b/http/cves/2022/CVE-2022-27849.yaml index 9d25d17416..8aa1ca42b3 100644 --- a/http/cves/2022/CVE-2022-27849.yaml +++ b/http/cves/2022/CVE-2022-27849.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-27849 cwe-id: CWE-200 - epss-score: 0.00785 - epss-percentile: 0.81091 + epss-score: 0.00713 + epss-percentile: 0.80067 cpe: cpe:2.3:a:plugin-planet:simple_ajax_chat:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-27926.yaml b/http/cves/2022/CVE-2022-27926.yaml index 9a279ad73a..4009339caa 100644 --- a/http/cves/2022/CVE-2022-27926.yaml +++ b/http/cves/2022/CVE-2022-27926.yaml @@ -15,14 +15,13 @@ info: - https://wiki.zimbra.com/wiki/Security_Center - https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P24 - https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories - - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-27926 cwe-id: CWE-79 - epss-score: 0.96153 - epss-percentile: 0.99477 + epss-score: 0.91614 + epss-percentile: 0.98683 cpe: cpe:2.3:a:zimbra:collaboration:9.0.0:-:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-27984.yaml b/http/cves/2022/CVE-2022-27984.yaml index 1a4b8027c1..5c9b564a9c 100644 --- a/http/cves/2022/CVE-2022-27984.yaml +++ b/http/cves/2022/CVE-2022-27984.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-27984 cwe-id: CWE-89 - epss-score: 0.02918 - epss-percentile: 0.90612 + epss-score: 0.03664 + epss-percentile: 0.90798 cpe: cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-27985.yaml b/http/cves/2022/CVE-2022-27985.yaml index dd5df333e8..ea4907b28b 100644 --- a/http/cves/2022/CVE-2022-27985.yaml +++ b/http/cves/2022/CVE-2022-27985.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-27985 cwe-id: CWE-89 - epss-score: 0.02613 - epss-percentile: 0.90104 + epss-score: 0.02343 + epss-percentile: 0.89527 cpe: cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-28032.yaml b/http/cves/2022/CVE-2022-28032.yaml index 4a9b01237b..dab4e32a34 100644 --- a/http/cves/2022/CVE-2022-28032.yaml +++ b/http/cves/2022/CVE-2022-28032.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-28032 cwe-id: CWE-89 epss-score: 0.02266 - epss-percentile: 0.89404 + epss-percentile: 0.8936 cpe: cpe:2.3:a:thedigitalcraft:atomcms:2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-29004.yaml b/http/cves/2022/CVE-2022-29004.yaml index 684aacab78..a46c5f606e 100644 --- a/http/cves/2022/CVE-2022-29004.yaml +++ b/http/cves/2022/CVE-2022-29004.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-29004 cwe-id: CWE-79 - epss-score: 0.00254 - epss-percentile: 0.64718 + epss-score: 0.00218 + epss-percentile: 0.59134 cpe: cpe:2.3:a:phpgurukul:e-diary_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-29009.yaml b/http/cves/2022/CVE-2022-29009.yaml index 5ce214286b..a752cb053f 100644 --- a/http/cves/2022/CVE-2022-29009.yaml +++ b/http/cves/2022/CVE-2022-29009.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-29009 cwe-id: CWE-89 - epss-score: 0.12251 - epss-percentile: 0.95287 + epss-score: 0.21257 + epss-percentile: 0.96305 cpe: cpe:2.3:a:phpgurukul:cyber_cafe_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-29014.yaml b/http/cves/2022/CVE-2022-29014.yaml index 26a544ca94..6fd1794a52 100644 --- a/http/cves/2022/CVE-2022-29014.yaml +++ b/http/cves/2022/CVE-2022-29014.yaml @@ -19,8 +19,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-29014 - epss-score: 0.79802 - epss-percentile: 0.9823 + epss-score: 0.77285 + epss-percentile: 0.98135 cpe: cpe:2.3:o:razer:sila_firmware:2.0.441_api-2.0.418:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-29153.yaml b/http/cves/2022/CVE-2022-29153.yaml index eeb4c5e1fe..cde1288f15 100644 --- a/http/cves/2022/CVE-2022-29153.yaml +++ b/http/cves/2022/CVE-2022-29153.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-29153 cwe-id: CWE-918 epss-score: 0.02376 - epss-percentile: 0.8963 + epss-percentile: 0.89603 cpe: cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-29298.yaml b/http/cves/2022/CVE-2022-29298.yaml index 676b4648c6..38ffe1f6b1 100644 --- a/http/cves/2022/CVE-2022-29298.yaml +++ b/http/cves/2022/CVE-2022-29298.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-29298 cwe-id: CWE-22 epss-score: 0.1374 - epss-percentile: 0.95514 + epss-percentile: 0.95497 cpe: cpe:2.3:o:contec:sv-cpt-mc310_firmware:6.00:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-29303.yaml b/http/cves/2022/CVE-2022-29303.yaml index fa5a5be9cf..3f9b0f07ff 100644 --- a/http/cves/2022/CVE-2022-29303.yaml +++ b/http/cves/2022/CVE-2022-29303.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-29303 cwe-id: CWE-78 - epss-score: 0.96638 - epss-percentile: 0.99619 + epss-score: 0.9598 + epss-percentile: 0.99429 cpe: cpe:2.3:o:contec:sv-cpt-mc310_firmware:6.00:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-3062.yaml b/http/cves/2022/CVE-2022-3062.yaml index 2af23a12d2..f00e70105b 100644 --- a/http/cves/2022/CVE-2022-3062.yaml +++ b/http/cves/2022/CVE-2022-3062.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-3062 cwe-id: CWE-79 - epss-score: 0.00122 - epss-percentile: 0.45789 + epss-score: 0.0012 + epss-percentile: 0.46075 cpe: cpe:2.3:a:simplefilelist:simple-file-list:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-31126.yaml b/http/cves/2022/CVE-2022-31126.yaml index 5abae46d84..b411693f94 100644 --- a/http/cves/2022/CVE-2022-31126.yaml +++ b/http/cves/2022/CVE-2022-31126.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-31126 cwe-id: CWE-74 - epss-score: 0.86813 - epss-percentile: 0.98549 + epss-score: 0.84229 + epss-percentile: 0.98401 cpe: cpe:2.3:a:roxy-wi:roxy-wi:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-31299.yaml b/http/cves/2022/CVE-2022-31299.yaml index 869455e3da..c2e724eac2 100644 --- a/http/cves/2022/CVE-2022-31299.yaml +++ b/http/cves/2022/CVE-2022-31299.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-31299 cwe-id: CWE-79 - epss-score: 0.00243 - epss-percentile: 0.63866 + epss-score: 0.00209 + epss-percentile: 0.58245 cpe: cpe:2.3:a:angtech:haraj:3.7:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-31373.yaml b/http/cves/2022/CVE-2022-31373.yaml index 7240487e46..9cd6fdedb7 100644 --- a/http/cves/2022/CVE-2022-31373.yaml +++ b/http/cves/2022/CVE-2022-31373.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-31373 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36646 + epss-percentile: 0.36353 cpe: cpe:2.3:o:contec:sv-cpt-mc310_firmware:6.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-3142.yaml b/http/cves/2022/CVE-2022-3142.yaml index b287354c15..32a47a3e0f 100644 --- a/http/cves/2022/CVE-2022-3142.yaml +++ b/http/cves/2022/CVE-2022-3142.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2022-3142 cwe-id: CWE-89 epss-score: 0.00356 - epss-percentile: 0.7166 + epss-percentile: 0.71515 cpe: cpe:2.3:a:basixonline:nex-forms:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-31798.yaml b/http/cves/2022/CVE-2022-31798.yaml index af4aba13c0..63e878830a 100644 --- a/http/cves/2022/CVE-2022-31798.yaml +++ b/http/cves/2022/CVE-2022-31798.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-31798 cwe-id: CWE-384 epss-score: 0.00126 - epss-percentile: 0.46468 + epss-percentile: 0.46259 cpe: cpe:2.3:o:nortekcontrol:emerge_e3_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-31846.yaml b/http/cves/2022/CVE-2022-31846.yaml index 8a7ec294b3..fa1dde8f5b 100644 --- a/http/cves/2022/CVE-2022-31846.yaml +++ b/http/cves/2022/CVE-2022-31846.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-31846 cwe-id: CWE-668 epss-score: 0.00874 - epss-percentile: 0.82128 + epss-percentile: 0.80651 cpe: cpe:2.3:o:wavlink:wn535g3_firmware:m35g3r.v5030.180927:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-31847.yaml b/http/cves/2022/CVE-2022-31847.yaml index abacb56057..145a1dea6d 100644 --- a/http/cves/2022/CVE-2022-31847.yaml +++ b/http/cves/2022/CVE-2022-31847.yaml @@ -13,15 +13,13 @@ info: reference: - https://github.com/pghuanghui/CVE_Request/blob/main/WAVLINK%20WN579%20X3__Sensitive%20information%20leakage.md - https://nvd.nist.gov/vuln/detail/CVE-2022-31847 - - https://github.com/ARPSyndicate/cvemon - - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-31847 cwe-id: CWE-425 - epss-score: 0.01311 - epss-percentile: 0.85658 + epss-score: 0.01285 + epss-percentile: 0.84308 cpe: cpe:2.3:o:wavlink:wn579x3_firmware:m79x3.v5030.180719:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-31879.yaml b/http/cves/2022/CVE-2022-31879.yaml index 1061593e56..f475a1cadb 100644 --- a/http/cves/2022/CVE-2022-31879.yaml +++ b/http/cves/2022/CVE-2022-31879.yaml @@ -19,8 +19,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-31879 cwe-id: CWE-89 - epss-score: 0.05382 - epss-percentile: 0.9297 + epss-score: 0.05519 + epss-percentile: 0.9247 cpe: cpe:2.3:a:online_fire_reporting_system_project:online_fire_reporting_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-31975.yaml b/http/cves/2022/CVE-2022-31975.yaml index 28e7bac30d..58ef41e98d 100644 --- a/http/cves/2022/CVE-2022-31975.yaml +++ b/http/cves/2022/CVE-2022-31975.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.2 cve-id: CVE-2022-31975 cwe-id: CWE-89 - epss-score: 0.01426 - epss-percentile: 0.86281 + epss-score: 0.00834 + epss-percentile: 0.80157 cpe: cpe:2.3:a:online_fire_reporting_system_project:online_fire_reporting_system:1.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2022/CVE-2022-32015.yaml b/http/cves/2022/CVE-2022-32015.yaml index 3ac1b2d1a3..3fff028ab9 100644 --- a/http/cves/2022/CVE-2022-32015.yaml +++ b/http/cves/2022/CVE-2022-32015.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2022-32015 cwe-id: CWE-89 epss-score: 0.01426 - epss-percentile: 0.86281 + epss-percentile: 0.8625 cpe: cpe:2.3:a:complete_online_job_search_system_project:complete_online_job_search_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-32094.yaml b/http/cves/2022/CVE-2022-32094.yaml index 08a3e4edaf..43fd7e005e 100644 --- a/http/cves/2022/CVE-2022-32094.yaml +++ b/http/cves/2022/CVE-2022-32094.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-32094 cwe-id: CWE-89 - epss-score: 0.02031 - epss-percentile: 0.88725 + epss-score: 0.01192 + epss-percentile: 0.83651 cpe: cpe:2.3:a:hospital_management_system_project:hospital_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-32409.yaml b/http/cves/2022/CVE-2022-32409.yaml index 3372777d59..970cc96d0e 100644 --- a/http/cves/2022/CVE-2022-32409.yaml +++ b/http/cves/2022/CVE-2022-32409.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-32409 cwe-id: CWE-22 epss-score: 0.47251 - epss-percentile: 0.9739 + epss-percentile: 0.97372 cpe: cpe:2.3:a:softwarepublico:i3geo:7.0.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-3242.yaml b/http/cves/2022/CVE-2022-3242.yaml index 165e33be33..ab1b488535 100644 --- a/http/cves/2022/CVE-2022-3242.yaml +++ b/http/cves/2022/CVE-2022-3242.yaml @@ -16,8 +16,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-3242 cwe-id: CWE-79,CWE-94 - epss-score: 0.02436 - epss-percentile: 0.89769 + epss-score: 0.024 + epss-percentile: 0.8882 cpe: cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-32429.yaml b/http/cves/2022/CVE-2022-32429.yaml index 4586429538..f946f1268c 100644 --- a/http/cves/2022/CVE-2022-32429.yaml +++ b/http/cves/2022/CVE-2022-32429.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-32429 cwe-id: CWE-287 epss-score: 0.15342 - epss-percentile: 0.95759 + epss-percentile: 0.95742 cpe: cpe:2.3:o:megatech:msnswitch_firmware:mnt.2408:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-32430.yaml b/http/cves/2022/CVE-2022-32430.yaml index f35f6ea36c..98550c804a 100644 --- a/http/cves/2022/CVE-2022-32430.yaml +++ b/http/cves/2022/CVE-2022-32430.yaml @@ -14,8 +14,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-32430 - epss-score: 0.01615 - epss-percentile: 0.87198 + epss-score: 0.00227 + epss-percentile: 0.60316 cpe: cpe:2.3:a:talelin:lin-cms-spring-boot:0.2.1:*:*:*:*:*:*:* metadata: verified: true @@ -23,7 +23,7 @@ info: vendor: talelin product: lin-cms-spring-boot fofa-query: body="心上无垢,林间有风" - tags: cve,cve2022,lin-cms,auth-bypass,talelin + tags: cve,cve2022,lin-cms,auth-bypass http: - method: GET diff --git a/http/cves/2022/CVE-2022-32444.yaml b/http/cves/2022/CVE-2022-32444.yaml index 8301191d9a..c253fd2076 100644 --- a/http/cves/2022/CVE-2022-32444.yaml +++ b/http/cves/2022/CVE-2022-32444.yaml @@ -13,15 +13,13 @@ info: reference: - https://github.com/u5cms/u5cms/issues/50 - https://nvd.nist.gov/vuln/detail/CVE-2022-32444 - - https://github.com/ARPSyndicate/kenzer-templates - - https://github.com/Sharpforce/cybersecurity classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-32444 cwe-id: CWE-601 - epss-score: 0.00148 - epss-percentile: 0.50059 + epss-score: 0.00237 + epss-percentile: 0.61804 cpe: cpe:2.3:a:yuba:u5cms:8.3.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-32771.yaml b/http/cves/2022/CVE-2022-32771.yaml index dcb921cd25..99d9a0c458 100644 --- a/http/cves/2022/CVE-2022-32771.yaml +++ b/http/cves/2022/CVE-2022-32771.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-32771 cwe-id: CWE-79 epss-score: 0.00074 - epss-percentile: 0.30711 + epss-percentile: 0.30395 cpe: cpe:2.3:a:wwbn:avideo:11.6:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-33891.yaml b/http/cves/2022/CVE-2022-33891.yaml index 0c97bd14e8..0e8cd9ebfd 100644 --- a/http/cves/2022/CVE-2022-33891.yaml +++ b/http/cves/2022/CVE-2022-33891.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-33891 cwe-id: CWE-78 - epss-score: 0.97271 - epss-percentile: 0.99839 + epss-score: 0.97289 + epss-percentile: 0.99851 cpe: cpe:2.3:a:apache:spark:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-33901.yaml b/http/cves/2022/CVE-2022-33901.yaml index 71fa2615a2..2294352f6f 100644 --- a/http/cves/2022/CVE-2022-33901.yaml +++ b/http/cves/2022/CVE-2022-33901.yaml @@ -21,7 +21,7 @@ info: cvss-score: 7.5 cve-id: CVE-2022-33901 epss-score: 0.00779 - epss-percentile: 0.8103 + epss-percentile: 0.80981 cpe: cpe:2.3:a:multisafepay:multisafepay_plugin_for_woocommerce:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-34049.yaml b/http/cves/2022/CVE-2022-34049.yaml index 93cdb24033..c9d91f7d05 100644 --- a/http/cves/2022/CVE-2022-34049.yaml +++ b/http/cves/2022/CVE-2022-34049.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5.3 cve-id: CVE-2022-34049 cwe-id: CWE-552 - epss-score: 0.15551 - epss-percentile: 0.95791 + epss-score: 0.17111 + epss-percentile: 0.95601 cpe: cpe:2.3:o:wavlink:wl-wn530hg4_firmware:m30hg4.v5030.191116:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-34093.yaml b/http/cves/2022/CVE-2022-34093.yaml index 9d88595053..d7d192cc8f 100644 --- a/http/cves/2022/CVE-2022-34093.yaml +++ b/http/cves/2022/CVE-2022-34093.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-34093 cwe-id: CWE-79 - epss-score: 0.00295 - epss-percentile: 0.68829 + epss-score: 0.00266 + epss-percentile: 0.65533 cpe: cpe:2.3:a:softwarepublico:i3geo:7.0.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-34121.yaml b/http/cves/2022/CVE-2022-34121.yaml index fc5db16421..6c023aa399 100644 --- a/http/cves/2022/CVE-2022-34121.yaml +++ b/http/cves/2022/CVE-2022-34121.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-34121 cwe-id: CWE-829 epss-score: 0.66943 - epss-percentile: 0.97878 + epss-percentile: 0.97855 cpe: cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-34328.yaml b/http/cves/2022/CVE-2022-34328.yaml index 12a0be65c1..0cb67471d4 100644 --- a/http/cves/2022/CVE-2022-34328.yaml +++ b/http/cves/2022/CVE-2022-34328.yaml @@ -30,7 +30,7 @@ info: vendor: sigb product: pmb shodan-query: http.html:"PMB Group" - tags: cve,cve2022,pmb,xss,pmb_project,sigb + tags: cve,cve2022,pmb,xss,pmb_project http: - method: GET diff --git a/http/cves/2022/CVE-2022-34753.yaml b/http/cves/2022/CVE-2022-34753.yaml index 4475ee26bf..1124ffaca8 100644 --- a/http/cves/2022/CVE-2022-34753.yaml +++ b/http/cves/2022/CVE-2022-34753.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-34753 cwe-id: CWE-78 epss-score: 0.96923 - epss-percentile: 0.99701 + epss-percentile: 0.99698 cpe: cpe:2.3:o:schneider-electric:spacelogic_c-bus_home_controller_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-35151.yaml b/http/cves/2022/CVE-2022-35151.yaml index c9d2eea035..04519a5b18 100644 --- a/http/cves/2022/CVE-2022-35151.yaml +++ b/http/cves/2022/CVE-2022-35151.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-35151 cwe-id: CWE-79 - epss-score: 0.01698 - epss-percentile: 0.87516 + epss-score: 0.02148 + epss-percentile: 0.8906 cpe: cpe:2.3:a:keking:kkfileview:4.1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-35413.yaml b/http/cves/2022/CVE-2022-35413.yaml index 84e6cdc2db..6dd5baad96 100644 --- a/http/cves/2022/CVE-2022-35413.yaml +++ b/http/cves/2022/CVE-2022-35413.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-35413 cwe-id: CWE-798 - epss-score: 0.74461 - epss-percentile: 0.98075 + epss-score: 0.72077 + epss-percentile: 0.97989 cpe: cpe:2.3:a:pentasecurity:wapples:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-35416.yaml b/http/cves/2022/CVE-2022-35416.yaml index 9e8c168e51..0db605cff6 100644 --- a/http/cves/2022/CVE-2022-35416.yaml +++ b/http/cves/2022/CVE-2022-35416.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-35416 cwe-id: CWE-79 - epss-score: 0.00102 - epss-percentile: 0.40778 + epss-score: 0.00088 + epss-percentile: 0.36353 cpe: cpe:2.3:a:h3c:ssl_vpn:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-36446.yaml b/http/cves/2022/CVE-2022-36446.yaml index e4cb5e5a91..2e554033b9 100644 --- a/http/cves/2022/CVE-2022-36446.yaml +++ b/http/cves/2022/CVE-2022-36446.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-36446 cwe-id: CWE-116 - epss-score: 0.96987 - epss-percentile: 0.99724 + epss-score: 0.97131 + epss-percentile: 0.99752 cpe: cpe:2.3:a:webmin:webmin:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-36537.yaml b/http/cves/2022/CVE-2022-36537.yaml index 522a3454dc..95d822f1fc 100644 --- a/http/cves/2022/CVE-2022-36537.yaml +++ b/http/cves/2022/CVE-2022-36537.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-36537 cwe-id: CWE-200 epss-score: 0.95859 - epss-percentile: 0.99409 + epss-percentile: 0.99401 cpe: cpe:2.3:a:zkoss:zk_framework:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-36553.yaml b/http/cves/2022/CVE-2022-36553.yaml index 7076fbe4fc..02820f6e49 100644 --- a/http/cves/2022/CVE-2022-36553.yaml +++ b/http/cves/2022/CVE-2022-36553.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-36553 cwe-id: CWE-77 - epss-score: 0.39966 - epss-percentile: 0.97186 + epss-score: 0.46383 + epss-percentile: 0.9713 cpe: cpe:2.3:o:hytec:hwl-2511-ss_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-36642.yaml b/http/cves/2022/CVE-2022-36642.yaml index 360101767a..3e07bba2f3 100644 --- a/http/cves/2022/CVE-2022-36642.yaml +++ b/http/cves/2022/CVE-2022-36642.yaml @@ -15,14 +15,13 @@ info: - https://cyber-guy.gitbook.io/cyber-guy/pocs/omnia-node-mpx-auth-bypass-via-lfd - https://nvd.nist.gov/vuln/detail/CVE-2022-36642 - https://www.telosalliance.com/radio-processing/audio-interfaces/omnia-mpx-node - - https://github.com/lolminerxmrig/Capricornus classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-36642 cwe-id: CWE-862 - epss-score: 0.71096 - epss-percentile: 0.97991 + epss-score: 0.68515 + epss-percentile: 0.97692 cpe: cpe:2.3:o:telosalliance:omnia_mpx_node_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-36804.yaml b/http/cves/2022/CVE-2022-36804.yaml index 61a5919e0a..6200beeadd 100644 --- a/http/cves/2022/CVE-2022-36804.yaml +++ b/http/cves/2022/CVE-2022-36804.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-36804 cwe-id: CWE-77 - epss-score: 0.97358 - epss-percentile: 0.99891 + epss-score: 0.97343 + epss-percentile: 0.99886 cpe: cpe:2.3:a:atlassian:bitbucket:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-37190.yaml b/http/cves/2022/CVE-2022-37190.yaml index 0bae2fedf0..2676a9c412 100644 --- a/http/cves/2022/CVE-2022-37190.yaml +++ b/http/cves/2022/CVE-2022-37190.yaml @@ -19,8 +19,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-37190 cwe-id: CWE-732 - epss-score: 0.12884 - epss-percentile: 0.95382 + epss-score: 0.02018 + epss-percentile: 0.8771 cpe: cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-3800.yaml b/http/cves/2022/CVE-2022-3800.yaml index 75ac8c4bc1..0e1e14bfce 100644 --- a/http/cves/2022/CVE-2022-3800.yaml +++ b/http/cves/2022/CVE-2022-3800.yaml @@ -14,14 +14,13 @@ info: - https://github.com/IBAX-io/go-ibax/issues/2061 - https://vuldb.com/?id.212636 - https://nvd.nist.gov/vuln/detail/CVE-2022-3800 - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2022-3800 cwe-id: CWE-89,CWE-707 - epss-score: 0.05903 - epss-percentile: 0.93297 + epss-score: 0.05291 + epss-percentile: 0.92303 cpe: cpe:2.3:a:ibax:go-ibax:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-38131.yaml b/http/cves/2022/CVE-2022-38131.yaml index 68b26e114b..c7bf808a41 100644 --- a/http/cves/2022/CVE-2022-38131.yaml +++ b/http/cves/2022/CVE-2022-38131.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-38131 cwe-id: CWE-601 - epss-score: 0.001 - epss-percentile: 0.40391 + epss-score: 0.0006 + epss-percentile: 0.23591 cpe: cpe:2.3:a:rstudio:connect:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-38295.yaml b/http/cves/2022/CVE-2022-38295.yaml index 8c4e3cd174..95f0612c1b 100644 --- a/http/cves/2022/CVE-2022-38295.yaml +++ b/http/cves/2022/CVE-2022-38295.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-38295 cwe-id: CWE-79 - epss-score: 0.00253 - epss-percentile: 0.64645 + epss-score: 0.00269 + epss-percentile: 0.64416 cpe: cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-38463.yaml b/http/cves/2022/CVE-2022-38463.yaml index 0201256f54..910d6cdbc6 100644 --- a/http/cves/2022/CVE-2022-38463.yaml +++ b/http/cves/2022/CVE-2022-38463.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-38463 cwe-id: CWE-79 epss-score: 0.00174 - epss-percentile: 0.53834 + epss-percentile: 0.53646 cpe: cpe:2.3:a:servicenow:servicenow:san_diego:patch_4:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-38553.yaml b/http/cves/2022/CVE-2022-38553.yaml index 2ddc8ac443..faef6326e0 100644 --- a/http/cves/2022/CVE-2022-38553.yaml +++ b/http/cves/2022/CVE-2022-38553.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-38553 cwe-id: CWE-79 - epss-score: 0.0019 - epss-percentile: 0.55666 + epss-score: 0.00218 + epss-percentile: 0.5972 cpe: cpe:2.3:a:creativeitem:academy_learning_management_system:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-38637.yaml b/http/cves/2022/CVE-2022-38637.yaml index 64aa7fa475..e66c68ee6d 100644 --- a/http/cves/2022/CVE-2022-38637.yaml +++ b/http/cves/2022/CVE-2022-38637.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-38637 cwe-id: CWE-89 - epss-score: 0.01425 - epss-percentile: 0.86269 + epss-score: 0.01231 + epss-percentile: 0.85126 cpe: cpe:2.3:a:hospital_management_system_project:hospital_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-3934.yaml b/http/cves/2022/CVE-2022-3934.yaml index 4d6db858eb..5dbc2c3283 100644 --- a/http/cves/2022/CVE-2022-3934.yaml +++ b/http/cves/2022/CVE-2022-3934.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-3934 cwe-id: CWE-79 epss-score: 0.00092 - epss-percentile: 0.38225 + epss-percentile: 0.37956 cpe: cpe:2.3:a:mehanoid:flat_pm:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-3980.yaml b/http/cves/2022/CVE-2022-3980.yaml index 64dd047f2e..a0550b3a6f 100644 --- a/http/cves/2022/CVE-2022-3980.yaml +++ b/http/cves/2022/CVE-2022-3980.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-3980 cwe-id: CWE-611 - epss-score: 0.41283 - epss-percentile: 0.97222 + epss-score: 0.49036 + epss-percentile: 0.97431 cpe: cpe:2.3:a:sophos:mobile:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-40022.yaml b/http/cves/2022/CVE-2022-40022.yaml index aedd605ac4..4d2e1d1f67 100644 --- a/http/cves/2022/CVE-2022-40022.yaml +++ b/http/cves/2022/CVE-2022-40022.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-40022 cwe-id: CWE-77 epss-score: 0.82869 - epss-percentile: 0.98358 + epss-percentile: 0.98341 cpe: cpe:2.3:o:microchip:syncserver_s650_firmware:-:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2022/CVE-2022-40127.yaml b/http/cves/2022/CVE-2022-40127.yaml index 380718c201..2ab8306634 100644 --- a/http/cves/2022/CVE-2022-40127.yaml +++ b/http/cves/2022/CVE-2022-40127.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-40127 cwe-id: CWE-94 - epss-score: 0.27162 - epss-percentile: 0.9669 + epss-score: 0.28782 + epss-percentile: 0.96752 cpe: cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-4049.yaml b/http/cves/2022/CVE-2022-4049.yaml index 98ccf3a11c..224eae8487 100644 --- a/http/cves/2022/CVE-2022-4049.yaml +++ b/http/cves/2022/CVE-2022-4049.yaml @@ -16,8 +16,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-4049 cwe-id: CWE-89 - epss-score: 0.04713 - epss-percentile: 0.92485 + epss-score: 0.04217 + epss-percentile: 0.92045 cpe: cpe:2.3:a:wp_user_project:wp_user:*:*:*:*:*:wordpress:*:* metadata: verified: "true" diff --git a/http/cves/2022/CVE-2022-4057.yaml b/http/cves/2022/CVE-2022-4057.yaml index a1c93872b1..9cc0272f1e 100644 --- a/http/cves/2022/CVE-2022-4057.yaml +++ b/http/cves/2022/CVE-2022-4057.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.3 cve-id: CVE-2022-4057 cwe-id: CWE-425 - epss-score: 0.00154 - epss-percentile: 0.5102 + epss-score: 0.00125 + epss-percentile: 0.46949 cpe: cpe:2.3:a:optimizingmatters:autooptimize:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-4060.yaml b/http/cves/2022/CVE-2022-4060.yaml index 6c6eb5f9f0..1e005b5d4a 100644 --- a/http/cves/2022/CVE-2022-4060.yaml +++ b/http/cves/2022/CVE-2022-4060.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-4060 cwe-id: CWE-94 epss-score: 0.03753 - epss-percentile: 0.91639 + epss-percentile: 0.91618 cpe: cpe:2.3:a:odude:user_post_gallery:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-4063.yaml b/http/cves/2022/CVE-2022-4063.yaml index 032ae197a8..892680e979 100644 --- a/http/cves/2022/CVE-2022-4063.yaml +++ b/http/cves/2022/CVE-2022-4063.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-4063 cwe-id: CWE-22 - epss-score: 0.05113 - epss-percentile: 0.92792 + epss-score: 0.04425 + epss-percentile: 0.92213 cpe: cpe:2.3:a:pluginus:inpost_gallery:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-40684.yaml b/http/cves/2022/CVE-2022-40684.yaml index 69c2703605..e8e301003a 100644 --- a/http/cves/2022/CVE-2022-40684.yaml +++ b/http/cves/2022/CVE-2022-40684.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-40684 cwe-id: CWE-287 - epss-score: 0.97169 - epss-percentile: 0.99793 + epss-score: 0.97217 + epss-percentile: 0.99817 cpe: cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-40879.yaml b/http/cves/2022/CVE-2022-40879.yaml index 23db063d6d..0132443048 100644 --- a/http/cves/2022/CVE-2022-40879.yaml +++ b/http/cves/2022/CVE-2022-40879.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-40879 cwe-id: CWE-79 epss-score: 0.03708 - epss-percentile: 0.91592 + epss-percentile: 0.91567 cpe: cpe:2.3:a:keking:kkfileview:4.1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-40881.yaml b/http/cves/2022/CVE-2022-40881.yaml index dcea8120e7..929886f5a0 100644 --- a/http/cves/2022/CVE-2022-40881.yaml +++ b/http/cves/2022/CVE-2022-40881.yaml @@ -14,15 +14,13 @@ info: - https://github.com/Timorlover/SolarView_Compact_6.0_rce_via_network_test.php - https://github.com/advisories/GHSA-wx3r-88rg-whxq - https://nvd.nist.gov/vuln/detail/CVE-2022-40881 - - https://github.com/KayCHENvip/vulnerability-poc - - https://github.com/Threekiii/Awesome-POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-40881 cwe-id: CWE-77 - epss-score: 0.96098 - epss-percentile: 0.99466 + epss-score: 0.96169 + epss-percentile: 0.99389 cpe: cpe:2.3:o:contec:solarview_compact_firmware:6.00:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-41412.yaml b/http/cves/2022/CVE-2022-41412.yaml index a47bb0214a..5af2d670a0 100644 --- a/http/cves/2022/CVE-2022-41412.yaml +++ b/http/cves/2022/CVE-2022-41412.yaml @@ -21,11 +21,11 @@ info: epss-percentile: 0.45431 cpe: cpe:2.3:a:perfsonar:perfsonar:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 vendor: perfsonar product: perfsonar fofa-query: title="perfSONAR Toolkit" + verified: true tags: cve,cve2022,ssrf,hackerone,packetstorm,perfsonar http: diff --git a/http/cves/2022/CVE-2022-42233.yaml b/http/cves/2022/CVE-2022-42233.yaml index 5ad41c0dc4..bbcead7f84 100644 --- a/http/cves/2022/CVE-2022-42233.yaml +++ b/http/cves/2022/CVE-2022-42233.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-42233 cwe-id: CWE-287 - epss-score: 0.8456 - epss-percentile: 0.98438 + epss-score: 0.87277 + epss-percentile: 0.9839 cpe: cpe:2.3:o:tenda:11n_firmware:5.07.33_cn:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-4260.yaml b/http/cves/2022/CVE-2022-4260.yaml index f0558f9323..0752ba3d76 100644 --- a/http/cves/2022/CVE-2022-4260.yaml +++ b/http/cves/2022/CVE-2022-4260.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-4260 cwe-id: CWE-79 epss-score: 0.00092 - epss-percentile: 0.38483 + epss-percentile: 0.38207 cpe: cpe:2.3:a:wp-ban_project:wp-ban:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-42748.yaml b/http/cves/2022/CVE-2022-42748.yaml index 9df935c18a..1dc7d0f8b4 100644 --- a/http/cves/2022/CVE-2022-42748.yaml +++ b/http/cves/2022/CVE-2022-42748.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-42748 cwe-id: CWE-79 epss-score: 0.00109 - epss-percentile: 0.43061 + epss-percentile: 0.42811 cpe: cpe:2.3:a:auieo:candidats:3.0.0:-:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-42749.yaml b/http/cves/2022/CVE-2022-42749.yaml index d904f9e3aa..0bac3de00d 100644 --- a/http/cves/2022/CVE-2022-42749.yaml +++ b/http/cves/2022/CVE-2022-42749.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-42749 cwe-id: CWE-79 epss-score: 0.00109 - epss-percentile: 0.43061 + epss-percentile: 0.42811 cpe: cpe:2.3:a:auieo:candidats:3.0.0:-:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-43014.yaml b/http/cves/2022/CVE-2022-43014.yaml index 0e05953a15..e9be075582 100644 --- a/http/cves/2022/CVE-2022-43014.yaml +++ b/http/cves/2022/CVE-2022-43014.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-43014 cwe-id: CWE-79 - epss-score: 0.00117 - epss-percentile: 0.44947 + epss-score: 0.00099 + epss-percentile: 0.39871 cpe: cpe:2.3:a:opencats:opencats:0.9.6:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-43018.yaml b/http/cves/2022/CVE-2022-43018.yaml index bab1e81e24..5b1583f4d7 100644 --- a/http/cves/2022/CVE-2022-43018.yaml +++ b/http/cves/2022/CVE-2022-43018.yaml @@ -11,16 +11,13 @@ info: reference: - https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_checkEmail.md - https://nvd.nist.gov/vuln/detail/CVE-2022-43018 - - https://github.com/ARPSyndicate/cvemon - - https://github.com/ARPSyndicate/kenzer-templates - - https://github.com/Henry4E36/POCS classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-43018 cwe-id: CWE-79 - epss-score: 0.00117 - epss-percentile: 0.44947 + epss-score: 0.00099 + epss-percentile: 0.40565 cpe: cpe:2.3:a:opencats:opencats:0.9.6:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-4305.yaml b/http/cves/2022/CVE-2022-4305.yaml index f031ba44dc..d8b5febff5 100644 --- a/http/cves/2022/CVE-2022-4305.yaml +++ b/http/cves/2022/CVE-2022-4305.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2022-4305 cwe-id: CWE-269 epss-score: 0.04963 - epss-percentile: 0.92668 + epss-percentile: 0.92644 cpe: cpe:2.3:a:wp-buy:login_as_user_or_customer_\(user_switching\):*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-4306.yaml b/http/cves/2022/CVE-2022-4306.yaml index a84fab0e6d..af318067a5 100644 --- a/http/cves/2022/CVE-2022-4306.yaml +++ b/http/cves/2022/CVE-2022-4306.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-4306 cwe-id: CWE-79 epss-score: 0.00092 - epss-percentile: 0.38225 + epss-percentile: 0.37956 cpe: cpe:2.3:a:panda_pods_repeater_field_project:panda_pods_repeater_field:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-43140.yaml b/http/cves/2022/CVE-2022-43140.yaml index 9b7d00cc01..e3e3d11b41 100644 --- a/http/cves/2022/CVE-2022-43140.yaml +++ b/http/cves/2022/CVE-2022-43140.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-43140 cwe-id: CWE-918 - epss-score: 0.02141 - epss-percentile: 0.89072 + epss-score: 0.15211 + epss-percentile: 0.95316 cpe: cpe:2.3:a:keking:kkfileview:4.1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-43164.yaml b/http/cves/2022/CVE-2022-43164.yaml index 742ac5be18..0ee7cc148d 100644 --- a/http/cves/2022/CVE-2022-43164.yaml +++ b/http/cves/2022/CVE-2022-43164.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.4 cve-id: CVE-2022-43164 cwe-id: CWE-79 - epss-score: 0.00197 - epss-percentile: 0.56746 + epss-score: 0.003 + epss-percentile: 0.66367 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2022/CVE-2022-43165.yaml b/http/cves/2022/CVE-2022-43165.yaml index 361d7adba0..2d5f2093c6 100644 --- a/http/cves/2022/CVE-2022-43165.yaml +++ b/http/cves/2022/CVE-2022-43165.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-43165 cwe-id: CWE-79 epss-score: 0.00197 - epss-percentile: 0.56746 + epss-percentile: 0.56575 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-43169.yaml b/http/cves/2022/CVE-2022-43169.yaml index 02be1737b9..afbf5927fe 100644 --- a/http/cves/2022/CVE-2022-43169.yaml +++ b/http/cves/2022/CVE-2022-43169.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.4 cve-id: CVE-2022-43169 cwe-id: CWE-79 - epss-score: 0.00197 - epss-percentile: 0.56746 + epss-score: 0.003 + epss-percentile: 0.66367 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-43769.yaml b/http/cves/2022/CVE-2022-43769.yaml index d68f321797..b51fa0f7e1 100644 --- a/http/cves/2022/CVE-2022-43769.yaml +++ b/http/cves/2022/CVE-2022-43769.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.2 cve-id: CVE-2022-43769 cwe-id: CWE-94,CWE-74 - epss-score: 0.66895 - epss-percentile: 0.97876 + epss-score: 0.33038 + epss-percentile: 0.96634 cpe: cpe:2.3:a:hitachi:vantara_pentaho_business_analytics_server:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-44291.yaml b/http/cves/2022/CVE-2022-44291.yaml index df72d9ef39..945f09a011 100644 --- a/http/cves/2022/CVE-2022-44291.yaml +++ b/http/cves/2022/CVE-2022-44291.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2022-44291 cwe-id: CWE-89 epss-score: 0.01336 - epss-percentile: 0.85797 + epss-percentile: 0.8578 cpe: cpe:2.3:a:webtareas_project:webtareas:2.4:p5:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-44944.yaml b/http/cves/2022/CVE-2022-44944.yaml index 7d715b1cce..a969924eae 100644 --- a/http/cves/2022/CVE-2022-44944.yaml +++ b/http/cves/2022/CVE-2022-44944.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-44944 cwe-id: CWE-79 epss-score: 0.00091 - epss-percentile: 0.38103 + epss-percentile: 0.37842 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-44947.yaml b/http/cves/2022/CVE-2022-44947.yaml index 8c4a29ef16..c7a0067ab7 100644 --- a/http/cves/2022/CVE-2022-44947.yaml +++ b/http/cves/2022/CVE-2022-44947.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-44947 cwe-id: CWE-79 epss-score: 0.00109 - epss-percentile: 0.42963 + epss-percentile: 0.43483 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-44949.yaml b/http/cves/2022/CVE-2022-44949.yaml index 9a2080b5a3..0360fbb3cf 100644 --- a/http/cves/2022/CVE-2022-44949.yaml +++ b/http/cves/2022/CVE-2022-44949.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-44949 cwe-id: CWE-79 epss-score: 0.00091 - epss-percentile: 0.38103 + epss-percentile: 0.37842 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-44950.yaml b/http/cves/2022/CVE-2022-44950.yaml index 5c829c2af4..c6c75dba21 100644 --- a/http/cves/2022/CVE-2022-44950.yaml +++ b/http/cves/2022/CVE-2022-44950.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-44950 cwe-id: CWE-79 epss-score: 0.00091 - epss-percentile: 0.38103 + epss-percentile: 0.37842 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-45037.yaml b/http/cves/2022/CVE-2022-45037.yaml index 02b3f22f22..b6bf794878 100644 --- a/http/cves/2022/CVE-2022-45037.yaml +++ b/http/cves/2022/CVE-2022-45037.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-45037 cwe-id: CWE-79 epss-score: 0.00092 - epss-percentile: 0.38225 + epss-percentile: 0.37956 cpe: cpe:2.3:a:wbce:wbce_cms:1.5.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-45038.yaml b/http/cves/2022/CVE-2022-45038.yaml index 9f59a64688..3d239db9e3 100644 --- a/http/cves/2022/CVE-2022-45038.yaml +++ b/http/cves/2022/CVE-2022-45038.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-45038 cwe-id: CWE-79 epss-score: 0.00092 - epss-percentile: 0.38225 + epss-percentile: 0.37956 cpe: cpe:2.3:a:wbce:wbce_cms:1.5.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-45354.yaml b/http/cves/2022/CVE-2022-45354.yaml index 6fb273f6f9..1a67257e6a 100644 --- a/http/cves/2022/CVE-2022-45354.yaml +++ b/http/cves/2022/CVE-2022-45354.yaml @@ -19,9 +19,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-45354 - cwe-id: CWE-200,NVD-CWE-noinfo epss-score: 0.00408 - epss-percentile: 0.73414 + epss-percentile: 0.73349 cpe: cpe:2.3:a:wpchill:download_monitor:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -30,7 +29,7 @@ info: product: download_monitor framework: wordpress shodan-query: html:"/wp-content/plugins/download-monitor/" - tags: cve,cve2022,wordpress,wp-plugin,download-monitor,wp,wpchill + tags: cve,cve2022,wordpress,wp-plugin,download-monitor,wp http: - method: GET diff --git a/http/cves/2022/CVE-2022-45365.yaml b/http/cves/2022/CVE-2022-45365.yaml index 56c84b43dd..7918ee902b 100644 --- a/http/cves/2022/CVE-2022-45365.yaml +++ b/http/cves/2022/CVE-2022-45365.yaml @@ -28,7 +28,7 @@ info: product: stock_ticker framework: wordpress publicwww-query: "/wp-content/plugins/stock-ticker/" - tags: cve2022,cve,wordpress,wp-plugin,wpscan,wp,stock-ticker,unauth,xss,urosevic + tags: cve2022,cve,wordpress,wp-plugin,wpscan,wp,stock-ticker,unauth,xss http: - raw: diff --git a/http/cves/2022/CVE-2022-45805.yaml b/http/cves/2022/CVE-2022-45805.yaml index 6483da7058..7b9cc20217 100644 --- a/http/cves/2022/CVE-2022-45805.yaml +++ b/http/cves/2022/CVE-2022-45805.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-45805 cwe-id: CWE-89 epss-score: 0.00486 - epss-percentile: 0.7562 + epss-percentile: 0.75524 cpe: cpe:2.3:a:paytm:payment_gateway:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-45917.yaml b/http/cves/2022/CVE-2022-45917.yaml index d2aa47f312..3c988bbd4b 100644 --- a/http/cves/2022/CVE-2022-45917.yaml +++ b/http/cves/2022/CVE-2022-45917.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-45917 cwe-id: CWE-601 epss-score: 0.00221 - epss-percentile: 0.59726 + epss-percentile: 0.60222 cpe: cpe:2.3:a:ilias:ilias:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-46071.yaml b/http/cves/2022/CVE-2022-46071.yaml index c0b47a128d..b4b8c945ae 100644 --- a/http/cves/2022/CVE-2022-46071.yaml +++ b/http/cves/2022/CVE-2022-46071.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2022-46071 cwe-id: CWE-89 epss-score: 0.01454 - epss-percentile: 0.86421 + epss-percentile: 0.86393 cpe: cpe:2.3:a:helmet_store_showroom_site_project:helmet_store_showroom_site:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-47002.yaml b/http/cves/2022/CVE-2022-47002.yaml index eef77120e8..7e75887974 100644 --- a/http/cves/2022/CVE-2022-47002.yaml +++ b/http/cves/2022/CVE-2022-47002.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-47002 cwe-id: CWE-863 epss-score: 0.0395 - epss-percentile: 0.91834 + epss-percentile: 0.91808 cpe: cpe:2.3:a:masacms:masacms:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-47966.yaml b/http/cves/2022/CVE-2022-47966.yaml index 8299a16c2f..d94cd6858d 100644 --- a/http/cves/2022/CVE-2022-47966.yaml +++ b/http/cves/2022/CVE-2022-47966.yaml @@ -21,7 +21,7 @@ info: cvss-score: 9.8 cve-id: CVE-2022-47966 epss-score: 0.97422 - epss-percentile: 0.99931 + epss-percentile: 0.9993 cpe: cpe:2.3:a:zohocorp:manageengine_access_manager_plus:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0099.yaml b/http/cves/2023/CVE-2023-0099.yaml index e7d00100fb..8528e84fbe 100644 --- a/http/cves/2023/CVE-2023-0099.yaml +++ b/http/cves/2023/CVE-2023-0099.yaml @@ -13,15 +13,13 @@ info: - https://wpscan.com/vulnerability/fd50f2d6-e420-4220-b485-73f33227e8f8 - https://wordpress.org/plugins/simple-urls/ - https://nvd.nist.gov/vuln/detail/CVE-2023-0099 - - http://packetstormsecurity.com/files/176983/WordPress-Simple-URLs-Cross-Site-Scripting.html - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-0099 cwe-id: CWE-79 - epss-score: 0.00109 - epss-percentile: 0.43061 + epss-score: 0.00078 + epss-percentile: 0.32657 cpe: cpe:2.3:a:getlasso:simple_urls:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0126.yaml b/http/cves/2023/CVE-2023-0126.yaml index 417e6a6761..abfe116aa8 100644 --- a/http/cves/2023/CVE-2023-0126.yaml +++ b/http/cves/2023/CVE-2023-0126.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-0126 cwe-id: CWE-22 - epss-score: 0.26633 - epss-percentile: 0.96656 + epss-score: 0.34658 + epss-percentile: 0.96997 cpe: cpe:2.3:o:sonicwall:sma1000_firmware:12.4.2:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-0159.yaml b/http/cves/2023/CVE-2023-0159.yaml index 408ca5b38f..62bb1475b4 100644 --- a/http/cves/2023/CVE-2023-0159.yaml +++ b/http/cves/2023/CVE-2023-0159.yaml @@ -7,7 +7,7 @@ info: description: | The plugin does not validate a parameter passed to the php extract function when loading templates, allowing an unauthenticated attacker to override the template path to read arbitrary files from the hosts file system. This may be escalated to RCE using PHP filter chains. remediation: Fixed in 1.9.1 - reference: |- + reference: | - https://wpscan.com/vulnerability/239ea870-66e5-4754-952e-74d4dd60b809/ - https://github.com/im-hanzou/EVCer - https://github.com/nomi-sec/PoC-in-GitHub @@ -17,16 +17,15 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-0159 - epss-score: 0.00687 - epss-percentile: 0.79734 + epss-score: 0.00199 + epss-percentile: 0.56869 cpe: cpe:2.3:a:wprealize:extensive_vc_addons_for_wpbakery_page_builder:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 vendor: wprealize - product: "extensive_vc_addons_for_wpbakery_page_builder" + product: extensive_vc_addons_for_wpbakery_page_builder framework: wordpress publicwww-query: "/wp-content/plugins/extensive-vc-addon/" - tags: cve,cve2023,wordpress,wpbakery,wp-plugin,lfi,extensive-vc-addon,wprealize + tags: cve,cve2023,wordpress,wpbakery,wp-plugin,lfi,extensive-vc-addon http: - raw: diff --git a/http/cves/2023/CVE-2023-0236.yaml b/http/cves/2023/CVE-2023-0236.yaml index 6a7053627c..b5fbe5c507 100644 --- a/http/cves/2023/CVE-2023-0236.yaml +++ b/http/cves/2023/CVE-2023-0236.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2023-0236 cwe-id: CWE-79 epss-score: 0.00119 - epss-percentile: 0.4541 + epss-percentile: 0.45193 cpe: cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0527.yaml b/http/cves/2023/CVE-2023-0527.yaml index c462094d60..526013cd9d 100644 --- a/http/cves/2023/CVE-2023-0527.yaml +++ b/http/cves/2023/CVE-2023-0527.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-0527 cwe-id: CWE-79 - epss-score: 0.0047 - epss-percentile: 0.75165 + epss-score: 0.00228 + epss-percentile: 0.6097 cpe: cpe:2.3:a:online_security_guards_hiring_system_project:online_security_guards_hiring_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0562.yaml b/http/cves/2023/CVE-2023-0562.yaml index ae1df44846..64a16cf314 100644 --- a/http/cves/2023/CVE-2023-0562.yaml +++ b/http/cves/2023/CVE-2023-0562.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2023-0562 cwe-id: CWE-89 epss-score: 0.02218 - epss-percentile: 0.89274 + epss-percentile: 0.89242 cpe: cpe:2.3:a:phpgurukul:bank_locker_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0602.yaml b/http/cves/2023/CVE-2023-0602.yaml index 0c60a4bd49..e53dffbe2e 100644 --- a/http/cves/2023/CVE-2023-0602.yaml +++ b/http/cves/2023/CVE-2023-0602.yaml @@ -15,8 +15,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-0602 cwe-id: CWE-79 - epss-score: 0.00071 - epss-percentile: 0.29279 + epss-score: 0.00064 + epss-percentile: 0.26204 cpe: cpe:2.3:a:johnniejodelljr:twittee_text_tweet:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0678.yaml b/http/cves/2023/CVE-2023-0678.yaml index 5f9cd7119e..492f3fd699 100644 --- a/http/cves/2023/CVE-2023-0678.yaml +++ b/http/cves/2023/CVE-2023-0678.yaml @@ -15,10 +15,9 @@ info: cwe-id: CWE-862 cpe: cpe:2.3:a:phpipam:phpipam:*:*:*:*:*:*:*:* metadata: - max-request: 1 vendor: phpipam product: phpipam - shodan-query: "html:\"phpIPAM IP address management\"" + shodan-query: html:"phpIPAM IP address management" tags: cve,cve2023,php,phpipam,unauth http: diff --git a/http/cves/2023/CVE-2023-0942.yaml b/http/cves/2023/CVE-2023-0942.yaml index 09a7b38220..e882c0a3ab 100644 --- a/http/cves/2023/CVE-2023-0942.yaml +++ b/http/cves/2023/CVE-2023-0942.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-0942 cwe-id: CWE-79 - epss-score: 0.00513 - epss-percentile: 0.76286 + epss-score: 0.0049 + epss-percentile: 0.7561 cpe: cpe:2.3:a:artisanworkshop:japanized_for_woocommerce:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0947.yaml b/http/cves/2023/CVE-2023-0947.yaml index 69dcf08f93..69843c26b2 100644 --- a/http/cves/2023/CVE-2023-0947.yaml +++ b/http/cves/2023/CVE-2023-0947.yaml @@ -15,8 +15,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-0947 cwe-id: CWE-22 - epss-score: 0.01201 - epss-percentile: 0.84926 + epss-score: 0.0114 + epss-percentile: 0.84427 cpe: cpe:2.3:a:flatpress:flatpress:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0948.yaml b/http/cves/2023/CVE-2023-0948.yaml index 97c9805e11..39f153eda8 100644 --- a/http/cves/2023/CVE-2023-0948.yaml +++ b/http/cves/2023/CVE-2023-0948.yaml @@ -18,8 +18,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-0948 cwe-id: CWE-79 - epss-score: 0.00081 - epss-percentile: 0.33773 + epss-score: 0.00071 + epss-percentile: 0.29003 cpe: cpe:2.3:a:artisanworkshop:japanized_for_woocommerce:*:*:*:*:*:wordpress:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-0968.yaml b/http/cves/2023/CVE-2023-0968.yaml index c799988ea9..16ff8ebd50 100644 --- a/http/cves/2023/CVE-2023-0968.yaml +++ b/http/cves/2023/CVE-2023-0968.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-0968 cwe-id: CWE-79 - epss-score: 0.00262 - epss-percentile: 0.65454 + epss-score: 0.00229 + epss-percentile: 0.61047 cpe: cpe:2.3:a:kibokolabs:watu_quiz:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1080.yaml b/http/cves/2023/CVE-2023-1080.yaml index 8e60eb0865..9a7d4ce305 100644 --- a/http/cves/2023/CVE-2023-1080.yaml +++ b/http/cves/2023/CVE-2023-1080.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-1080 cwe-id: CWE-79 - epss-score: 0.00262 - epss-percentile: 0.65454 + epss-score: 0.0025 + epss-percentile: 0.64332 cpe: cpe:2.3:a:gnpublisher:gn_publisher:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1263.yaml b/http/cves/2023/CVE-2023-1263.yaml index af0cbf9bfb..3ff851d678 100644 --- a/http/cves/2023/CVE-2023-1263.yaml +++ b/http/cves/2023/CVE-2023-1263.yaml @@ -18,8 +18,8 @@ info: cvss-score: 5.3 cve-id: CVE-2023-1263 cwe-id: CWE-200 - epss-score: 0.00245 - epss-percentile: 0.64053 + epss-score: 0.00238 + epss-percentile: 0.61195 cpe: cpe:2.3:a:niteothemes:coming_soon_\&_maintenance:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1454.yaml b/http/cves/2023/CVE-2023-1454.yaml index 5c9fd81106..475f7f3a27 100644 --- a/http/cves/2023/CVE-2023-1454.yaml +++ b/http/cves/2023/CVE-2023-1454.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-1454 cwe-id: CWE-89 - epss-score: 0.0868 - epss-percentile: 0.94397 + epss-score: 0.04509 + epss-percentile: 0.92282 cpe: cpe:2.3:a:jeecg:jeecg-boot:3.5.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-1496.yaml b/http/cves/2023/CVE-2023-1496.yaml index dff16f2941..ea5d2f901e 100644 --- a/http/cves/2023/CVE-2023-1496.yaml +++ b/http/cves/2023/CVE-2023-1496.yaml @@ -17,8 +17,8 @@ info: cvss-score: 5.4 cve-id: CVE-2023-1496 cwe-id: CWE-79 - epss-score: 0.00091 - epss-percentile: 0.38103 + epss-score: 0.00085 + epss-percentile: 0.34963 cpe: cpe:2.3:a:evilmartians:imgproxy:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1698.yaml b/http/cves/2023/CVE-2023-1698.yaml index d0917cb32d..905690f7d5 100644 --- a/http/cves/2023/CVE-2023-1698.yaml +++ b/http/cves/2023/CVE-2023-1698.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2023-1698 cwe-id: CWE-78 epss-score: 0.55051 - epss-percentile: 0.97596 + epss-percentile: 0.97591 cpe: cpe:2.3:o:wago:compact_controller_100_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-1719.yaml b/http/cves/2023/CVE-2023-1719.yaml index 7b9f5bea93..7dff6c4314 100644 --- a/http/cves/2023/CVE-2023-1719.yaml +++ b/http/cves/2023/CVE-2023-1719.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2023-1719 cwe-id: CWE-665 epss-score: 0.02807 - epss-percentile: 0.90452 + epss-percentile: 0.90415 cpe: cpe:2.3:a:bitrix24:bitrix24:22.0.300:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1780.yaml b/http/cves/2023/CVE-2023-1780.yaml index aec7adb354..f57c2fb70a 100644 --- a/http/cves/2023/CVE-2023-1780.yaml +++ b/http/cves/2023/CVE-2023-1780.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2023-1780 cwe-id: CWE-79 epss-score: 0.00071 - epss-percentile: 0.29363 + epss-percentile: 0.2903 cpe: cpe:2.3:a:codeermeneer:companion_sitemap_generator:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1880.yaml b/http/cves/2023/CVE-2023-1880.yaml index 4bdffcc4d6..f4b580719f 100644 --- a/http/cves/2023/CVE-2023-1880.yaml +++ b/http/cves/2023/CVE-2023-1880.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2023-1880 cwe-id: CWE-79 epss-score: 0.00078 - epss-percentile: 0.32342 + epss-percentile: 0.3203 cpe: cpe:2.3:a:phpmyfaq:phpmyfaq:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2009.yaml b/http/cves/2023/CVE-2023-2009.yaml index fadcf773d6..4783e1fe8b 100644 --- a/http/cves/2023/CVE-2023-2009.yaml +++ b/http/cves/2023/CVE-2023-2009.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2023-2009 cwe-id: CWE-79 epss-score: 0.00078 - epss-percentile: 0.32631 + epss-percentile: 0.3232 cpe: cpe:2.3:a:pretty_url_project:pretty_url:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-20888.yaml b/http/cves/2023/CVE-2023-20888.yaml index 5f14563bf6..861f3de03f 100644 --- a/http/cves/2023/CVE-2023-20888.yaml +++ b/http/cves/2023/CVE-2023-20888.yaml @@ -18,8 +18,8 @@ info: cvss-score: 8.8 cve-id: CVE-2023-20888 cwe-id: CWE-502 - epss-score: 0.35633 - epss-percentile: 0.97043 + epss-score: 0.35911 + epss-percentile: 0.96766 cpe: cpe:2.3:a:vmware:vrealize_network_insight:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2224.yaml b/http/cves/2023/CVE-2023-2224.yaml index 29987e3b7f..c9390d770b 100644 --- a/http/cves/2023/CVE-2023-2224.yaml +++ b/http/cves/2023/CVE-2023-2224.yaml @@ -15,8 +15,8 @@ info: cvss-score: 4.8 cve-id: CVE-2023-2224 cwe-id: CWE-79 - epss-score: 0.00087 - epss-percentile: 0.36244 + epss-score: 0.00102 + epss-percentile: 0.41348 cpe: cpe:2.3:a:10web:seo:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-22432.yaml b/http/cves/2023/CVE-2023-22432.yaml index 42d0ecdbc7..4e668bef11 100644 --- a/http/cves/2023/CVE-2023-22432.yaml +++ b/http/cves/2023/CVE-2023-22432.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-22432 cwe-id: CWE-601 - epss-score: 0.00945 - epss-percentile: 0.82817 + epss-score: 0.00877 + epss-percentile: 0.82098 cpe: cpe:2.3:a:web2py:web2py:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-22463.yaml b/http/cves/2023/CVE-2023-22463.yaml index dfa58eebd2..a138f73917 100644 --- a/http/cves/2023/CVE-2023-22463.yaml +++ b/http/cves/2023/CVE-2023-22463.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2023-22463 cwe-id: CWE-798 epss-score: 0.02033 - epss-percentile: 0.88733 + epss-percentile: 0.88693 cpe: cpe:2.3:a:fit2cloud:kubepi:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-22480.yaml b/http/cves/2023/CVE-2023-22480.yaml index fff58a5b73..bb42a9d8b3 100644 --- a/http/cves/2023/CVE-2023-22480.yaml +++ b/http/cves/2023/CVE-2023-22480.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2023-22480 cwe-id: CWE-863,CWE-285 epss-score: 0.01487 - epss-percentile: 0.86554 + epss-percentile: 0.86532 cpe: cpe:2.3:a:fit2cloud:kubeoperator:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-22518.yaml b/http/cves/2023/CVE-2023-22518.yaml index f81b92bb81..f78c29e559 100644 --- a/http/cves/2023/CVE-2023-22518.yaml +++ b/http/cves/2023/CVE-2023-22518.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-22518 cwe-id: CWE-863 - epss-score: 0.96949 - epss-percentile: 0.9971 + epss-score: 0.97011 + epss-percentile: 0.99725 cpe: cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2252.yaml b/http/cves/2023/CVE-2023-2252.yaml index 85554cd3ed..22fe7e3409 100644 --- a/http/cves/2023/CVE-2023-2252.yaml +++ b/http/cves/2023/CVE-2023-2252.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2023-2252 cwe-id: CWE-22 epss-score: 0.00129 - epss-percentile: 0.47016 + epss-percentile: 0.46802 cpe: cpe:2.3:a:wpwax:directorist:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -27,7 +27,7 @@ info: vendor: wpwax product: directorist framework: wordpress - tags: cve2023,cve,wpscan,lfi,directorist,wordpress,wp-plugin,wp,authenticated,wpwax + tags: cve2023,cve,wpscan,lfi,directorist,wordpress,wp-plugin,wp,authenticated http: - raw: diff --git a/http/cves/2023/CVE-2023-22527.yaml b/http/cves/2023/CVE-2023-22527.yaml index dac4f21362..aaed7fb243 100644 --- a/http/cves/2023/CVE-2023-22527.yaml +++ b/http/cves/2023/CVE-2023-22527.yaml @@ -26,7 +26,7 @@ info: vendor: atlassian product: confluence_data_center shodan-query: http.component:"Atlassian Confluence" - tags: packetstorm,cve,cve2023,confluence,rce,ssti,kev,atlassian + tags: cve,cve2023,confluence,rce,ssti,kev http: - raw: diff --git a/http/cves/2023/CVE-2023-22620.yaml b/http/cves/2023/CVE-2023-22620.yaml index 73d597ce85..ab98f22962 100644 --- a/http/cves/2023/CVE-2023-22620.yaml +++ b/http/cves/2023/CVE-2023-22620.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-22620 cwe-id: CWE-863 - epss-score: 0.05718 - epss-percentile: 0.93208 + epss-score: 0.06157 + epss-percentile: 0.92833 cpe: cpe:2.3:o:securepoint:unified_threat_management:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-23161.yaml b/http/cves/2023/CVE-2023-23161.yaml index 635e6e4ab3..4ae8b59b80 100644 --- a/http/cves/2023/CVE-2023-23161.yaml +++ b/http/cves/2023/CVE-2023-23161.yaml @@ -30,7 +30,7 @@ info: vendor: phpgurukul product: art_gallery_management_system fofa-query: title="Art Gallery Management System" - tags: cve2023,cve,packetstorm,art,gallery,xss,art_gallery_management_system_project,phpgurukul + tags: cve2023,cve,packetstorm,art,gallery,xss,art_gallery_management_system_project http: - method: GET diff --git a/http/cves/2023/CVE-2023-23491.yaml b/http/cves/2023/CVE-2023-23491.yaml index 9b2ed3bf5e..eda7da80c5 100644 --- a/http/cves/2023/CVE-2023-23491.yaml +++ b/http/cves/2023/CVE-2023-23491.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2023-23491 cwe-id: CWE-79 epss-score: 0.00119 - epss-percentile: 0.4541 + epss-percentile: 0.45193 cpe: cpe:2.3:a:fullworksplugins:quick_event_manager:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-23752.yaml b/http/cves/2023/CVE-2023-23752.yaml index f6931c5a03..6d0fee1022 100644 --- a/http/cves/2023/CVE-2023-23752.yaml +++ b/http/cves/2023/CVE-2023-23752.yaml @@ -19,8 +19,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2023-23752 - epss-score: 0.95214 - epss-percentile: 0.99298 + epss-score: 0.96314 + epss-percentile: 0.9944 cpe: cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-24488.yaml b/http/cves/2023/CVE-2023-24488.yaml index f6252de23c..cc500b1fe8 100644 --- a/http/cves/2023/CVE-2023-24488.yaml +++ b/http/cves/2023/CVE-2023-24488.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-24488 cwe-id: CWE-79 - epss-score: 0.03845 - epss-percentile: 0.91731 + epss-score: 0.0101 + epss-percentile: 0.8202 cpe: cpe:2.3:a:citrix:gateway:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2023/CVE-2023-24733.yaml b/http/cves/2023/CVE-2023-24733.yaml index 124c550948..f6b110e77e 100644 --- a/http/cves/2023/CVE-2023-24733.yaml +++ b/http/cves/2023/CVE-2023-24733.yaml @@ -28,7 +28,7 @@ info: vendor: sigb product: pmb shodan-query: http.favicon.hash:1469328760 - tags: cve,cve2023,unauth,xss,pmb,pmb_project,sigb + tags: cve,cve2023,unauth,xss,pmb,pmb_project http: - method: GET diff --git a/http/cves/2023/CVE-2023-24735.yaml b/http/cves/2023/CVE-2023-24735.yaml index 170bbf247b..d04f3ed161 100644 --- a/http/cves/2023/CVE-2023-24735.yaml +++ b/http/cves/2023/CVE-2023-24735.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-24735 cwe-id: CWE-601 - epss-score: 0.0116 - epss-percentile: 0.84628 + epss-score: 0.00947 + epss-percentile: 0.8279 cpe: cpe:2.3:a:sigb:pmb:7.4.6:*:*:*:*:*:*:* metadata: verified: true @@ -28,7 +28,7 @@ info: vendor: sigb product: pmb shodan-query: http.favicon.hash:1469328760 - tags: cve2023,cve,redirect,pmb,pmb_project,sigb + tags: cve2023,cve,redirect,pmb,pmb_project http: - method: GET diff --git a/http/cves/2023/CVE-2023-24737.yaml b/http/cves/2023/CVE-2023-24737.yaml index 7d80c825ba..91572fef17 100644 --- a/http/cves/2023/CVE-2023-24737.yaml +++ b/http/cves/2023/CVE-2023-24737.yaml @@ -28,7 +28,7 @@ info: vendor: sigb product: pmb shodan-query: http.favicon.hash:1469328760 - tags: cve2023,cve,xss,pmb,pmb_project,sigb + tags: cve2023,cve,xss,pmb,pmb_project http: - raw: diff --git a/http/cves/2023/CVE-2023-25194.yaml b/http/cves/2023/CVE-2023-25194.yaml index 65d1f7761f..c250daba2a 100644 --- a/http/cves/2023/CVE-2023-25194.yaml +++ b/http/cves/2023/CVE-2023-25194.yaml @@ -17,8 +17,8 @@ info: cvss-score: 8.8 cve-id: CVE-2023-25194 cwe-id: CWE-502 - epss-score: 0.96927 - epss-percentile: 0.99703 + epss-score: 0.89626 + epss-percentile: 0.98692 cpe: cpe:2.3:a:apache:kafka_connect:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-25346.yaml b/http/cves/2023/CVE-2023-25346.yaml index fbdf58e73a..4f7a6a5362 100644 --- a/http/cves/2023/CVE-2023-25346.yaml +++ b/http/cves/2023/CVE-2023-25346.yaml @@ -14,15 +14,13 @@ info: - https://github.com/10splayaSec/CVE-Disclosures/tree/main/ChurchCRM/CVE-2023-25346 - https://nvd.nist.gov/vuln/detail/CVE-2023-25346 - https://github.com/ChurchCRM/CRM - - https://github.com/10splayaSec/CVE-Disclosures - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-25346 cwe-id: CWE-79 - epss-score: 0.00102 - epss-percentile: 0.40816 + epss-score: 0.00089 + epss-percentile: 0.37238 cpe: cpe:2.3:a:churchcrm:churchcrm:4.5.3:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-25573.yaml b/http/cves/2023/CVE-2023-25573.yaml index 0e9ecd9ffc..20143feedc 100644 --- a/http/cves/2023/CVE-2023-25573.yaml +++ b/http/cves/2023/CVE-2023-25573.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-25573 cwe-id: CWE-862 - epss-score: 0.04424 - epss-percentile: 0.92238 + epss-score: 0.03674 + epss-percentile: 0.91517 cpe: cpe:2.3:a:metersphere:metersphere:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-26347.yaml b/http/cves/2023/CVE-2023-26347.yaml index 3ee46515c2..e713be332a 100644 --- a/http/cves/2023/CVE-2023-26347.yaml +++ b/http/cves/2023/CVE-2023-26347.yaml @@ -16,8 +16,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-26347 cwe-id: CWE-284 - epss-score: 0.00486 - epss-percentile: 0.75616 + epss-score: 0.00466 + epss-percentile: 0.74969 cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-26360.yaml b/http/cves/2023/CVE-2023-26360.yaml index e584e87309..63542941b5 100644 --- a/http/cves/2023/CVE-2023-26360.yaml +++ b/http/cves/2023/CVE-2023-26360.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.6 cve-id: CVE-2023-26360 cwe-id: CWE-284 - epss-score: 0.96357 - epss-percentile: 0.9953 + epss-score: 0.94391 + epss-percentile: 0.99045 cpe: cpe:2.3:a:adobe:coldfusion:2018:-:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-26469.yaml b/http/cves/2023/CVE-2023-26469.yaml index 2f96e12a77..946523a074 100644 --- a/http/cves/2023/CVE-2023-26469.yaml +++ b/http/cves/2023/CVE-2023-26469.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-26469 cwe-id: CWE-22 - epss-score: 0.93863 - epss-percentile: 0.99093 + epss-score: 0.93768 + epss-percentile: 0.99071 cpe: cpe:2.3:a:jorani:jorani:1.0.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2648.yaml b/http/cves/2023/CVE-2023-2648.yaml index fab406db2e..8d345d1047 100644 --- a/http/cves/2023/CVE-2023-2648.yaml +++ b/http/cves/2023/CVE-2023-2648.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-2648 cwe-id: CWE-434 - epss-score: 0.05233 - epss-percentile: 0.92866 + epss-score: 0.05365 + epss-percentile: 0.9293 cpe: cpe:2.3:a:weaver:e-office:9.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-27179.yaml b/http/cves/2023/CVE-2023-27179.yaml index 1437fe9f90..2b6d4f5c68 100644 --- a/http/cves/2023/CVE-2023-27179.yaml +++ b/http/cves/2023/CVE-2023-27179.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-27179 cwe-id: CWE-434 - epss-score: 0.00993 - epss-percentile: 0.83275 + epss-score: 0.01173 + epss-percentile: 0.83438 cpe: cpe:2.3:a:gdidees:gdidees_cms:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-27524.yaml b/http/cves/2023/CVE-2023-27524.yaml index f6a62c9543..62f3c07e1d 100644 --- a/http/cves/2023/CVE-2023-27524.yaml +++ b/http/cves/2023/CVE-2023-27524.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-27524 cwe-id: CWE-1188 - epss-score: 0.97295 - epss-percentile: 0.99855 + epss-score: 0.97224 + epss-percentile: 0.99822 cpe: cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-27587.yaml b/http/cves/2023/CVE-2023-27587.yaml index 5d204c8798..b032894442 100644 --- a/http/cves/2023/CVE-2023-27587.yaml +++ b/http/cves/2023/CVE-2023-27587.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2023-27587 cwe-id: CWE-209 - epss-score: 0.22618 - epss-percentile: 0.96417 + epss-score: 0.18807 + epss-percentile: 0.96117 cpe: cpe:2.3:a:readtomyshoe_project:readtomyshoe:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-2766.yaml b/http/cves/2023/CVE-2023-2766.yaml index e420ff4228..a933b86809 100644 --- a/http/cves/2023/CVE-2023-2766.yaml +++ b/http/cves/2023/CVE-2023-2766.yaml @@ -13,14 +13,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-2766 - https://vuldb.com/?ctiid.229271 - https://vuldb.com/?id.229271 - - https://github.com/Vme18000yuan/FreePOC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-2766 cwe-id: CWE-552 - epss-score: 0.04166 - epss-percentile: 0.92033 + epss-score: 0.05594 + epss-percentile: 0.92514 cpe: cpe:2.3:a:weaver:weaver_office_automation:9.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-27922.yaml b/http/cves/2023/CVE-2023-27922.yaml index 4528da2acb..137d883c40 100644 --- a/http/cves/2023/CVE-2023-27922.yaml +++ b/http/cves/2023/CVE-2023-27922.yaml @@ -16,8 +16,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-27922 cwe-id: CWE-79 - epss-score: 0.0011 - epss-percentile: 0.43445 + epss-score: 0.00113 + epss-percentile: 0.44627 cpe: cpe:2.3:a:thenewsletterplugin:newsletter:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2822.yaml b/http/cves/2023/CVE-2023-2822.yaml index e8ba11e6f5..1627b69968 100644 --- a/http/cves/2023/CVE-2023-2822.yaml +++ b/http/cves/2023/CVE-2023-2822.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-2822 cwe-id: CWE-79 - epss-score: 0.03959 - epss-percentile: 0.9184 + epss-score: 0.03167 + epss-percentile: 0.90173 cpe: cpe:2.3:a:ellucian:ethos_identity:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-2825.yaml b/http/cves/2023/CVE-2023-2825.yaml index 8f0139d31c..0031bfccae 100644 --- a/http/cves/2023/CVE-2023-2825.yaml +++ b/http/cves/2023/CVE-2023-2825.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2023-2825 cwe-id: CWE-22 epss-score: 0.09134 - epss-percentile: 0.9453 + epss-percentile: 0.94495 cpe: cpe:2.3:a:gitlab:gitlab:16.0.0:*:*:*:community:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-28432.yaml b/http/cves/2023/CVE-2023-28432.yaml index c04f628cc9..19839d49a6 100644 --- a/http/cves/2023/CVE-2023-28432.yaml +++ b/http/cves/2023/CVE-2023-28432.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-28432 cwe-id: CWE-200,NVD-CWE-noinfo - epss-score: 0.94322 - epss-percentile: 0.99154 + epss-score: 0.14173 + epss-percentile: 0.95219 cpe: cpe:2.3:a:minio:minio:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-28662.yaml b/http/cves/2023/CVE-2023-28662.yaml index d348e1fd0f..09f5e90b4f 100644 --- a/http/cves/2023/CVE-2023-28662.yaml +++ b/http/cves/2023/CVE-2023-28662.yaml @@ -29,7 +29,7 @@ info: product: "gift_vouchers" framework: wordpress fofa-query: "body=\"/wp-content/plugins/gift-voucher/\"" - tags: cve,cve2023,wordpress,wp,wp-plugin,sqli,unauth,gift-voucher,codemenschen + tags: cve,cve2023,wordpress,wp,wp-plugin,sqli,unauth,gift-voucher flow: http(1) && http(2) http: diff --git a/http/cves/2023/CVE-2023-29300.yaml b/http/cves/2023/CVE-2023-29300.yaml index ba29d3cbd6..7bbaaffeb2 100644 --- a/http/cves/2023/CVE-2023-29300.yaml +++ b/http/cves/2023/CVE-2023-29300.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-29300 cwe-id: CWE-502 - epss-score: 0.96346 - epss-percentile: 0.99527 + epss-score: 0.96369 + epss-percentile: 0.99526 cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-29439.yaml b/http/cves/2023/CVE-2023-29439.yaml index 16978e7b1a..cb8b18243d 100644 --- a/http/cves/2023/CVE-2023-29439.yaml +++ b/http/cves/2023/CVE-2023-29439.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2023-29439 cwe-id: CWE-79 epss-score: 0.00087 - epss-percentile: 0.35725 + epss-percentile: 0.35426 cpe: cpe:2.3:a:fooplugins:foogallery:*:*:*:*:*:wordpress:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-29489.yaml b/http/cves/2023/CVE-2023-29489.yaml index ec5932f72e..1a3abb4abe 100644 --- a/http/cves/2023/CVE-2023-29489.yaml +++ b/http/cves/2023/CVE-2023-29489.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-29489 cwe-id: CWE-79 - epss-score: 0.0033 - epss-percentile: 0.70593 + epss-score: 0.00302 + epss-percentile: 0.69029 cpe: cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-29922.yaml b/http/cves/2023/CVE-2023-29922.yaml index 0bf9a7df17..bf1c5ccaef 100644 --- a/http/cves/2023/CVE-2023-29922.yaml +++ b/http/cves/2023/CVE-2023-29922.yaml @@ -13,16 +13,13 @@ info: reference: - https://github.com/PowerJob/PowerJob/issues/585 - https://nvd.nist.gov/vuln/detail/CVE-2023-29922 - - https://github.com/1820112015/CVE-2023-29923 - - https://github.com/CKevens/CVE-2023-29923-Scan - - https://github.com/CN016/Powerjob-CVE-2023-29922- classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N cvss-score: 5.3 cve-id: CVE-2023-29922 cwe-id: CWE-1188 - epss-score: 0.01156 - epss-percentile: 0.84597 + epss-score: 0.00791 + epss-percentile: 0.79603 cpe: cpe:2.3:a:powerjob:powerjob:4.3.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-29923.yaml b/http/cves/2023/CVE-2023-29923.yaml index 1d0d207516..2ec2422aee 100644 --- a/http/cves/2023/CVE-2023-29923.yaml +++ b/http/cves/2023/CVE-2023-29923.yaml @@ -13,16 +13,13 @@ info: reference: - https://github.com/PowerJob/PowerJob/issues/587 - https://nvd.nist.gov/vuln/detail/CVE-2023-29923 - - https://github.com/1820112015/CVE-2023-29923 - - https://github.com/CKevens/CVE-2023-29923-Scan - - https://github.com/KayCHENvip/vulnerability-poc classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2023-29923 cwe-id: CWE-276 - epss-score: 0.08149 - epss-percentile: 0.94223 + epss-score: 0.00336 + epss-percentile: 0.68252 cpe: cpe:2.3:a:powerjob:powerjob:4.3.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-30013.yaml b/http/cves/2023/CVE-2023-30013.yaml index 64c07e393f..264135b800 100644 --- a/http/cves/2023/CVE-2023-30013.yaml +++ b/http/cves/2023/CVE-2023-30013.yaml @@ -16,8 +16,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-30013 cwe-id: CWE-78 - epss-score: 0.95638 - epss-percentile: 0.99374 + epss-score: 0.9257 + epss-percentile: 0.98815 cpe: cpe:2.3:o:totolink:x5000r_firmware:9.1.0u.6118_b20201102:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2023/CVE-2023-30150.yaml b/http/cves/2023/CVE-2023-30150.yaml index c13ee91203..b2d26e1d2f 100644 --- a/http/cves/2023/CVE-2023-30150.yaml +++ b/http/cves/2023/CVE-2023-30150.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2023-30150 cwe-id: CWE-89 epss-score: 0.0409 - epss-percentile: 0.91973 + epss-percentile: 0.91941 cpe: cpe:2.3:a:leotheme:leocustomajax:1.0.0:*:*:*:*:prestashop:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-30212.yaml b/http/cves/2023/CVE-2023-30212.yaml index 6ec427b833..6537669de8 100644 --- a/http/cves/2023/CVE-2023-30212.yaml +++ b/http/cves/2023/CVE-2023-30212.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-30212 cwe-id: CWE-79 - epss-score: 0.02941 - epss-percentile: 0.90646 + epss-score: 0.02578 + epss-percentile: 0.89997 cpe: cpe:2.3:a:ourphp:ourphp:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-30256.yaml b/http/cves/2023/CVE-2023-30256.yaml index 693cf3e966..7904f9a208 100644 --- a/http/cves/2023/CVE-2023-30256.yaml +++ b/http/cves/2023/CVE-2023-30256.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-30256 cwe-id: CWE-79 - epss-score: 0.0149 - epss-percentile: 0.86569 + epss-score: 0.0206 + epss-percentile: 0.87855 cpe: cpe:2.3:a:webkul:qloapps:1.5.2:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-30534.yaml b/http/cves/2023/CVE-2023-30534.yaml index 221a5dd4e0..620df48b01 100644 --- a/http/cves/2023/CVE-2023-30534.yaml +++ b/http/cves/2023/CVE-2023-30534.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2023-30534 cwe-id: CWE-502 epss-score: 0.09326 - epss-percentile: 0.94592 + epss-percentile: 0.94158 cpe: cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-30943.yaml b/http/cves/2023/CVE-2023-30943.yaml index 5cfb309dd7..5622e5128f 100644 --- a/http/cves/2023/CVE-2023-30943.yaml +++ b/http/cves/2023/CVE-2023-30943.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.3 cve-id: CVE-2023-30943 cwe-id: CWE-610,CWE-73 - epss-score: 0.01922 - epss-percentile: 0.88373 + epss-score: 0.01661 + epss-percentile: 0.87339 cpe: cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:* metadata: max-request: 4 diff --git a/http/cves/2023/CVE-2023-31465.yaml b/http/cves/2023/CVE-2023-31465.yaml index b3b82833c7..a18e260a91 100644 --- a/http/cves/2023/CVE-2023-31465.yaml +++ b/http/cves/2023/CVE-2023-31465.yaml @@ -14,8 +14,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-31465 - epss-score: 0.00937 - epss-percentile: 0.82745 + epss-score: 0.00841 + epss-percentile: 0.80295 cpe: cpe:2.3:a:fsmlabs:timekeeper:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-31548.yaml b/http/cves/2023/CVE-2023-31548.yaml index a2d615c981..c7109ccf8f 100644 --- a/http/cves/2023/CVE-2023-31548.yaml +++ b/http/cves/2023/CVE-2023-31548.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2023-31548 cwe-id: CWE-79 epss-score: 0.00078 - epss-percentile: 0.32109 + epss-percentile: 0.32076 cpe: cpe:2.3:a:churchcrm:churchcrm:4.5.3:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-32235.yaml b/http/cves/2023/CVE-2023-32235.yaml index 795eac2ee6..2ce3b43853 100644 --- a/http/cves/2023/CVE-2023-32235.yaml +++ b/http/cves/2023/CVE-2023-32235.yaml @@ -14,14 +14,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-32235 - https://github.com/TryGhost/Ghost/commit/378dd913aa8d0fd0da29b0ffced8884579598b0f - https://github.com/TryGhost/Ghost/compare/v5.42.0...v5.42.1 - - https://github.com/VEEXH/Ghost-Path-Traversal-CVE-2023-32235- classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-32235 cwe-id: CWE-22 - epss-score: 0.91165 - epss-percentile: 0.98814 + epss-score: 0.01376 + epss-percentile: 0.84873 cpe: cpe:2.3:a:ghost:ghost:*:*:*:*:*:node.js:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-33439.yaml b/http/cves/2023/CVE-2023-33439.yaml index da15197942..804a38e40c 100644 --- a/http/cves/2023/CVE-2023-33439.yaml +++ b/http/cves/2023/CVE-2023-33439.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.2 cve-id: CVE-2023-33439 cwe-id: CWE-89 - epss-score: 0.00673 - epss-percentile: 0.79453 + epss-score: 0.00666 + epss-percentile: 0.79241 cpe: cpe:2.3:a:faculty_evaluation_system_project:faculty_evaluation_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-3345.yaml b/http/cves/2023/CVE-2023-3345.yaml index f3b924dfc9..2d92d84f95 100644 --- a/http/cves/2023/CVE-2023-3345.yaml +++ b/http/cves/2023/CVE-2023-3345.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2023-3345 cwe-id: CWE-200 - epss-score: 0.00419 - epss-percentile: 0.73743 + epss-score: 0.00235 + epss-percentile: 0.61522 cpe: cpe:2.3:a:masteriyo:masteriyo:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-33584.yaml b/http/cves/2023/CVE-2023-33584.yaml index b567e79dc2..2d6c0d98ac 100644 --- a/http/cves/2023/CVE-2023-33584.yaml +++ b/http/cves/2023/CVE-2023-33584.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-33584 cwe-id: CWE-89 - epss-score: 0.10328 - epss-percentile: 0.94865 + epss-score: 0.09977 + epss-percentile: 0.94731 cpe: cpe:2.3:a:enrollment_system_project:enrollment_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-33629.yaml b/http/cves/2023/CVE-2023-33629.yaml index f7280a559b..9d1ec8f566 100644 --- a/http/cves/2023/CVE-2023-33629.yaml +++ b/http/cves/2023/CVE-2023-33629.yaml @@ -16,8 +16,8 @@ info: cvss-score: 7.2 cve-id: CVE-2023-33629 cwe-id: CWE-787 - epss-score: 0.00735 - epss-percentile: 0.80464 + epss-score: 0.00968 + epss-percentile: 0.82988 cpe: cpe:2.3:o:h3c:magic_r300-2100m_firmware:r300-2100mv100r004:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-3368.yaml b/http/cves/2023/CVE-2023-3368.yaml index 4c4df5b248..ccf1544419 100644 --- a/http/cves/2023/CVE-2023-3368.yaml +++ b/http/cves/2023/CVE-2023-3368.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-3368 cwe-id: CWE-78 - epss-score: 0.90655 - epss-percentile: 0.98774 + epss-score: 0.76057 + epss-percentile: 0.97911 cpe: cpe:2.3:a:chamilo:chamilo:*:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-34020.yaml b/http/cves/2023/CVE-2023-34020.yaml index e5500664d5..823a82a3bb 100644 --- a/http/cves/2023/CVE-2023-34020.yaml +++ b/http/cves/2023/CVE-2023-34020.yaml @@ -3,20 +3,12 @@ id: CVE-2023-34020 info: name: Uncanny Toolkit for LearnDash - Open Redirection author: LeDoubleTake - severity: medium + severity: low description: | A vulnerability in the WordPress Uncanny Toolkit for LearnDash Plugin allowed malicious actors to redirect users, posing a potential risk of phishing incidents. The issue has been resolved in version 3.6.4.4, and users are urged to update for security. reference: - https://patchstack.com/database/vulnerability/uncanny-learndash-toolkit/wordpress-uncanny-toolkit-for-learndash-plugin-3-6-4-3-open-redirection-vulnerability - https://wordpress.org/plugins/uncanny-learndash-toolkit/ - - https://patchstack.com/database/vulnerability/uncanny-learndash-toolkit/wordpress-uncanny-toolkit-for-learndash-plugin-3-6-4-3-open-redirection-vulnerability?_s_id=cve - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N - cvss-score: 4.7 - cve-id: CVE-2023-34020 - cwe-id: CWE-601 - epss-score: 0.00053 - epss-percentile: 0.1964 metadata: verified: true max-request: 1 diff --git a/http/cves/2023/CVE-2023-34192.yaml b/http/cves/2023/CVE-2023-34192.yaml index da00d8edf2..ee63c31ebe 100644 --- a/http/cves/2023/CVE-2023-34192.yaml +++ b/http/cves/2023/CVE-2023-34192.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9 cve-id: CVE-2023-34192 cwe-id: CWE-79 - epss-score: 0.30586 - epss-percentile: 0.96863 + epss-score: 0.17094 + epss-percentile: 0.95587 cpe: cpe:2.3:a:zimbra:collaboration:8.8.15:-:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2023/CVE-2023-34259.yaml b/http/cves/2023/CVE-2023-34259.yaml index 76c5901818..339c29a255 100644 --- a/http/cves/2023/CVE-2023-34259.yaml +++ b/http/cves/2023/CVE-2023-34259.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2023-34259 cwe-id: CWE-22 epss-score: 0.00554 - epss-percentile: 0.77197 + epss-percentile: 0.77111 cpe: cpe:2.3:o:kyocera:d-copia253mf_plus_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-34537.yaml b/http/cves/2023/CVE-2023-34537.yaml index b39c425324..e7dcc114c3 100644 --- a/http/cves/2023/CVE-2023-34537.yaml +++ b/http/cves/2023/CVE-2023-34537.yaml @@ -13,15 +13,13 @@ info: reference: - https://github.com/leekenghwa/CVE-2023-34537---XSS-reflected--found-in-HotelDruid-3.0.5 - https://nvd.nist.gov/vuln/detail/CVE-2023-34537 - - https://github.com/nomi-sec/PoC-in-GitHub - - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2023-34537 cwe-id: CWE-79 - epss-score: 0.00077 - epss-percentile: 0.32024 + epss-score: 0.0007 + epss-percentile: 0.28902 cpe: cpe:2.3:a:digitaldruid:hoteldruid:3.0.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-34598.yaml b/http/cves/2023/CVE-2023-34598.yaml index 7409dd7571..4e12ddae19 100644 --- a/http/cves/2023/CVE-2023-34598.yaml +++ b/http/cves/2023/CVE-2023-34598.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2023-34598 cwe-id: CWE-22 epss-score: 0.03342 - epss-percentile: 0.91183 + epss-percentile: 0.9114 cpe: cpe:2.3:a:gibbonedu:gibbon:25.0.00:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-34659.yaml b/http/cves/2023/CVE-2023-34659.yaml index 5388e825e8..867bbb630c 100644 --- a/http/cves/2023/CVE-2023-34659.yaml +++ b/http/cves/2023/CVE-2023-34659.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34659 cwe-id: CWE-89 - epss-score: 0.242 - epss-percentile: 0.96512 + epss-score: 0.21629 + epss-percentile: 0.96326 cpe: cpe:2.3:a:jeecg:jeecg_boot:3.5.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-34751.yaml b/http/cves/2023/CVE-2023-34751.yaml index d476f48efa..9edc4bae5e 100644 --- a/http/cves/2023/CVE-2023-34751.yaml +++ b/http/cves/2023/CVE-2023-34751.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2023-34751 cwe-id: CWE-89 epss-score: 0.02354 - epss-percentile: 0.89582 + epss-percentile: 0.89556 cpe: cpe:2.3:a:bloofox:bloofoxcms:0.5.2.1:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-34752.yaml b/http/cves/2023/CVE-2023-34752.yaml index 2fe8b66712..8eee0e5231 100644 --- a/http/cves/2023/CVE-2023-34752.yaml +++ b/http/cves/2023/CVE-2023-34752.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2023-34752 cwe-id: CWE-89 epss-score: 0.0945 - epss-percentile: 0.94625 + epss-percentile: 0.9459 cpe: cpe:2.3:a:bloofox:bloofoxcms:0.5.2.1:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-34753.yaml b/http/cves/2023/CVE-2023-34753.yaml index 585a745cd0..6d1d4d166c 100644 --- a/http/cves/2023/CVE-2023-34753.yaml +++ b/http/cves/2023/CVE-2023-34753.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2023-34753 cwe-id: CWE-89 epss-score: 0.02354 - epss-percentile: 0.89582 + epss-percentile: 0.89556 cpe: cpe:2.3:a:bloofox:bloofoxcms:0.5.2.1:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-34843.yaml b/http/cves/2023/CVE-2023-34843.yaml index 3182b40749..668506d369 100644 --- a/http/cves/2023/CVE-2023-34843.yaml +++ b/http/cves/2023/CVE-2023-34843.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-34843 cwe-id: CWE-22 - epss-score: 0.00357 - epss-percentile: 0.71694 + epss-score: 0.00349 + epss-percentile: 0.71237 cpe: cpe:2.3:a:traggo:traggo:0.3.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-35082.yaml b/http/cves/2023/CVE-2023-35082.yaml index e14a3eb386..7851495228 100644 --- a/http/cves/2023/CVE-2023-35082.yaml +++ b/http/cves/2023/CVE-2023-35082.yaml @@ -13,15 +13,13 @@ info: - https://www.rapid7.com/blog/post/2023/08/02/cve-2023-35082-mobileiron-core-unauthenticated-api-access-vulnerability/ - https://nvd.nist.gov/vuln/detail/CVE-2023-35082 - https://forums.ivanti.com/s/article/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older?language=en_US - - https://github.com/Ostorlab/KEV - - https://github.com/netlas-io/netlas-dorks classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-35082 cwe-id: CWE-287 - epss-score: 0.95059 - epss-percentile: 0.99274 + epss-score: 0.07991 + epss-percentile: 0.93656 cpe: cpe:2.3:a:ivanti:endpoint_manager_mobile:*:*:*:*:*:*:*:* metadata: verified: true @@ -30,7 +28,7 @@ info: product: endpoint_manager_mobile shodan-query: http.favicon.hash:362091310 fofa-query: icon_hash="362091310" - tags: cve2023,cve,ivanti,mobileiron,epmm,kev + tags: cve2023,cve,ivanti,mobileiron,epmm http: - method: GET diff --git a/http/cves/2023/CVE-2023-35813.yaml b/http/cves/2023/CVE-2023-35813.yaml index 2444645b11..4f3d631987 100644 --- a/http/cves/2023/CVE-2023-35813.yaml +++ b/http/cves/2023/CVE-2023-35813.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-35813 cwe-id: CWE-22,CWE-23 - epss-score: 0.90525 - epss-percentile: 0.98765 + epss-score: 0.72023 + epss-percentile: 0.97805 cpe: cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-35844.yaml b/http/cves/2023/CVE-2023-35844.yaml index ceca228aa1..76e5b32c83 100644 --- a/http/cves/2023/CVE-2023-35844.yaml +++ b/http/cves/2023/CVE-2023-35844.yaml @@ -25,7 +25,7 @@ info: cve-id: CVE-2023-35844 cwe-id: CWE-22 epss-score: 0.04986 - epss-percentile: 0.92682 + epss-percentile: 0.92655 cpe: cpe:2.3:a:lightdash:lightdash:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-36144.yaml b/http/cves/2023/CVE-2023-36144.yaml index f8f63b4404..d5812e686c 100644 --- a/http/cves/2023/CVE-2023-36144.yaml +++ b/http/cves/2023/CVE-2023-36144.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2023-36144 cwe-id: CWE-862 epss-score: 0.02858 - epss-percentile: 0.90532 + epss-percentile: 0.90492 cpe: cpe:2.3:o:intelbras:sg_2404_mr_firmware:1.00.54:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-36287.yaml b/http/cves/2023/CVE-2023-36287.yaml index ab4ac74422..51933089f6 100644 --- a/http/cves/2023/CVE-2023-36287.yaml +++ b/http/cves/2023/CVE-2023-36287.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-36287 cwe-id: CWE-79 - epss-score: 0.00083 - epss-percentile: 0.34248 + epss-score: 0.00075 + epss-percentile: 0.30832 cpe: cpe:2.3:a:webkul:qloapps:1.6.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-36289.yaml b/http/cves/2023/CVE-2023-36289.yaml index 3a120b3900..0e918eae9a 100644 --- a/http/cves/2023/CVE-2023-36289.yaml +++ b/http/cves/2023/CVE-2023-36289.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2023-36289 cwe-id: CWE-79 epss-score: 0.00083 - epss-percentile: 0.34248 + epss-percentile: 0.33945 cpe: cpe:2.3:a:webkul:qloapps:1.6.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-36844.yaml b/http/cves/2023/CVE-2023-36844.yaml index 585893e792..7b6f67cc0a 100644 --- a/http/cves/2023/CVE-2023-36844.yaml +++ b/http/cves/2023/CVE-2023-36844.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5.3 cve-id: CVE-2023-36844 cwe-id: CWE-473 - epss-score: 0.52371 - epss-percentile: 0.97526 + epss-score: 0.03926 + epss-percentile: 0.91134 cpe: cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-36845.yaml b/http/cves/2023/CVE-2023-36845.yaml index 8c7f8e7ae7..a8800a4134 100644 --- a/http/cves/2023/CVE-2023-36845.yaml +++ b/http/cves/2023/CVE-2023-36845.yaml @@ -19,14 +19,14 @@ info: cvss-score: 9.8 cve-id: CVE-2023-36845 cwe-id: CWE-473 - epss-score: 0.96664 - epss-percentile: 0.99623 - cpe: cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:* + epss-score: 0.69312 + epss-percentile: 0.97711 + cpe: cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: juniper - product: srx100 + product: junos shodan-query: title:"Juniper Web Device Manager" tags: cve,cve2023,packetstorm,rce,unauth,juniper,kev diff --git a/http/cves/2023/CVE-2023-36934.yaml b/http/cves/2023/CVE-2023-36934.yaml index 38b5f9c83c..c6493bc628 100644 --- a/http/cves/2023/CVE-2023-36934.yaml +++ b/http/cves/2023/CVE-2023-36934.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.1 cve-id: CVE-2023-36934 cwe-id: CWE-89 - epss-score: 0.09417 - epss-percentile: 0.94616 + epss-score: 0.09049 + epss-percentile: 0.94466 cpe: cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-37265.yaml b/http/cves/2023/CVE-2023-37265.yaml index 6cdd806a25..23a94dbbbc 100644 --- a/http/cves/2023/CVE-2023-37265.yaml +++ b/http/cves/2023/CVE-2023-37265.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-37265 cwe-id: CWE-306 - epss-score: 0.12028 - epss-percentile: 0.95248 + epss-score: 0.14233 + epss-percentile: 0.95569 cpe: cpe:2.3:o:icewhale:casaos:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-38205.yaml b/http/cves/2023/CVE-2023-38205.yaml index fe980e506e..2eed763b87 100644 --- a/http/cves/2023/CVE-2023-38205.yaml +++ b/http/cves/2023/CVE-2023-38205.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-38205 cwe-id: CWE-284,NVD-CWE-Other - epss-score: 0.87325 - epss-percentile: 0.98571 + epss-score: 0.93471 + epss-percentile: 0.99038 cpe: cpe:2.3:a:adobe:coldfusion:2018:-:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-3848.yaml b/http/cves/2023/CVE-2023-3848.yaml index eb208390d4..ccc2641897 100644 --- a/http/cves/2023/CVE-2023-3848.yaml +++ b/http/cves/2023/CVE-2023-3848.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-3848 cwe-id: CWE-79 - epss-score: 0.00235 - epss-percentile: 0.61096 + epss-score: 0.00237 + epss-percentile: 0.61873 cpe: cpe:2.3:a:moosocial:moodating:1.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-39108.yaml b/http/cves/2023/CVE-2023-39108.yaml index fc3ba4c714..5641a014db 100644 --- a/http/cves/2023/CVE-2023-39108.yaml +++ b/http/cves/2023/CVE-2023-39108.yaml @@ -10,14 +10,13 @@ info: - https://www.rconfig.com/downloads/rconfig-3.9.4.zip - https://github.com/zer0yu/CVE_Request/blob/master/rConfig/rConfig_path_b.md - https://nvd.nist.gov/vuln/detail/CVE-2023-39108 - - https://github.com/zer0yu/CVE_Request classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2023-39108 cwe-id: CWE-918 - epss-score: 0.0287 - epss-percentile: 0.90549 + epss-score: 0.01332 + epss-percentile: 0.84573 cpe: cpe:2.3:a:rconfig:rconfig:3.9.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-39110.yaml b/http/cves/2023/CVE-2023-39110.yaml index 43bbdf8661..b624b4b962 100644 --- a/http/cves/2023/CVE-2023-39110.yaml +++ b/http/cves/2023/CVE-2023-39110.yaml @@ -16,8 +16,8 @@ info: cvss-score: 8.8 cve-id: CVE-2023-39110 cwe-id: CWE-918 - epss-score: 0.0287 - epss-percentile: 0.90549 + epss-score: 0.03449 + epss-percentile: 0.91267 cpe: cpe:2.3:a:rconfig:rconfig:3.9.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-39141.yaml b/http/cves/2023/CVE-2023-39141.yaml index f8aa6db775..2c2df7e7b4 100644 --- a/http/cves/2023/CVE-2023-39141.yaml +++ b/http/cves/2023/CVE-2023-39141.yaml @@ -14,15 +14,13 @@ info: - https://twitter.com/win3zz/status/1694239332465520684 - https://gist.github.com/JafarAkhondali/528fe6c548b78f454911fb866b23f66e - https://github.com/ziahamza/webui-aria2/blob/109903f0e2774cf948698cd95a01f77f33d7dd2c/node-server.js#L10 - - https://github.com/codeb0ss/CVE-2023-39141-PoC - - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-39141 cwe-id: CWE-22 epss-score: 0.00437 - epss-percentile: 0.74337 + epss-percentile: 0.72033 cpe: cpe:2.3:a:ziahamza:webui-aria2:-:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-39143.yaml b/http/cves/2023/CVE-2023-39143.yaml index ae2ca3315e..da1a548cb8 100644 --- a/http/cves/2023/CVE-2023-39143.yaml +++ b/http/cves/2023/CVE-2023-39143.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-39143 cwe-id: CWE-22 - epss-score: 0.94294 - epss-percentile: 0.99147 + epss-score: 0.93991 + epss-percentile: 0.99092 cpe: cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-39676.yaml b/http/cves/2023/CVE-2023-39676.yaml index fbb43740f0..cbcc8f15ce 100644 --- a/http/cves/2023/CVE-2023-39676.yaml +++ b/http/cves/2023/CVE-2023-39676.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2023-39676 cwe-id: CWE-79 epss-score: 0.00167 - epss-percentile: 0.52714 + epss-percentile: 0.53357 cpe: cpe:2.3:a:fieldthemes:fieldpopupnewsletter:1.0.0:*:*:*:*:prestashop:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-39796.yaml b/http/cves/2023/CVE-2023-39796.yaml index 74529d0835..7992ca201b 100644 --- a/http/cves/2023/CVE-2023-39796.yaml +++ b/http/cves/2023/CVE-2023-39796.yaml @@ -16,8 +16,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-39796 cwe-id: CWE-89 - epss-score: 0.06054 - epss-percentile: 0.93365 + epss-score: 0.03223 + epss-percentile: 0.90219 cpe: cpe:2.3:a:wbce:wbce_cms:1.6.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-4110.yaml b/http/cves/2023/CVE-2023-4110.yaml index 147d13dddc..2c5df20248 100644 --- a/http/cves/2023/CVE-2023-4110.yaml +++ b/http/cves/2023/CVE-2023-4110.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2023-4110 cwe-id: CWE-79 epss-score: 0.00235 - epss-percentile: 0.61096 + epss-percentile: 0.60949 cpe: cpe:2.3:a:phpjabbers:availability_booking_calendar:5.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-4111.yaml b/http/cves/2023/CVE-2023-4111.yaml index 3439143ebe..1404f4d807 100644 --- a/http/cves/2023/CVE-2023-4111.yaml +++ b/http/cves/2023/CVE-2023-4111.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2023-4111 cwe-id: CWE-79 epss-score: 0.00235 - epss-percentile: 0.61096 + epss-percentile: 0.60949 cpe: cpe:2.3:a:phpjabbers:bus_reservation_system:1.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-4112.yaml b/http/cves/2023/CVE-2023-4112.yaml index 0a63696233..b11311ac6a 100644 --- a/http/cves/2023/CVE-2023-4112.yaml +++ b/http/cves/2023/CVE-2023-4112.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2023-4112 cwe-id: CWE-79 epss-score: 0.00229 - epss-percentile: 0.60541 + epss-percentile: 0.60385 cpe: cpe:2.3:a:phpjabbers:shuttle_booking_software:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-4113.yaml b/http/cves/2023/CVE-2023-4113.yaml index 2fb425104e..4259c76310 100644 --- a/http/cves/2023/CVE-2023-4113.yaml +++ b/http/cves/2023/CVE-2023-4113.yaml @@ -16,8 +16,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-4113 cwe-id: CWE-79 - epss-score: 0.0027 - epss-percentile: 0.67329 + epss-score: 0.00263 + epss-percentile: 0.63974 cpe: cpe:2.3:a:phpjabbers:service_booking_script:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-41266.yaml b/http/cves/2023/CVE-2023-41266.yaml index be2f717e00..5dfc6e1109 100644 --- a/http/cves/2023/CVE-2023-41266.yaml +++ b/http/cves/2023/CVE-2023-41266.yaml @@ -16,8 +16,8 @@ info: cvss-score: 6.5 cve-id: CVE-2023-41266 cwe-id: CWE-20 - epss-score: 0.8237 - epss-percentile: 0.98335 + epss-score: 0.83414 + epss-percentile: 0.98363 cpe: cpe:2.3:a:qlik:qlik_sense:august_2022:-:*:*:enterprise:windows:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-4148.yaml b/http/cves/2023/CVE-2023-4148.yaml index bae077e7a5..d0825f4029 100644 --- a/http/cves/2023/CVE-2023-4148.yaml +++ b/http/cves/2023/CVE-2023-4148.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2023-4148 cwe-id: CWE-79 epss-score: 0.00064 - epss-percentile: 0.26526 + epss-percentile: 0.26209 cpe: cpe:2.3:a:metaphorcreations:ditty:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-4168.yaml b/http/cves/2023/CVE-2023-4168.yaml index 22e87e8d43..fc4b94187b 100644 --- a/http/cves/2023/CVE-2023-4168.yaml +++ b/http/cves/2023/CVE-2023-4168.yaml @@ -17,8 +17,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-4168 cwe-id: CWE-200,NVD-CWE-noinfo - epss-score: 0.12532 - epss-percentile: 0.95329 + epss-score: 0.12454 + epss-percentile: 0.95296 cpe: cpe:2.3:a:templatecookie:adlisting:2.14.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-4173.yaml b/http/cves/2023/CVE-2023-4173.yaml index 22c8310c34..75913b4766 100644 --- a/http/cves/2023/CVE-2023-4173.yaml +++ b/http/cves/2023/CVE-2023-4173.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-4173 cwe-id: CWE-79 - epss-score: 0.00255 - epss-percentile: 0.64881 + epss-score: 0.00226 + epss-percentile: 0.60816 cpe: cpe:2.3:a:moosocial:moostore:3.1.6:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-41763.yaml b/http/cves/2023/CVE-2023-41763.yaml index 1f352aabfc..d4de9d38ba 100644 --- a/http/cves/2023/CVE-2023-41763.yaml +++ b/http/cves/2023/CVE-2023-41763.yaml @@ -25,7 +25,7 @@ info: vendor: microsoft product: skype_for_business_server shodan-query: html:"Skype for Business" - tags: cve,cve2023,skype,blind-ssrf,oast,ssrf,kev,microsoft + tags: cve,cve2023,skype,blind-ssrf,oast,ssrf,kev variables: ssrfpayload: "http://{{interactsh-url}}/?id={{rand_base(3)}}%25{1337*1337}#.xx//" diff --git a/http/cves/2023/CVE-2023-43177.yaml b/http/cves/2023/CVE-2023-43177.yaml index 8c8f6be41f..4b7c96efa1 100644 --- a/http/cves/2023/CVE-2023-43177.yaml +++ b/http/cves/2023/CVE-2023-43177.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2023-43177 cwe-id: CWE-913 epss-score: 0.92767 - epss-percentile: 0.98977 + epss-percentile: 0.98966 cpe: cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2023/CVE-2023-43795.yaml b/http/cves/2023/CVE-2023-43795.yaml index 37fbe4815f..08e6822031 100644 --- a/http/cves/2023/CVE-2023-43795.yaml +++ b/http/cves/2023/CVE-2023-43795.yaml @@ -16,8 +16,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-43795 cwe-id: CWE-918 - epss-score: 0.10875 - epss-percentile: 0.95006 + epss-score: 0.11649 + epss-percentile: 0.95151 cpe: cpe:2.3:a:osgeo:geoserver:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-4415.yaml b/http/cves/2023/CVE-2023-4415.yaml index 37f6abd653..46398ab734 100644 --- a/http/cves/2023/CVE-2023-4415.yaml +++ b/http/cves/2023/CVE-2023-4415.yaml @@ -11,14 +11,13 @@ info: - https://github.com/blakespire/repoforcve/tree/main/RG-EW1200G-logic - https://vuldb.com/?ctiid.237518 - https://vuldb.com/?id.237518 - - https://github.com/20142995/sectool classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2023-4415 cwe-id: CWE-287 - epss-score: 0.00426 - epss-percentile: 0.73951 + epss-score: 0.00355 + epss-percentile: 0.69044 cpe: cpe:2.3:o:ruijienetworks:rg-ew1200g_firmware:07161417_r483:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-44352.yaml b/http/cves/2023/CVE-2023-44352.yaml index cb9a9cfca4..efacc220cb 100644 --- a/http/cves/2023/CVE-2023-44352.yaml +++ b/http/cves/2023/CVE-2023-44352.yaml @@ -14,8 +14,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-44352 cwe-id: CWE-79 - epss-score: 0.00972 - epss-percentile: 0.8306 + epss-score: 0.00931 + epss-percentile: 0.82639 cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-45671.yaml b/http/cves/2023/CVE-2023-45671.yaml index a77b0a1238..c5b8633606 100644 --- a/http/cves/2023/CVE-2023-45671.yaml +++ b/http/cves/2023/CVE-2023-45671.yaml @@ -10,15 +10,11 @@ info: reference: - https://github.com/blakeblackshear/frigate/security/advisories/GHSA-jjxc-m35j-p56f - https://nvd.nist.gov/vuln/detail/CVE-2023-45671 - - https://securitylab.github.com/advisories/GHSL-2023-190_Frigate/ classification: cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.7 cve-id: CVE-2023-45671 - cwe-id: CWE-79 - epss-score: 0.00945 - epss-percentile: 0.82822 - cpe: cpe:2.3:a:frigate:frigate:*:*:*:*:*:*:*:* + cpe: cpe:2.3:a:frigate:frigate:0.13.0:beta1:*:*:*:*:*:* metadata: verified: true max-request: 1 diff --git a/http/cves/2023/CVE-2023-45852.yaml b/http/cves/2023/CVE-2023-45852.yaml index b944f1498e..051ed6b3d3 100644 --- a/http/cves/2023/CVE-2023-45852.yaml +++ b/http/cves/2023/CVE-2023-45852.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-45852 cwe-id: CWE-77 - epss-score: 0.09057 - epss-percentile: 0.94506 + epss-score: 0.09217 + epss-percentile: 0.94519 cpe: cpe:2.3:o:viessmann:vitogate_300_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-4596.yaml b/http/cves/2023/CVE-2023-4596.yaml index 81e0b49d24..71102a69f7 100644 --- a/http/cves/2023/CVE-2023-4596.yaml +++ b/http/cves/2023/CVE-2023-4596.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-4596 cwe-id: CWE-434 - epss-score: 0.06806 - epss-percentile: 0.93766 + epss-score: 0.08202 + epss-percentile: 0.93732 cpe: cpe:2.3:a:incsub:forminator:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-46359.yaml b/http/cves/2023/CVE-2023-46359.yaml index b038a499b4..7aeae95268 100644 --- a/http/cves/2023/CVE-2023-46359.yaml +++ b/http/cves/2023/CVE-2023-46359.yaml @@ -10,22 +10,13 @@ info: reference: - https://www.offensity.com/en/blog/os-command-injection-in-cph2-charging-station-200-cve-2023-46359-and-cve-2023-46360/ - https://nvd.nist.gov/vuln/detail/CVE-2023-46359 - - http://hardy.com - - https://github.com/Marco-zcl/POC - - https://github.com/d4n-sec/d4n-sec.github.io classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 + cvss-metrics: CVSS:3.1/AV:A/AC:N/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 9.6 cve-id: CVE-2023-46359 - cwe-id: CWE-78 - epss-score: 0.15706 - epss-percentile: 0.95808 - cpe: cpe:2.3:o:hardy-barth:cph2_echarge_firmware:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 - vendor: hardy-barth - product: cph2_echarge_firmware shodan-query: html:"Salia PLCC" tags: cve2023,cve,salia-plcc,cph2,rce diff --git a/http/cves/2023/CVE-2023-46805.yaml b/http/cves/2023/CVE-2023-46805.yaml index cbeddec595..9cf94669f8 100644 --- a/http/cves/2023/CVE-2023-46805.yaml +++ b/http/cves/2023/CVE-2023-46805.yaml @@ -16,15 +16,15 @@ info: cvss-score: 8.2 cve-id: CVE-2023-46805 cwe-id: CWE-287 - epss-score: 0.96429 - epss-percentile: 0.99554 + epss-score: 0.96274 + epss-percentile: 0.99497 cpe: cpe:2.3:a:ivanti:connect_secure:9.0:*:*:*:*:*:*:* metadata: max-request: 2 vendor: ivanti product: "connect_secure" shodan-query: "html:\"welcome.cgi?p=logo\"" - tags: packetstorm,cve,cve2023,kev,auth-bypass,ivanti + tags: cve,cve2023,kev,auth-bypass,ivanti http: - raw: diff --git a/http/cves/2023/CVE-2023-47211.yaml b/http/cves/2023/CVE-2023-47211.yaml index 7cf0042fc7..deccc8b7f6 100644 --- a/http/cves/2023/CVE-2023-47211.yaml +++ b/http/cves/2023/CVE-2023-47211.yaml @@ -16,14 +16,14 @@ info: cve-id: CVE-2023-47211 cwe-id: CWE-22 epss-score: 0.00164 - epss-percentile: 0.52252 + epss-percentile: 0.52059 cpe: cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:*:*:*:*:*:*:*:* metadata: max-request: 3 vendor: zohocorp product: manageengine_firewall_analyzer shodan-query: "http.title:\"OpManager Plus\"" - tags: cve,cve2023,zoho,manageengine,authenticated,traversal,lfi,intrusive,zohocorp + tags: cve,cve2023,zoho,manageengine,authenticated,traversal,lfi,intrusive http: - raw: diff --git a/http/cves/2023/CVE-2023-47218.yaml b/http/cves/2023/CVE-2023-47218.yaml index dc16227fe4..ca420a4377 100644 --- a/http/cves/2023/CVE-2023-47218.yaml +++ b/http/cves/2023/CVE-2023-47218.yaml @@ -14,13 +14,14 @@ info: classification: cvss-metrics: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 8.3 - cve-id: CVE-2023-47218 cwe-id: CWE-78 + cve-id: CVE-2023-47218 metadata: verified: true max-request: 2 shodan-query: ssl.cert.issuer.cn:"QNAP NAS",title:"QNAP Turbo NAS" tags: cve,cve2023,qnap,qts,quts,rce,intrusive + variables: file: '{{rand_base(6)}}' cmd: '%22$($(echo -n aWQ=|base64 -d)>{{file}})%22' diff --git a/http/cves/2023/CVE-2023-47643.yaml b/http/cves/2023/CVE-2023-47643.yaml index 27c5f651db..da286fdd08 100644 --- a/http/cves/2023/CVE-2023-47643.yaml +++ b/http/cves/2023/CVE-2023-47643.yaml @@ -23,10 +23,10 @@ info: metadata: verified: true max-request: 2 - vendor: salesagility product: suitecrm + vendor: salesagility shodan-query: title:"SuiteCRM" - tags: cve,cve2023,graphql,suitecrm,introspection,salesagility + tags: cve,cve2023,graphql,suitecrm,introspection http: - raw: diff --git a/http/cves/2023/CVE-2023-48023.yaml b/http/cves/2023/CVE-2023-48023.yaml index a5c4824de2..dbb59e4a31 100644 --- a/http/cves/2023/CVE-2023-48023.yaml +++ b/http/cves/2023/CVE-2023-48023.yaml @@ -24,7 +24,7 @@ info: max-request: 1 vendor: Anyscale shodan-query: http.favicon.hash:463802404 - tags: cve,cve2023,ssrf,ray,anyscale,Anyscale + tags: cve,cve2023,ssrf,ray,anyscale http: - method: GET diff --git a/http/cves/2023/CVE-2023-4966.yaml b/http/cves/2023/CVE-2023-4966.yaml index ccb0c1b0be..04f7011d2b 100644 --- a/http/cves/2023/CVE-2023-4966.yaml +++ b/http/cves/2023/CVE-2023-4966.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2023-4966 cwe-id: CWE-119,NVD-CWE-noinfo epss-score: 0.96486 - epss-percentile: 0.99567 + epss-percentile: 0.9956 cpe: cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-5074.yaml b/http/cves/2023/CVE-2023-5074.yaml index 599ae0da94..9c0ebc96d2 100644 --- a/http/cves/2023/CVE-2023-5074.yaml +++ b/http/cves/2023/CVE-2023-5074.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2023-5074 cwe-id: CWE-798 epss-score: 0.01695 - epss-percentile: 0.87503 + epss-percentile: 0.87453 cpe: cpe:2.3:a:dlink:d-view_8:2.0.1.28:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-5089.yaml b/http/cves/2023/CVE-2023-5089.yaml index a52186a52e..1036b74c92 100644 --- a/http/cves/2023/CVE-2023-5089.yaml +++ b/http/cves/2023/CVE-2023-5089.yaml @@ -25,7 +25,7 @@ info: product: defender_security framework: wordpress publicwww-query: "/wp-content/plugins/defender-security/" - tags: cve,cve2023,wordpress,wpscan,wp-plugin,defender-security,redirect,wpmudev + tags: cve,cve2023,wordpress,wpscan,wp-plugin,defender-security,redirect http: - method: GET diff --git a/http/cves/2023/CVE-2023-50917.yaml b/http/cves/2023/CVE-2023-50917.yaml index 7ea2de3dd2..2d94b93d85 100644 --- a/http/cves/2023/CVE-2023-50917.yaml +++ b/http/cves/2023/CVE-2023-50917.yaml @@ -27,7 +27,7 @@ info: product: majordomo shodan-query: http.favicon.hash:1903390397 fofa-query: app="MajordomoSL" - tags: packetstorm,seclists,cve,cve2023,majordomo,rce,os,mjdm + tags: packetstorm,seclists,cve,cve2023,majordomo,rce,os http: - method: GET diff --git a/http/cves/2023/CVE-2023-5375.yaml b/http/cves/2023/CVE-2023-5375.yaml index 7e177074d2..7cb9ec08d1 100644 --- a/http/cves/2023/CVE-2023-5375.yaml +++ b/http/cves/2023/CVE-2023-5375.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2023-5375 cwe-id: CWE-601 epss-score: 0.00083 - epss-percentile: 0.34201 + epss-percentile: 0.339 cpe: cpe:2.3:a:mosparo:mosparo:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-5556.yaml b/http/cves/2023/CVE-2023-5556.yaml index 580178bbe1..07dd43ff62 100644 --- a/http/cves/2023/CVE-2023-5556.yaml +++ b/http/cves/2023/CVE-2023-5556.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2023-5556 cwe-id: CWE-79 epss-score: 0.00064 - epss-percentile: 0.26455 + epss-percentile: 0.26117 cpe: cpe:2.3:a:structurizr:on-premises_installation:*:*:*:*:*:*:*:* metadata: max-request: 5 diff --git a/http/cves/2023/CVE-2023-5830.yaml b/http/cves/2023/CVE-2023-5830.yaml index c60cc2ef11..51fd449d81 100644 --- a/http/cves/2023/CVE-2023-5830.yaml +++ b/http/cves/2023/CVE-2023-5830.yaml @@ -28,7 +28,7 @@ info: vendor: documentlocator product: document_locator shodan-query: 'title:"Document Locator - WebTools"' - tags: cve,cve2023,ssrf,unauth,columbiasoft,intrusive,webtools,documentlocator + tags: cve,cve2023,ssrf,unauth,columbiasoft,intrusive,webtools http: - raw: diff --git a/http/cves/2023/CVE-2023-5914.yaml b/http/cves/2023/CVE-2023-5914.yaml index 0bf27f9027..2dbeb41235 100644 --- a/http/cves/2023/CVE-2023-5914.yaml +++ b/http/cves/2023/CVE-2023-5914.yaml @@ -24,7 +24,7 @@ info: vendor: cloud product: citrix_storefront shodan-query: html:"/Citrix/StoreWeb" - tags: cve,xss,citrix,storefront,cve2023,cloud + tags: cve,cve2024,xss,citrix,storefront http: - method: POST diff --git a/http/cves/2023/CVE-2023-6018.yaml b/http/cves/2023/CVE-2023-6018.yaml index 6535f64518..4d957bdc53 100644 --- a/http/cves/2023/CVE-2023-6018.yaml +++ b/http/cves/2023/CVE-2023-6018.yaml @@ -15,7 +15,7 @@ info: cve-id: CVE-2023-6018 cwe-id: CWE-78 epss-score: 0.86232 - epss-percentile: 0.98524 + epss-percentile: 0.98502 cpe: cpe:2.3:a:lfprojects:mlflow:-:*:*:*:*:*:*:* metadata: verified: true @@ -23,7 +23,7 @@ info: vendor: lfprojects product: mlflow shodan-query: http.title:"mlflow" - tags: cve,cve2023,mlflow,oss,rce,intrusive,lfprojects + tags: cve,cve2023,mlflow,oss,rce,intrusive variables: model_name: "{{rand_text_alpha(6)}}" diff --git a/http/cves/2023/CVE-2023-6021.yaml b/http/cves/2023/CVE-2023-6021.yaml index c0e029dcd8..1ffb9b62e9 100644 --- a/http/cves/2023/CVE-2023-6021.yaml +++ b/http/cves/2023/CVE-2023-6021.yaml @@ -15,7 +15,7 @@ info: cve-id: CVE-2023-6021 cwe-id: CWE-22,CWE-29 epss-score: 0.0038 - epss-percentile: 0.72568 + epss-percentile: 0.72442 cpe: cpe:2.3:a:ray_project:ray:-:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-6023.yaml b/http/cves/2023/CVE-2023-6023.yaml index 63379db817..e9e4cb741d 100644 --- a/http/cves/2023/CVE-2023-6023.yaml +++ b/http/cves/2023/CVE-2023-6023.yaml @@ -27,7 +27,7 @@ info: product: modeldb shodan-query: http.favicon.hash:-2097033750 zoomeye-query: title:"Verta AI" - tags: cve,cve2023,lfi,modeldb,vertaai + tags: cve,cve2023,lfi,modeldb http: - method: GET diff --git a/http/cves/2023/CVE-2023-6038.yaml b/http/cves/2023/CVE-2023-6038.yaml index de5a330306..2b80f785df 100644 --- a/http/cves/2023/CVE-2023-6038.yaml +++ b/http/cves/2023/CVE-2023-6038.yaml @@ -14,9 +14,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-6038 - cwe-id: CWE-862 - epss-score: 0.06351 - epss-percentile: 0.93512 + cwe-id: CWE-862,CWE-29 + epss-score: 0.05392 + epss-percentile: 0.92391 cpe: cpe:2.3:a:h2o:h2o:-:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-6063.yaml b/http/cves/2023/CVE-2023-6063.yaml index 9bc362df84..57281bd29f 100644 --- a/http/cves/2023/CVE-2023-6063.yaml +++ b/http/cves/2023/CVE-2023-6063.yaml @@ -27,7 +27,7 @@ info: product: wp_fastest_cache framework: wordpress publicwww-query: /wp-content/plugins/wp-fastest-cache/ - tags: cve,cve2023,wp-fastest-cache,wpscan,wordpress,wp-plugin,sqli,wpfastestcache + tags: cve,cve2023,wp-fastest-cache,wpscan,wordpress,wp-plugin flow: http(1) && http(2) http: diff --git a/http/cves/2023/CVE-2023-6114.yaml b/http/cves/2023/CVE-2023-6114.yaml index e138e813f3..a6f9c783c2 100644 --- a/http/cves/2023/CVE-2023-6114.yaml +++ b/http/cves/2023/CVE-2023-6114.yaml @@ -22,10 +22,10 @@ info: cpe: cpe:2.3:a:awesomemotive:duplicator:*:*:*:*:-:wordpress:*:* metadata: max-request: 2 - vendor: awesomemotive product: duplicator + vendor: awesomemotive framework: wordpress - tags: cve,cve2023,duplicator,duplicator-pro,lfi,wpscan,wordpress,wp-plugin,wp,awesomemotive + tags: cve,cve2023,duplicator,duplicator-pro,lfi,wpscan,wordpress,wp-plugin,wp http: - method: GET diff --git a/http/cves/2023/CVE-2023-6360.yaml b/http/cves/2023/CVE-2023-6360.yaml index 7a1d2b72cf..e25f728e00 100644 --- a/http/cves/2023/CVE-2023-6360.yaml +++ b/http/cves/2023/CVE-2023-6360.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2023-6360 cwe-id: CWE-89 epss-score: 0.00832 - epss-percentile: 0.81703 + epss-percentile: 0.81644 cpe: cpe:2.3:a:joedolson:my_calendar:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -30,7 +30,7 @@ info: product: my_calendar framework: wordpress fofa-query: '"wordpress" && body="wp-content/plugins/my-calendar"' - tags: cve,cve2023,sqli,wp,wordpress,wpscan,wp-plugin,my-calendar,joedolson + tags: cve,cve2023,sqli,wp,wordpress,wpscan,wp-plugin,my-calendar flow: http(1) && http(2) http: diff --git a/http/cves/2023/CVE-2023-6379.yaml b/http/cves/2023/CVE-2023-6379.yaml index 69bc73e272..6bb0e87f02 100644 --- a/http/cves/2023/CVE-2023-6379.yaml +++ b/http/cves/2023/CVE-2023-6379.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-6379 cwe-id: CWE-79 - epss-score: 0.00075 - epss-percentile: 0.30964 + epss-score: 0.00113 + epss-percentile: 0.44636 cpe: cpe:2.3:a:alkacon:opencms:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-6380.yaml b/http/cves/2023/CVE-2023-6380.yaml index 48143d96ff..f2fcf4b42d 100644 --- a/http/cves/2023/CVE-2023-6380.yaml +++ b/http/cves/2023/CVE-2023-6380.yaml @@ -24,7 +24,7 @@ info: vendor: alkacon product: opencms shodan-query: "/opencms/" - tags: cve,cve2023,redirect,opencms,alkacon + tags: cve,cve2023,redirect,opencms http: - method: GET diff --git a/http/cves/2023/CVE-2023-6553.yaml b/http/cves/2023/CVE-2023-6553.yaml index e94b7b48ed..400597e957 100644 --- a/http/cves/2023/CVE-2023-6553.yaml +++ b/http/cves/2023/CVE-2023-6553.yaml @@ -26,7 +26,7 @@ info: framework: wordpress publicwww-query: /wp-content/plugins/backup-backup/ google-query: inurl:"/wp-content/plugins/backup-backup/" - tags: packetstorm,cve,cve2023,wp-plugin,rce,unauth,wordpress,wp,backupbliss + tags: cve,cve2023,wp-plugin,rce,unauth,wordpress,wp flow: http(1) && http(2) http: diff --git a/http/cves/2023/CVE-2023-6567.yaml b/http/cves/2023/CVE-2023-6567.yaml index bbde30907b..a6e2943d61 100644 --- a/http/cves/2023/CVE-2023-6567.yaml +++ b/http/cves/2023/CVE-2023-6567.yaml @@ -28,7 +28,7 @@ info: product: learnpress framework: wordpress publicwww-query: "/wp-content/plugins/learnpress" - tags: wpscan,cve,cve2023,wp,wp-plugin,wordpress,learnpress,sqli,thimpress + tags: wpscan,cve,cve2023,wp,wp-plugin,wordpress,learnpress,sqli http: - method: GET diff --git a/http/cves/2023/CVE-2023-6623.yaml b/http/cves/2023/CVE-2023-6623.yaml index cfcf216cca..f6dabde295 100644 --- a/http/cves/2023/CVE-2023-6623.yaml +++ b/http/cves/2023/CVE-2023-6623.yaml @@ -29,7 +29,7 @@ info: product: essential_blocks framework: wordpress publicwww-query: "/wp-content/plugins/essential-blocks/" - tags: wpscan,cve,cve2023,wp,wp-plugin,wordpress,essential-blocks,lfi,wpdeveloper + tags: wpscan,cve,cve2023,wp,wp-plugin,wordpress,essential-blocks,lfi http: - method: GET diff --git a/http/cves/2023/CVE-2023-6634.yaml b/http/cves/2023/CVE-2023-6634.yaml index 6879ebfd26..bcfcddafca 100644 --- a/http/cves/2023/CVE-2023-6634.yaml +++ b/http/cves/2023/CVE-2023-6634.yaml @@ -28,7 +28,7 @@ info: product: learnpress framework: wordpress publicwww-query: "/wp-content/plugins/learnpress" - tags: wpscan,cve,cve2023,wordpress,wp,wp-plugin,learnpress,rce,intrusive,thimpress + tags: wpscan,cve,cve2023,wordpress,wp,wp-plugin,learnpress,rce,intrusive variables: oast: "{{interactsh-url}}/?" padstr: "{{randstr}}" diff --git a/http/cves/2023/CVE-2023-6831.yaml b/http/cves/2023/CVE-2023-6831.yaml index 852b56907f..c20de4ecb6 100644 --- a/http/cves/2023/CVE-2023-6831.yaml +++ b/http/cves/2023/CVE-2023-6831.yaml @@ -16,9 +16,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H cvss-score: 8.1 cve-id: CVE-2023-6831 - cwe-id: CWE-22,CWE-29 - epss-score: 0.00246 - epss-percentile: 0.6414 + cwe-id: CWE-22 + epss-score: 0.00046 + epss-percentile: 0.12693 cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-6875.yaml b/http/cves/2023/CVE-2023-6875.yaml index 34885c842a..5bfecacd98 100644 --- a/http/cves/2023/CVE-2023-6875.yaml +++ b/http/cves/2023/CVE-2023-6875.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2023-6875 cwe-id: CWE-862 epss-score: 0.04263 - epss-percentile: 0.92117 + epss-percentile: 0.92089 cpe: cpe:2.3:a:wpexperts:post_smtp_mailer:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -28,7 +28,7 @@ info: product: post_smtp_mailer framework: wordpress publicwww-query: "/wp-content/plugins/post-smtp" - tags: cve,cve2023,wp,wp-plugin,wordpress,smtp,mailer,auth-bypass,wpexperts + tags: cve,cve2023,wp,wp-plugin,wordpress,smtp,mailer,auth-bypass variables: fcm_token: "{{randstr_1}}" device: "{{randstr_2}}" diff --git a/http/cves/2023/CVE-2023-6909.yaml b/http/cves/2023/CVE-2023-6909.yaml index a1fcbd5730..fe4e77c554 100644 --- a/http/cves/2023/CVE-2023-6909.yaml +++ b/http/cves/2023/CVE-2023-6909.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-6909 cwe-id: CWE-29 - epss-score: 0.00494 - epss-percentile: 0.75812 + epss-score: 0.00409 + epss-percentile: 0.73387 cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* metadata: verified: true @@ -28,7 +28,7 @@ info: vendor: lfprojects product: mlflow shodan-query: "http.title:\"mlflow\"" - tags: cve,cve2023,mlflow,lfi,intrusive,lfprojects + tags: cve,cve2023,mlflow,lfi,intrusive http: - raw: diff --git a/http/cves/2023/CVE-2023-6977.yaml b/http/cves/2023/CVE-2023-6977.yaml index 1f3cf523ef..2eb799cbbc 100644 --- a/http/cves/2023/CVE-2023-6977.yaml +++ b/http/cves/2023/CVE-2023-6977.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-6977 cwe-id: CWE-29 - epss-score: 0.00494 - epss-percentile: 0.75812 + epss-score: 0.00409 + epss-percentile: 0.73387 cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2024/CVE-2024-0204.yaml b/http/cves/2024/CVE-2024-0204.yaml index ac7a2fa0de..c32fd0979b 100644 --- a/http/cves/2024/CVE-2024-0204.yaml +++ b/http/cves/2024/CVE-2024-0204.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2024-0204 cwe-id: CWE-425 epss-score: 0.53864 - epss-percentile: 0.97567 + epss-percentile: 0.97564 cpe: cpe:2.3:a:fortra:goanywhere_managed_file_transfer:*:*:*:*:*:*:*:* metadata: verified: true @@ -28,7 +28,7 @@ info: shodan-query: http.favicon.hash:1484947000,1828756398,1170495932 fofa-query: app="GoAnywhere-MFT" zoomeye-query: app:"Fortra GoAnywhere-MFT" - tags: packetstorm,cve,cve2024,auth-bypass,goanywhere,fortra + tags: cve,cve2024,auth-bypass,goanywhere http: - method: GET diff --git a/http/cves/2024/CVE-2024-0305.yaml b/http/cves/2024/CVE-2024-0305.yaml index 9ef3b6bb79..9305b5e307 100644 --- a/http/cves/2024/CVE-2024-0305.yaml +++ b/http/cves/2024/CVE-2024-0305.yaml @@ -18,9 +18,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2024-0305 - cwe-id: CWE-200,NVD-CWE-noinfo epss-score: 0.00796 - epss-percentile: 0.81273 + epss-percentile: 0.81232 cpe: cpe:2.3:a:ncast_project:ncast:*:*:*:*:*:*:*:* metadata: verified: true @@ -29,7 +28,7 @@ info: product: ncast fofa-query: app="Ncast-产品" && title=="高清智能录播系统" zoomeye-query: title:"高清智能录播系统" - tags: cve,cve2024,ncast,rce,ncast_project + tags: cve,cve2024,ncast,rce http: - raw: diff --git a/http/cves/2024/CVE-2024-0352.yaml b/http/cves/2024/CVE-2024-0352.yaml index 6a3c39f9bf..3452a1685d 100644 --- a/http/cves/2024/CVE-2024-0352.yaml +++ b/http/cves/2024/CVE-2024-0352.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2024-0352 cwe-id: CWE-434 - epss-score: 0.00727 - epss-percentile: 0.80341 + epss-score: 0.01029 + epss-percentile: 0.82231 cpe: cpe:2.3:a:likeshop:likeshop:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2024/CVE-2024-1021.yaml b/http/cves/2024/CVE-2024-1021.yaml index 766042f6cb..d6858b9ce0 100644 --- a/http/cves/2024/CVE-2024-1021.yaml +++ b/http/cves/2024/CVE-2024-1021.yaml @@ -30,7 +30,7 @@ info: vendor: ruifang-tech product: rebuild fofa-query: "icon_hash=\"871154672\"" - tags: cve2024,cve,rebuild,ssrf,ruifang-tech + tags: cve2024,cve,rebuild,ssrf http: - method: GET diff --git a/http/cves/2024/CVE-2024-1061.yaml b/http/cves/2024/CVE-2024-1061.yaml index 7779032e04..f0ddb1a479 100644 --- a/http/cves/2024/CVE-2024-1061.yaml +++ b/http/cves/2024/CVE-2024-1061.yaml @@ -31,7 +31,7 @@ info: product: html5_video_player framework: wordpress fofa-query: "\"wordpress\" && body=\"html5-video-player\"" - tags: cve,cve2024,wp,wordpress,wp-plugin,sqli,html5-video-player,bplugins + tags: cve,cve2024,wp,wordpress,wp-plugin,sqli,html5-video-player http: - method: GET diff --git a/http/cves/2024/CVE-2024-1071.yaml b/http/cves/2024/CVE-2024-1071.yaml index 1ae93371c5..82c83ee6c6 100644 --- a/http/cves/2024/CVE-2024-1071.yaml +++ b/http/cves/2024/CVE-2024-1071.yaml @@ -27,7 +27,7 @@ info: fofa-query: body="/wp-content/plugins/ultimate-member" publicwww-query: "/wp-content/plugins/ultimate-member/" zoomeye-query: app:"WordPress Ultimate Member Plugin" - tags: cve,cve2024,ultimate-member,wpscan,wordpress,wp-plugin,sqli + tags: cve,cve2024,ultimate-member,wpscan,wordpress,wp-plugin http: - raw: diff --git a/http/cves/2024/CVE-2024-1208.yaml b/http/cves/2024/CVE-2024-1208.yaml index 0cd89db36e..ba10347dd8 100644 --- a/http/cves/2024/CVE-2024-1208.yaml +++ b/http/cves/2024/CVE-2024-1208.yaml @@ -18,7 +18,7 @@ info: cvss-score: 5.3 cve-id: CVE-2024-1208 epss-score: 0.01024 - epss-percentile: 0.83504 + epss-percentile: 0.83462 cpe: cpe:2.3:a:learndash:learndash:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2024/CVE-2024-1209.yaml b/http/cves/2024/CVE-2024-1209.yaml index 719503489b..dc369cfd47 100644 --- a/http/cves/2024/CVE-2024-1209.yaml +++ b/http/cves/2024/CVE-2024-1209.yaml @@ -11,14 +11,10 @@ info: - https://wpscan.com/vulnerability/f813a21d-7a6a-4ff4-a43c-3e2991a23c7f/ - https://github.com/karlemilnikka/CVE-2024-1209 - https://nvd.nist.gov/vuln/detail/CVE-2024-1209 - - https://www.learndash.com/release-notes/ - - https://www.wordfence.com/threat-intel/vulnerabilities/id/7191955e-0db1-4ad1-878b-74f90ca59c91?source=cve classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2024-1209 - epss-score: 0.00945 - epss-percentile: 0.82817 cpe: cpe:2.3:a:learndash:learndash:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2024/CVE-2024-1212.yaml b/http/cves/2024/CVE-2024-1212.yaml index ca05c781ad..eeec45de5e 100644 --- a/http/cves/2024/CVE-2024-1212.yaml +++ b/http/cves/2024/CVE-2024-1212.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2024-1212 cwe-id: CWE-78 epss-score: 0.00721 - epss-percentile: 0.80266 + epss-percentile: 0.802 metadata: verified: true max-request: 1 diff --git a/http/cves/2024/CVE-2024-1709.yaml b/http/cves/2024/CVE-2024-1709.yaml index 19bf82287c..8b034b70f7 100644 --- a/http/cves/2024/CVE-2024-1709.yaml +++ b/http/cves/2024/CVE-2024-1709.yaml @@ -11,15 +11,11 @@ info: - https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc - https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8 - https://nvd.nist.gov/vuln/detail/CVE-2024-1709 - - https://github.com/rapid7/metasploit-framework/pull/18870 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 10 cve-id: CVE-2024-1709 cwe-id: CWE-288 - epss-score: 0.94263 - epss-percentile: 0.99143 - cpe: cpe:2.3:a:connectwise:screenconnect:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 diff --git a/http/cves/2024/CVE-2024-21644.yaml b/http/cves/2024/CVE-2024-21644.yaml index 42a21c00d9..4cb683498d 100644 --- a/http/cves/2024/CVE-2024-21644.yaml +++ b/http/cves/2024/CVE-2024-21644.yaml @@ -12,15 +12,13 @@ info: - https://github.com/advisories/GHSA-mqpq-2p68-46fv - https://github.com/fkie-cad/nvd-json-data-feeds - https://nvd.nist.gov/vuln/detail/CVE-2024-21644 - - https://github.com/ltranquility/CVE-2024-21644-Poc - - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2024-21644 cwe-id: CWE-284 - epss-score: 0.13907 - epss-percentile: 0.95539 + epss-score: 0.41231 + epss-percentile: 0.97205 cpe: cpe:2.3:a:pyload:pyload:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2024/CVE-2024-21645.yaml b/http/cves/2024/CVE-2024-21645.yaml index fd9b5b0ee8..78b42790ec 100644 --- a/http/cves/2024/CVE-2024-21645.yaml +++ b/http/cves/2024/CVE-2024-21645.yaml @@ -17,8 +17,8 @@ info: cvss-score: 5.3 cve-id: CVE-2024-21645 cwe-id: CWE-74 - epss-score: 0.0112 - epss-percentile: 0.84326 + epss-score: 0.00046 + epss-percentile: 0.13723 cpe: cpe:2.3:a:pyload:pyload:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2024/CVE-2024-21887.yaml b/http/cves/2024/CVE-2024-21887.yaml index 1e494d8524..d0ecc2eb4e 100644 --- a/http/cves/2024/CVE-2024-21887.yaml +++ b/http/cves/2024/CVE-2024-21887.yaml @@ -17,14 +17,14 @@ info: cve-id: CVE-2024-21887 cwe-id: CWE-77 epss-score: 0.97322 - epss-percentile: 0.9987 + epss-percentile: 0.99871 cpe: cpe:2.3:a:ivanti:connect_secure:9.0:*:*:*:*:*:*:* metadata: max-request: 1 vendor: ivanti product: "connect_secure" shodan-query: "html:\"welcome.cgi?p=logo\"" - tags: packetstorm,cve,cve2024,kev,rce,ivanti + tags: cve,cve2024,kev,rce,ivanti http: - raw: diff --git a/http/cves/2024/CVE-2024-21893.yaml b/http/cves/2024/CVE-2024-21893.yaml index db4e86d777..5bacd3dd43 100644 --- a/http/cves/2024/CVE-2024-21893.yaml +++ b/http/cves/2024/CVE-2024-21893.yaml @@ -17,8 +17,8 @@ info: cvss-score: 8.2 cve-id: CVE-2024-21893 cwe-id: CWE-918 - epss-score: 0.96139 - epss-percentile: 0.99473 + epss-score: 0.96249 + epss-percentile: 0.9949 cpe: cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2024/CVE-2024-27564.yaml b/http/cves/2024/CVE-2024-27564.yaml index 65a8b04159..5c084baf08 100644 --- a/http/cves/2024/CVE-2024-27564.yaml +++ b/http/cves/2024/CVE-2024-27564.yaml @@ -11,8 +11,8 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2024-27564 metadata: verified: true - max-request: 2 - fofa-query: "title=\"ChatGPT个人专用版\"" + max-request: 1 + fofa-query: title="ChatGPT个人专用版" tags: cve,cve2024,chatgpt,ssrf,oast,oos,lfi http: diff --git a/http/cves/2024/CVE-2024-28255.yaml b/http/cves/2024/CVE-2024-28255.yaml index 44bc71ffa6..8ce2c581ea 100644 --- a/http/cves/2024/CVE-2024-28255.yaml +++ b/http/cves/2024/CVE-2024-28255.yaml @@ -11,19 +11,19 @@ info: - https://github.com/open-metadata/OpenMetadata/blob/e2043a3f31312ebb42391d6c93a67584d798de52/openmetadata-service/src/main/java/org/openmetadata/service/security/JwtFilter.java#L113 - https://github.com/open-metadata/OpenMetadata/security/advisories/GHSA-6wx7-qw5p-wh84 - https://nvd.nist.gov/vuln/detail/CVE-2024-28255 - - https://github.com/NaInSec/CVE-LIST classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2024-28255 cwe-id: CWE-287 - epss-score: 0.00065 - epss-percentile: 0.27096 + epss-score: 0.00045 + epss-percentile: 0.12989 metadata: verified: true max-request: 1 shodan-query: http.favicon.hash:733091897 tags: cve,cve2024,openmetadata,rce,auth-bypass + variables: callback: "{{interactsh-url}}" cmd: "nslookup {{callback}}" diff --git a/http/cves/2024/CVE-2024-28734.yaml b/http/cves/2024/CVE-2024-28734.yaml index 6590760ff5..d7cb5481c3 100644 --- a/http/cves/2024/CVE-2024-28734.yaml +++ b/http/cves/2024/CVE-2024-28734.yaml @@ -16,7 +16,7 @@ info: epss-percentile: 0.12994 metadata: max-request: 1 - tags: packetstorm,cve,cve2024,coda,xss + tags: cve,cve2024,coda,xss http: - raw: diff --git a/http/cves/2024/CVE-2024-29059.yaml b/http/cves/2024/CVE-2024-29059.yaml index 229db8346b..359178ba06 100644 --- a/http/cves/2024/CVE-2024-29059.yaml +++ b/http/cves/2024/CVE-2024-29059.yaml @@ -18,9 +18,9 @@ info: cpe: cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:* metadata: max-request: 2 + shodan-query: 'Server: MS .NET Remoting' vendor: microsoft product: .net_framework - shodan-query: 'Server: MS .NET Remoting' tags: cve,cve2024,dotnet,microsoft,remoting,deserialization http: diff --git a/http/default-logins/3com/3Com-wireless-default-login.yaml b/http/default-logins/3com/3Com-wireless-default-login.yaml index ff639e033e..321a07e084 100644 --- a/http/default-logins/3com/3Com-wireless-default-login.yaml +++ b/http/default-logins/3com/3Com-wireless-default-login.yaml @@ -9,8 +9,8 @@ info: reference: - https://www.speedguide.net/routers/3com-wl-546-3com-wireless-8760-dual-radio-11abg-1256 metadata: - max-request: 2 - fofa-query: "title=\"3COM\"" + max-request: 1 + fofa-query: title="3COM" tags: default-login,3com http: diff --git a/http/default-logins/next-terminal/next-terminal-default-login.yaml b/http/default-logins/next-terminal/next-terminal-default-login.yaml index 1e5d1c9dff..fd94360b85 100644 --- a/http/default-logins/next-terminal/next-terminal-default-login.yaml +++ b/http/default-logins/next-terminal/next-terminal-default-login.yaml @@ -9,9 +9,9 @@ info: reference: - https://github.com/dushixiang/next-terminal metadata: - verified: true max-request: 1 fofa-query: title="Next Terminal" + verified: true tags: default-login,next-terminal,next http: diff --git a/http/default-logins/wazuh-default-login.yaml b/http/default-logins/wazuh-default-login.yaml index 550b41dad8..2f31694d0f 100644 --- a/http/default-logins/wazuh-default-login.yaml +++ b/http/default-logins/wazuh-default-login.yaml @@ -12,8 +12,8 @@ info: - https://documentation.wazuh.com/current/deployment-options/docker/wazuh-container.html#single-node-deployment metadata: verified: true - max-request: 7 - shodan-query: "title:\"Wazuh\"" + max-request: 6 + shodan-query: title:"Wazuh" tags: wazuh,default-login http: diff --git a/http/default-logins/zabbix/zabbix-default-login.yaml b/http/default-logins/zabbix/zabbix-default-login.yaml index 6da48b963c..0f957d6459 100644 --- a/http/default-logins/zabbix/zabbix-default-login.yaml +++ b/http/default-logins/zabbix/zabbix-default-login.yaml @@ -12,7 +12,7 @@ info: cvss-score: 8.3 cwe-id: CWE-522 metadata: - max-request: 2 + max-request: 1 tags: zabbix,default-login http: diff --git a/http/exposed-panels/3cx-phone-management-panel.yaml b/http/exposed-panels/3cx-phone-management-panel.yaml index 8018015a6f..2a0e1a613a 100644 --- a/http/exposed-panels/3cx-phone-management-panel.yaml +++ b/http/exposed-panels/3cx-phone-management-panel.yaml @@ -14,13 +14,13 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:3cx:3cx:*:*:*:*:*:*:*:* metadata: + google-query: intitle:"3CX Phone System Management Console" max-request: 1 - vendor: 3cx product: 3cx shodan-query: - http.title:"3CX Phone System Management Console" - http.favicon.hash:970132176 - google-query: intitle:"3CX Phone System Management Console" + vendor: 3cx tags: panel,3cx http: diff --git a/http/exposed-panels/3cx-phone-webclient-management-panel.yaml b/http/exposed-panels/3cx-phone-webclient-management-panel.yaml index c5e5060685..9b2a5c4d3e 100644 --- a/http/exposed-panels/3cx-phone-webclient-management-panel.yaml +++ b/http/exposed-panels/3cx-phone-webclient-management-panel.yaml @@ -14,11 +14,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:3cx:3cx:*:*:*:*:*:*:*:* metadata: + google-query: intitle:"3CX Webclient" max-request: 1 - vendor: 3cx product: 3cx shodan-query: http.title:"3CX Webclient" - google-query: intitle:"3CX Webclient" + vendor: 3cx tags: panel,3cx http: diff --git a/http/exposed-panels/acemanager-login.yaml b/http/exposed-panels/acemanager-login.yaml index 0bed2c410d..9ab19d6a3b 100644 --- a/http/exposed-panels/acemanager-login.yaml +++ b/http/exposed-panels/acemanager-login.yaml @@ -9,10 +9,10 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:sierrawireless:airlink_mobility_manager:*:*:*:*:*:*:*:* metadata: - max-request: 1 - vendor: sierrawireless - product: airlink_mobility_manager fofa-query: app="ACEmanager" + max-request: 1 + product: airlink_mobility_manager + vendor: sierrawireless tags: panel,login,tech,acemanager,sierrawireless http: diff --git a/http/exposed-panels/acenet-panel.yaml b/http/exposed-panels/acenet-panel.yaml index 19ea69fdea..1e1d7774d8 100644 --- a/http/exposed-panels/acenet-panel.yaml +++ b/http/exposed-panels/acenet-panel.yaml @@ -5,9 +5,9 @@ info: author: DhiyaneshDk severity: info metadata: + fofa-query: body="Login @ Reporter" max-request: 1 shodan-query: http.favicon.hash:-1595726841 - fofa-query: body="Login @ Reporter" tags: panel,login,acenet,acereporter http: diff --git a/http/exposed-panels/acrolinx-dashboard.yaml b/http/exposed-panels/acrolinx-dashboard.yaml index 5cd589e7ae..aef9394078 100644 --- a/http/exposed-panels/acrolinx-dashboard.yaml +++ b/http/exposed-panels/acrolinx-dashboard.yaml @@ -10,10 +10,10 @@ info: classification: cwe-id: CWE-200 metadata: - max-request: 1 - shodan-query: http.title:"Acrolinx Dashboard" fofa-query: title=="Acrolinx Dashboard" google-query: inurl:"Acrolinx Dashboard" + max-request: 1 + shodan-query: http.title:"Acrolinx Dashboard" tags: acrolinx,panel http: diff --git a/http/exposed-panels/acti-panel.yaml b/http/exposed-panels/acti-panel.yaml index a642e64f7e..0ed0743974 100644 --- a/http/exposed-panels/acti-panel.yaml +++ b/http/exposed-panels/acti-panel.yaml @@ -5,10 +5,10 @@ info: author: DhiyaneshDk severity: info metadata: - verified: true + fofa-query: app="ACTi-视频监控" max-request: 1 shodan-query: title:"Web Configurator" html:"ACTi" - fofa-query: app="ACTi-视频监控" + verified: true tags: acti,panel,login,detect http: diff --git a/http/exposed-panels/active-admin-exposure.yaml b/http/exposed-panels/active-admin-exposure.yaml index d23836b80d..f8f370d602 100644 --- a/http/exposed-panels/active-admin-exposure.yaml +++ b/http/exposed-panels/active-admin-exposure.yaml @@ -12,8 +12,8 @@ info: cpe: cpe:2.3:a:activeadmin:activeadmin:*:*:*:*:ruby:*:*:* metadata: max-request: 1 - vendor: activeadmin product: activeadmin + vendor: activeadmin tags: panel,activeadmin http: diff --git a/http/exposed-panels/activemq-panel.yaml b/http/exposed-panels/activemq-panel.yaml index 1b99ab2936..14fcf8c1d5 100644 --- a/http/exposed-panels/activemq-panel.yaml +++ b/http/exposed-panels/activemq-panel.yaml @@ -12,8 +12,8 @@ info: cpe: cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: apache product: activemq + vendor: apache tags: panel,activemq,apache http: diff --git a/http/exposed-panels/acunetix-login.yaml b/http/exposed-panels/acunetix-login.yaml index 582c056aac..1fde288b23 100644 --- a/http/exposed-panels/acunetix-login.yaml +++ b/http/exposed-panels/acunetix-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Acunetix" + verified: true tags: panel,acunetix http: diff --git a/http/exposed-panels/addonfinance-portal.yaml b/http/exposed-panels/addonfinance-portal.yaml index 159c1d8ada..204507ff2e 100644 --- a/http/exposed-panels/addonfinance-portal.yaml +++ b/http/exposed-panels/addonfinance-portal.yaml @@ -6,9 +6,9 @@ info: severity: info description: AddOnFinance Portal Panel was detected. metadata: - verified: "true" max-request: 1 shodan-query: title:"AddOnFinancePortal" + verified: "true" tags: panel,addon,finance,detect http: diff --git a/http/exposed-panels/adhoc-transfer-panel.yaml b/http/exposed-panels/adhoc-transfer-panel.yaml index 4d2b6d7bdb..d49d385a39 100644 --- a/http/exposed-panels/adhoc-transfer-panel.yaml +++ b/http/exposed-panels/adhoc-transfer-panel.yaml @@ -6,11 +6,11 @@ info: severity: info description: WS_FTP Ad Hoc panel was detected. metadata: - verified: true max-request: 1 - vendor: progress product: ws_ftp shodan-query: http.title:"Ad Hoc Transfer" + vendor: progress + verified: true tags: panel,wsftp,ad-hoc,detect,login,progress http: diff --git a/http/exposed-panels/adiscon-loganalyzer.yaml b/http/exposed-panels/adiscon-loganalyzer.yaml index a1bf3da61d..784bfe9f8a 100644 --- a/http/exposed-panels/adiscon-loganalyzer.yaml +++ b/http/exposed-panels/adiscon-loganalyzer.yaml @@ -14,8 +14,8 @@ info: cpe: cpe:2.3:a:adiscon:loganalyzer:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: adiscon product: loganalyzer + vendor: adiscon tags: adiscon,loganalyzer,syslog,exposure,panel http: diff --git a/http/exposed-panels/adminer-panel-detect.yaml b/http/exposed-panels/adminer-panel-detect.yaml index 8a205e2189..8beeab25b4 100644 --- a/http/exposed-panels/adminer-panel-detect.yaml +++ b/http/exposed-panels/adminer-panel-detect.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:adminer:adminer:*:*:*:*:*:*:*:* metadata: max-request: 741 - vendor: adminer product: adminer + vendor: adminer tags: panel,fuzz,adminer,login,sqli http: diff --git a/http/exposed-panels/adminer-panel.yaml b/http/exposed-panels/adminer-panel.yaml index 8b5e36b394..e9543e8b03 100644 --- a/http/exposed-panels/adminer-panel.yaml +++ b/http/exposed-panels/adminer-panel.yaml @@ -11,11 +11,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:adminer:adminer:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 8 - vendor: adminer product: adminer shodan-query: title:"Login - Adminer" + vendor: adminer + verified: true tags: panel,adminer http: diff --git a/http/exposed-panels/adminset-panel.yaml b/http/exposed-panels/adminset-panel.yaml index 7a2b289842..48c5d1a42f 100644 --- a/http/exposed-panels/adminset-panel.yaml +++ b/http/exposed-panels/adminset-panel.yaml @@ -8,8 +8,8 @@ info: classification: cwe-id: CWE-200 metadata: - max-request: 1 fofa-query: app="AdminSet" + max-request: 1 reference: - https://github.com/guhongze/adminset/ tags: adminset,panel diff --git a/http/exposed-panels/adobe/adobe-component-login.yaml b/http/exposed-panels/adobe/adobe-component-login.yaml index 0dacaae596..1c53d8de87 100644 --- a/http/exposed-panels/adobe/adobe-component-login.yaml +++ b/http/exposed-panels/adobe/adobe-component-login.yaml @@ -12,9 +12,9 @@ info: cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: adobe product: coldfusion shodan-query: http.component:"Adobe ColdFusion" + vendor: adobe tags: panel,adobe,coldfusion,edb http: diff --git a/http/exposed-panels/adobe/adobe-connect-central-login.yaml b/http/exposed-panels/adobe/adobe-connect-central-login.yaml index 5e396c2bd2..e8ce76b66a 100644 --- a/http/exposed-panels/adobe/adobe-connect-central-login.yaml +++ b/http/exposed-panels/adobe/adobe-connect-central-login.yaml @@ -12,8 +12,8 @@ info: cpe: cpe:2.3:a:adobe:connect:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: adobe product: connect + vendor: adobe tags: adobe,panel,connect-central http: diff --git a/http/exposed-panels/adobe/adobe-experience-manager-login.yaml b/http/exposed-panels/adobe/adobe-experience-manager-login.yaml index c11a2ee130..7cbef5bf80 100644 --- a/http/exposed-panels/adobe/adobe-experience-manager-login.yaml +++ b/http/exposed-panels/adobe/adobe-experience-manager-login.yaml @@ -12,9 +12,9 @@ info: cpe: cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: adobe product: experience_manager shodan-query: http.title:"AEM Sign In" + vendor: adobe tags: panel,aem,adobe http: diff --git a/http/exposed-panels/adobe/aem-crx-package-manager.yaml b/http/exposed-panels/adobe/aem-crx-package-manager.yaml index 40ae595082..40889640a4 100644 --- a/http/exposed-panels/adobe/aem-crx-package-manager.yaml +++ b/http/exposed-panels/adobe/aem-crx-package-manager.yaml @@ -13,11 +13,11 @@ info: cpe: cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: adobe product: experience_manager shodan-query: - http.title:"AEM Sign In" - http.component:"Adobe Experience Manager" + vendor: adobe tags: panel,aem,adobe http: diff --git a/http/exposed-panels/adobe/aem-sling-login.yaml b/http/exposed-panels/adobe/aem-sling-login.yaml index 05d1965723..d44f6ecd73 100644 --- a/http/exposed-panels/adobe/aem-sling-login.yaml +++ b/http/exposed-panels/adobe/aem-sling-login.yaml @@ -13,11 +13,11 @@ info: cpe: cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: adobe product: experience_manager shodan-query: - http.title:"AEM Sign In" - http.component:"Adobe Experience Manager" + vendor: adobe tags: panel,aem,adobe,sling http: diff --git a/http/exposed-panels/afterlogic-webmail-login.yaml b/http/exposed-panels/afterlogic-webmail-login.yaml index ff717cdd7b..0f84ff0339 100644 --- a/http/exposed-panels/afterlogic-webmail-login.yaml +++ b/http/exposed-panels/afterlogic-webmail-login.yaml @@ -10,10 +10,10 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:afterlogic:aurora:*:*:*:*:*:*:*:* metadata: - max-request: 1 - vendor: afterlogic - product: aurora fofa-query: 'X-Server: AfterlogicDAVServer' + max-request: 1 + product: aurora + vendor: afterlogic tags: panel,afterlogic,login,detect http: diff --git a/http/exposed-panels/aircube-dashboard-panel.yaml b/http/exposed-panels/aircube-dashboard-panel.yaml index 5366b7d2b5..76e6a57eea 100644 --- a/http/exposed-panels/aircube-dashboard-panel.yaml +++ b/http/exposed-panels/aircube-dashboard-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"AirCube Dashboard" + verified: true tags: panel,aircube http: diff --git a/http/exposed-panels/aircube-login.yaml b/http/exposed-panels/aircube-login.yaml index 17523cdbb2..e0dee7f194 100644 --- a/http/exposed-panels/aircube-login.yaml +++ b/http/exposed-panels/aircube-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.favicon.hash:1249285083 + verified: true tags: panel,aircube,ubiquiti http: diff --git a/http/exposed-panels/airflow-panel.yaml b/http/exposed-panels/airflow-panel.yaml index 16095de60b..c7beb91b2f 100644 --- a/http/exposed-panels/airflow-panel.yaml +++ b/http/exposed-panels/airflow-panel.yaml @@ -13,9 +13,9 @@ info: cpe: cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: apache product: airflow shodan-query: title:"Sign In - Airflow" + vendor: apache tags: panel,apache,airflow,admin http: diff --git a/http/exposed-panels/airnotifier-panel.yaml b/http/exposed-panels/airnotifier-panel.yaml index 71b8f12080..4120df8a00 100644 --- a/http/exposed-panels/airnotifier-panel.yaml +++ b/http/exposed-panels/airnotifier-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"AirNotifier" + verified: true tags: panel,airnotifier http: diff --git a/http/exposed-panels/akamai-cloudtest.yaml b/http/exposed-panels/akamai-cloudtest.yaml index 25af9fef39..1c18156638 100644 --- a/http/exposed-panels/akamai-cloudtest.yaml +++ b/http/exposed-panels/akamai-cloudtest.yaml @@ -12,8 +12,8 @@ info: cpe: cpe:2.3:a:akamai:cloudtest:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: akamai product: cloudtest + vendor: akamai tags: panel,akamai http: diff --git a/http/exposed-panels/alfresco-detect.yaml b/http/exposed-panels/alfresco-detect.yaml index 04a6c1f98e..23c7abb560 100644 --- a/http/exposed-panels/alfresco-detect.yaml +++ b/http/exposed-panels/alfresco-detect.yaml @@ -12,8 +12,8 @@ info: cpe: cpe:2.3:a:alfresco:alfresco:*:*:*:*:android:*:*:* metadata: max-request: 1 - vendor: alfresco product: alfresco + vendor: alfresco tags: alfresco,tech,panel http: diff --git a/http/exposed-panels/allied-telesis-exposure.yaml b/http/exposed-panels/allied-telesis-exposure.yaml index 78470ae460..b8e48488e2 100644 --- a/http/exposed-panels/allied-telesis-exposure.yaml +++ b/http/exposed-panels/allied-telesis-exposure.yaml @@ -11,11 +11,11 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 - vendor: allied_telesis product: device_gui shodan-query: title:"Allied Telesis Device GUI" + vendor: allied_telesis + verified: true tags: panel,allied,allied_telesis http: diff --git a/http/exposed-panels/ambari-exposure.yaml b/http/exposed-panels/ambari-exposure.yaml index 64299bb819..bb84700507 100644 --- a/http/exposed-panels/ambari-exposure.yaml +++ b/http/exposed-panels/ambari-exposure.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: apache product: ambari + vendor: apache tags: panel,apache,ambari,exposure http: diff --git a/http/exposed-panels/amcrest-login.yaml b/http/exposed-panels/amcrest-login.yaml index a44ee43450..48ae7581eb 100644 --- a/http/exposed-panels/amcrest-login.yaml +++ b/http/exposed-panels/amcrest-login.yaml @@ -11,11 +11,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:h:amcrest:ip2m-853ew:*:*:*:*:*:*:*:* metadata: + google-query: intext:"amcrest" "LDAP User" max-request: 1 - vendor: amcrest product: ip2m-853ew shodan-query: html:"amcrest" - google-query: intext:"amcrest" "LDAP User" + vendor: amcrest tags: panel,camera,amcrest,edb http: diff --git a/http/exposed-panels/ametys-admin-login.yaml b/http/exposed-panels/ametys-admin-login.yaml index bad170bb8d..33bacdeae1 100644 --- a/http/exposed-panels/ametys-admin-login.yaml +++ b/http/exposed-panels/ametys-admin-login.yaml @@ -10,8 +10,8 @@ info: cpe: cpe:2.3:a:ametys:ametys:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: ametys product: ametys + vendor: ametys tags: panel,ametys,cms http: diff --git a/http/exposed-panels/amp-application-panel.yaml b/http/exposed-panels/amp-application-panel.yaml index 3784155813..ffbe2c2331 100644 --- a/http/exposed-panels/amp-application-panel.yaml +++ b/http/exposed-panels/amp-application-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:cubecoders:amp:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: cubecoders product: amp shodan-query: title:"AMP - Application Management Panel" + vendor: cubecoders + verified: true tags: panel,amp,cubecoders http: diff --git a/http/exposed-panels/ampache-panel.yaml b/http/exposed-panels/ampache-panel.yaml index e4bc0d844a..1efadb34ec 100644 --- a/http/exposed-panels/ampache-panel.yaml +++ b/http/exposed-panels/ampache-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:ampache:ampache:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 3 - vendor: ampache product: ampache shodan-query: http.title:"For the Love of Music" + vendor: ampache + verified: true tags: panel,ampache http: diff --git a/http/exposed-panels/amprion-gridloss-panel.yaml b/http/exposed-panels/amprion-gridloss-panel.yaml index 51f0f04c87..6ec032abcf 100644 --- a/http/exposed-panels/amprion-gridloss-panel.yaml +++ b/http/exposed-panels/amprion-gridloss-panel.yaml @@ -9,10 +9,9 @@ info: reference: - https://www.amprion.net/index-2.html metadata: - verified: true max-request: 1 + verified: true tags: panel,amprion,login,detect - http: - method: GET path: diff --git a/http/exposed-panels/anaqua-login-panel.yaml b/http/exposed-panels/anaqua-login-panel.yaml index adbd593574..910fd83a12 100644 --- a/http/exposed-panels/anaqua-login-panel.yaml +++ b/http/exposed-panels/anaqua-login-panel.yaml @@ -10,9 +10,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Anaqua User Sign On"" + verified: true tags: anaqua,login,panel http: diff --git a/http/exposed-panels/ansible-tower-exposure.yaml b/http/exposed-panels/ansible-tower-exposure.yaml index 1bab85b7bc..61046db509 100644 --- a/http/exposed-panels/ansible-tower-exposure.yaml +++ b/http/exposed-panels/ansible-tower-exposure.yaml @@ -13,11 +13,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:* metadata: + google-query: intitle:"Ansible Tower" max-request: 1 - vendor: redhat product: ansible_tower shodan-query: title:"Ansible Tower" - google-query: intitle:"Ansible Tower" + vendor: redhat tags: panel,ansible,redhat http: diff --git a/http/exposed-panels/apache-jmeter-dashboard.yaml b/http/exposed-panels/apache-jmeter-dashboard.yaml index f3273b9fa5..e104e72e0b 100644 --- a/http/exposed-panels/apache-jmeter-dashboard.yaml +++ b/http/exposed-panels/apache-jmeter-dashboard.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:apache:jmeter:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: apache product: jmeter shodan-query: title:"Apache JMeter Dashboard" + vendor: apache + verified: true tags: apache,jmeter,panel http: diff --git a/http/exposed-panels/apache/apache-apisix-panel.yaml b/http/exposed-panels/apache/apache-apisix-panel.yaml index c2808da097..031a456b4a 100644 --- a/http/exposed-panels/apache/apache-apisix-panel.yaml +++ b/http/exposed-panels/apache/apache-apisix-panel.yaml @@ -9,10 +9,10 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:* metadata: - max-request: 1 - vendor: apache - product: apisix fofa-query: title="Apache APISIX Dashboard" + max-request: 1 + product: apisix + vendor: apache tags: apache,apisix,panel http: diff --git a/http/exposed-panels/apache/apache-mesos-panel.yaml b/http/exposed-panels/apache/apache-mesos-panel.yaml index 62f01b229c..b482f4fd1b 100644 --- a/http/exposed-panels/apache/apache-mesos-panel.yaml +++ b/http/exposed-panels/apache/apache-mesos-panel.yaml @@ -10,12 +10,12 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:apache:mesos:*:*:*:*:jenkins:*:*:* metadata: - verified: true + fofa-query: app="APACHE-MESOS" max-request: 2 - vendor: apache product: mesos shodan-query: http.title:"Mesos" - fofa-query: app="APACHE-MESOS" + vendor: apache + verified: true tags: panel,apache,mesos http: diff --git a/http/exposed-panels/apache/public-tomcat-manager.yaml b/http/exposed-panels/apache/public-tomcat-manager.yaml index a1187cfbbb..f7cd1ea593 100644 --- a/http/exposed-panels/apache/public-tomcat-manager.yaml +++ b/http/exposed-panels/apache/public-tomcat-manager.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: apache product: tomcat shodan-query: title:"Apache Tomcat" + vendor: apache tags: panel,tomcat,apache http: diff --git a/http/exposed-panels/apigee-panel.yaml b/http/exposed-panels/apigee-panel.yaml index ab86f4551c..bd38bff268 100644 --- a/http/exposed-panels/apigee-panel.yaml +++ b/http/exposed-panels/apigee-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://cloud.google.com/apigee?hl=en metadata: - verified: true max-request: 1 shodan-query: http.favicon.hash:"-839356603" + verified: true tags: panel,apigee,login http: diff --git a/http/exposed-panels/appsmith-web-login.yaml b/http/exposed-panels/appsmith-web-login.yaml index c77f7dff62..b28180205b 100644 --- a/http/exposed-panels/appsmith-web-login.yaml +++ b/http/exposed-panels/appsmith-web-login.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:appsmith:appsmith:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: appsmith product: appsmith shodan-query: http.title:"appsmith" + vendor: appsmith + verified: true tags: panel,appsmith http: diff --git a/http/exposed-panels/appspace-panel.yaml b/http/exposed-panels/appspace-panel.yaml index bd9dea1d94..f571068619 100644 --- a/http/exposed-panels/appspace-panel.yaml +++ b/http/exposed-panels/appspace-panel.yaml @@ -10,11 +10,11 @@ info: classification: cpe: cpe:2.3:a:appspace:appspace:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 3 - vendor: appspace product: appspace shodan-query: title:"Appspace" + vendor: appspace + verified: true tags: appspace,panel,detect http: diff --git a/http/exposed-panels/appsuite-panel.yaml b/http/exposed-panels/appsuite-panel.yaml index 492e8d6636..b47bd4d72d 100644 --- a/http/exposed-panels/appsuite-panel.yaml +++ b/http/exposed-panels/appsuite-panel.yaml @@ -7,11 +7,11 @@ info: classification: cpe: cpe:2.3:a:open-xchange:open-xchange_appsuite:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: open-xchange product: open-xchange_appsuite shodan-query: html:"Appsuite" + vendor: open-xchange + verified: true tags: panel,appsuite,detect,open-xchange http: diff --git a/http/exposed-panels/appwrite-panel.yaml b/http/exposed-panels/appwrite-panel.yaml index e2b3209c31..4329c6b34e 100644 --- a/http/exposed-panels/appwrite-panel.yaml +++ b/http/exposed-panels/appwrite-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:appwrite:appwrite:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: appwrite product: appwrite shodan-query: http.favicon.hash:-633108100 + vendor: appwrite + verified: true tags: panel,appwrite,detect http: diff --git a/http/exposed-panels/aqua-enterprise-panel.yaml b/http/exposed-panels/aqua-enterprise-panel.yaml index 91679567c9..45ed002380 100644 --- a/http/exposed-panels/aqua-enterprise-panel.yaml +++ b/http/exposed-panels/aqua-enterprise-panel.yaml @@ -12,10 +12,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true + google-query: intitle:"Aqua Cloud Native Security Platform" max-request: 1 shodan-query: http.title:"Aqua Enterprise" || http.title:"Aqua Cloud Native Security Platform" - google-query: intitle:"Aqua Cloud Native Security Platform" + verified: true tags: panel,aqua,aquasec http: diff --git a/http/exposed-panels/arangodb-web-Interface.yaml b/http/exposed-panels/arangodb-web-Interface.yaml index 06bd9d69b8..2b2ff1ee32 100644 --- a/http/exposed-panels/arangodb-web-Interface.yaml +++ b/http/exposed-panels/arangodb-web-Interface.yaml @@ -11,11 +11,11 @@ info: classification: cpe: cpe:2.3:a:arangodb:arangodb:*:*:*:*:*:*:*:* metadata: - verified: "true" max-request: 1 - vendor: arangodb product: arangodb shodan-query: http.title:"ArangoDB Web Interface" + vendor: arangodb + verified: "true" tags: panel,arangodb,login http: diff --git a/http/exposed-panels/arcgis/arcgis-panel.yaml b/http/exposed-panels/arcgis/arcgis-panel.yaml index f003193952..3d7e132178 100644 --- a/http/exposed-panels/arcgis/arcgis-panel.yaml +++ b/http/exposed-panels/arcgis/arcgis-panel.yaml @@ -12,8 +12,8 @@ info: cpe: cpe:2.3:a:esri:arcgis_enterprise:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: esri product: arcgis_enterprise + vendor: esri tags: docs,arcgis,cms,panel,esri http: diff --git a/http/exposed-panels/arcgis/arcgis-services.yaml b/http/exposed-panels/arcgis/arcgis-services.yaml index 7814c2aab1..df59cea6e3 100644 --- a/http/exposed-panels/arcgis/arcgis-services.yaml +++ b/http/exposed-panels/arcgis/arcgis-services.yaml @@ -10,11 +10,11 @@ info: classification: cpe: cpe:2.3:a:esri:arcgis_server:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: esri product: arcgis_server shodan-query: title:"ArcGIS" + vendor: esri + verified: true tags: panel,arcgis,rest,api,detect,esri http: diff --git a/http/exposed-panels/archibus-webcentral-panel.yaml b/http/exposed-panels/archibus-webcentral-panel.yaml index c6c7815616..de30e0b585 100644 --- a/http/exposed-panels/archibus-webcentral-panel.yaml +++ b/http/exposed-panels/archibus-webcentral-panel.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:archibus:web_central:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 3 - vendor: archibus product: web_central shodan-query: http.favicon.hash:889652940 + vendor: archibus + verified: true tags: panel,archibus http: diff --git a/http/exposed-panels/arcserve-panel.yaml b/http/exposed-panels/arcserve-panel.yaml index 09f0ec4dcb..4b8a7cacf1 100644 --- a/http/exposed-panels/arcserve-panel.yaml +++ b/http/exposed-panels/arcserve-panel.yaml @@ -10,12 +10,12 @@ info: classification: cpe: cpe:2.3:a:arcserve:udp:*:*:*:*:*:*:*:* metadata: - verified: true + fofa-query: icon_hash="-1889244460" max-request: 1 - vendor: arcserve product: udp shodan-query: http.favicon.hash:-1889244460 - fofa-query: icon_hash="-1889244460" + vendor: arcserve + verified: true tags: panel,login,arcserve,detect http: diff --git a/http/exposed-panels/arris-modem-detect.yaml b/http/exposed-panels/arris-modem-detect.yaml index 4c3a921328..85b31d31f7 100644 --- a/http/exposed-panels/arris-modem-detect.yaml +++ b/http/exposed-panels/arris-modem-detect.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:h:commscope:dg3450:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: commscope product: dg3450 shodan-query: html:"phy.htm" + vendor: commscope + verified: true tags: panel,arris,commscope http: diff --git a/http/exposed-panels/aspcms-backend-panel.yaml b/http/exposed-panels/aspcms-backend-panel.yaml index b66513dd63..81821166f4 100644 --- a/http/exposed-panels/aspcms-backend-panel.yaml +++ b/http/exposed-panels/aspcms-backend-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://github.com/GREENHAT7/pxplan/blob/main/goby_pocs/Aspcms_Backend_Leak.json metadata: - verified: true - max-request: 2 fofa-query: app="ASPCMS" + max-request: 2 + verified: true tags: panel,login,aspcms,admin http: diff --git a/http/exposed-panels/aspect-control-panel.yaml b/http/exposed-panels/aspect-control-panel.yaml index 7f970b86f1..1ca2d40872 100644 --- a/http/exposed-panels/aspect-control-panel.yaml +++ b/http/exposed-panels/aspect-control-panel.yaml @@ -10,9 +10,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.favicon.hash:1011076161 + verified: true tags: panel,aspect,login http: diff --git a/http/exposed-panels/asus-aicloud-panel.yaml b/http/exposed-panels/asus-aicloud-panel.yaml index b226835914..035b14eb56 100644 --- a/http/exposed-panels/asus-aicloud-panel.yaml +++ b/http/exposed-panels/asus-aicloud-panel.yaml @@ -8,9 +8,9 @@ info: reference: - https://www.asus.com/in/content/aicloud/ metadata: - verified: "true" max-request: 1 shodan-query: title:"AiCloud" + verified: "true" tags: panel,asus,aicloud,detect http: diff --git a/http/exposed-panels/asus-router-panel.yaml b/http/exposed-panels/asus-router-panel.yaml index 58f49474f4..50dfe3aca4 100644 --- a/http/exposed-panels/asus-router-panel.yaml +++ b/http/exposed-panels/asus-router-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: 'Server: httpd/2.0 port:8080' + verified: true tags: panel,asus,router,iot http: diff --git a/http/exposed-panels/atlantis-detect.yaml b/http/exposed-panels/atlantis-detect.yaml index c18310100c..b8b0ab3df1 100644 --- a/http/exposed-panels/atlantis-detect.yaml +++ b/http/exposed-panels/atlantis-detect.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:runatlantis:atlantis:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: runatlantis product: atlantis shodan-query: http.favicon.hash:-1706783005 + vendor: runatlantis + verified: true tags: panel,atlantis,runatlantis http: diff --git a/http/exposed-panels/atlassian-bamboo-panel.yaml b/http/exposed-panels/atlassian-bamboo-panel.yaml index 4d661a593c..f09d8afd9b 100644 --- a/http/exposed-panels/atlassian-bamboo-panel.yaml +++ b/http/exposed-panels/atlassian-bamboo-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.atlassian.com/software/bamboo metadata: - verified: true max-request: 1 shodan-query: http.title:"Bamboo" + verified: true tags: panel,bamboo,login,detect http: diff --git a/http/exposed-panels/atlassian-crowd-panel.yaml b/http/exposed-panels/atlassian-crowd-panel.yaml index 14260ae48b..46d60c3106 100644 --- a/http/exposed-panels/atlassian-crowd-panel.yaml +++ b/http/exposed-panels/atlassian-crowd-panel.yaml @@ -11,10 +11,10 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:* metadata: - max-request: 1 - vendor: atlassian - product: crowd category: sso + max-request: 1 + product: crowd + vendor: atlassian tags: panel,atlassian http: diff --git a/http/exposed-panels/atvise-login.yaml b/http/exposed-panels/atvise-login.yaml index feeb9baae8..b453a6c9c7 100644 --- a/http/exposed-panels/atvise-login.yaml +++ b/http/exposed-panels/atvise-login.yaml @@ -11,8 +11,8 @@ info: classification: cwe-id: CWE-200 metadata: - max-request: 1 google-query: intitle:"atvise - next generation" + max-request: 1 tags: panel,atvise,edb http: diff --git a/http/exposed-panels/audiobookshelf-panel.yaml b/http/exposed-panels/audiobookshelf-panel.yaml index 344c24df9c..47a1227c37 100644 --- a/http/exposed-panels/audiobookshelf-panel.yaml +++ b/http/exposed-panels/audiobookshelf-panel.yaml @@ -7,9 +7,9 @@ info: reference: - https://github.com/advplyr/audiobookshelf metadata: - verified: true max-request: 2 shodan-query: title:"Audiobookshelf" + verified: true tags: panel,audiobookshelf,detect http: diff --git a/http/exposed-panels/audiocodes-detect.yaml b/http/exposed-panels/audiocodes-detect.yaml index b238a8f217..31fd950bd3 100644 --- a/http/exposed-panels/audiocodes-detect.yaml +++ b/http/exposed-panels/audiocodes-detect.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.html:"Audiocodes" + verified: true tags: panel,audiocodes http: diff --git a/http/exposed-panels/authelia-panel.yaml b/http/exposed-panels/authelia-panel.yaml index a870f2c5cb..fbdb95d748 100644 --- a/http/exposed-panels/authelia-panel.yaml +++ b/http/exposed-panels/authelia-panel.yaml @@ -10,9 +10,9 @@ info: - https://github.com/authelia/authelia - https://www.authelia.com/ metadata: - verified: true max-request: 1 shodan-query: title:"Login - Authelia" + verified: true tags: login,panel,authelia http: diff --git a/http/exposed-panels/automatisch-panel.yaml b/http/exposed-panels/automatisch-panel.yaml index 820ccb5a6d..a9d888edee 100644 --- a/http/exposed-panels/automatisch-panel.yaml +++ b/http/exposed-panels/automatisch-panel.yaml @@ -10,9 +10,9 @@ info: - https://automatisch.io/ - https://github.com/automatisch/automatisch metadata: - verified: true max-request: 2 shodan-query: title:"Automatisch" + verified: true tags: panel,automatisch,detect http: diff --git a/http/exposed-panels/autoset-detect.yaml b/http/exposed-panels/autoset-detect.yaml index d891720054..d3d2b8c6d6 100644 --- a/http/exposed-panels/autoset-detect.yaml +++ b/http/exposed-panels/autoset-detect.yaml @@ -7,10 +7,10 @@ info: reference: - http://autoset.net/xe/ metadata: - verified: true max-request: 1 shodan-query: title:"AutoSet" - tags: tech,php,autoset,apache,panel + verified: true + tags: tech,php,autoset,apache http: - method: GET diff --git a/http/exposed-panels/avantfax-panel.yaml b/http/exposed-panels/avantfax-panel.yaml index 3376bc6002..f2ed76974b 100644 --- a/http/exposed-panels/avantfax-panel.yaml +++ b/http/exposed-panels/avantfax-panel.yaml @@ -13,9 +13,9 @@ info: cpe: cpe:2.3:a:avantfax:avantfax:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: avantfax product: avantfax shodan-query: http.title:"AvantFAX - Login" + vendor: avantfax tags: panel,avantfax,login http: diff --git a/http/exposed-panels/avaya/avayaaura-cm-panel.yaml b/http/exposed-panels/avaya/avayaaura-cm-panel.yaml index d5fc1c9f4a..e8a90e426a 100644 --- a/http/exposed-panels/avaya/avayaaura-cm-panel.yaml +++ b/http/exposed-panels/avaya/avayaaura-cm-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:avaya:aura_communication_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: avaya product: aura_communication_manager + vendor: avaya tags: panel,avaya http: diff --git a/http/exposed-panels/avaya/avayaaura-system-manager-panel.yaml b/http/exposed-panels/avaya/avayaaura-system-manager-panel.yaml index 2f87f2202d..ad8275d351 100644 --- a/http/exposed-panels/avaya/avayaaura-system-manager-panel.yaml +++ b/http/exposed-panels/avaya/avayaaura-system-manager-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:avaya:aura_system_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: avaya product: aura_system_manager + vendor: avaya tags: panel,avaya http: diff --git a/http/exposed-panels/aviatrix-panel.yaml b/http/exposed-panels/aviatrix-panel.yaml index 08671217e0..53e4233d1b 100644 --- a/http/exposed-panels/aviatrix-panel.yaml +++ b/http/exposed-panels/aviatrix-panel.yaml @@ -12,9 +12,9 @@ info: cpe: cpe:2.3:a:aviatrix:controller:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: aviatrix product: controller shodan-query: http.title:"Aviatrix Cloud Controller" + vendor: aviatrix tags: panel,aviatrix http: diff --git a/http/exposed-panels/avigilon-panel.yaml b/http/exposed-panels/avigilon-panel.yaml index 2aa6e348bf..e685f90c2b 100644 --- a/http/exposed-panels/avigilon-panel.yaml +++ b/http/exposed-panels/avigilon-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:avigilon:avigilon_control_center:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: avigilon product: avigilon_control_center shodan-query: http.title:"Login - Avigilon Control Center" + vendor: avigilon + verified: true tags: panel,avigilon http: diff --git a/http/exposed-panels/aws-ec2-autoscale.yaml b/http/exposed-panels/aws-ec2-autoscale.yaml index dcf58b2434..bd21d67803 100644 --- a/http/exposed-panels/aws-ec2-autoscale.yaml +++ b/http/exposed-panels/aws-ec2-autoscale.yaml @@ -7,9 +7,9 @@ info: reference: - https://www.facebook.com/photo/?fbid=620605120110011&set=a.467014098802448 metadata: - verified: true max-request: 1 shodan-query: html:"AWS EC2 Auto Scaling Lab" + verified: true tags: exposure,ec2,aws,amazon,panel http: diff --git a/http/exposed-panels/aws-opensearch-login.yaml b/http/exposed-panels/aws-opensearch-login.yaml index 387441e6c8..57a2128475 100644 --- a/http/exposed-panels/aws-opensearch-login.yaml +++ b/http/exposed-panels/aws-opensearch-login.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:amazon:opensearch:*:*:*:*:maven:*:*:* metadata: max-request: 1 - vendor: amazon product: opensearch + vendor: amazon tags: panel,opensearch,aws,amazon http: diff --git a/http/exposed-panels/axel-webserver.yaml b/http/exposed-panels/axel-webserver.yaml index 01c1e2325f..4bf951cac5 100644 --- a/http/exposed-panels/axel-webserver.yaml +++ b/http/exposed-panels/axel-webserver.yaml @@ -9,10 +9,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true + fofa-query: app="AxelWebServer" max-request: 1 shodan-query: http.title:"Axel" - fofa-query: app="AxelWebServer" + verified: true tags: panel,axel,webserver http: diff --git a/http/exposed-panels/axway-api-manager-panel.yaml b/http/exposed-panels/axway-api-manager-panel.yaml index daefc4aae2..eb61cd9622 100644 --- a/http/exposed-panels/axway-api-manager-panel.yaml +++ b/http/exposed-panels/axway-api-manager-panel.yaml @@ -5,9 +5,9 @@ info: author: johnk3r severity: info metadata: - verified: true max-request: 1 shodan-query: http.title:"Axway API Manager Login" + verified: true tags: panel,axway,detect http: diff --git a/http/exposed-panels/axway-securetransport-panel.yaml b/http/exposed-panels/axway-securetransport-panel.yaml index 14d5cb4372..91db597ee1 100644 --- a/http/exposed-panels/axway-securetransport-panel.yaml +++ b/http/exposed-panels/axway-securetransport-panel.yaml @@ -13,11 +13,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:axway:securetransport:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: axway product: securetransport shodan-query: http.title:"SecureTransport" || http.favicon.hash:1330269434 + vendor: axway + verified: true tags: panel,axway,securetransport http: diff --git a/http/exposed-panels/axway-securetransport-webclient.yaml b/http/exposed-panels/axway-securetransport-webclient.yaml index 6a19d65428..a26113b572 100644 --- a/http/exposed-panels/axway-securetransport-webclient.yaml +++ b/http/exposed-panels/axway-securetransport-webclient.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:axway:securetransport:*:*:*:*:*:*:*:* metadata: - verified: true - max-request: 1 - vendor: axway - product: securetransport google-query: intitle:"ST Web Client" + max-request: 1 + product: securetransport + vendor: axway + verified: true tags: panel,axway,securetransport,webclient http: diff --git a/http/exposed-panels/axxon-client-panel.yaml b/http/exposed-panels/axxon-client-panel.yaml index c08fce5a50..81107ae2cc 100644 --- a/http/exposed-panels/axxon-client-panel.yaml +++ b/http/exposed-panels/axxon-client-panel.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:axxonsoft:axxon_next:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: axxonsoft product: axxon_next shodan-query: title:"Axxon Next client" + vendor: axxonsoft + verified: true tags: panel,axxon,vms,login,detect,axxonsoft http: diff --git a/http/exposed-panels/backpack/backpack-admin-panel.yaml b/http/exposed-panels/backpack/backpack-admin-panel.yaml index c7867f74a6..8609b2c8ea 100644 --- a/http/exposed-panels/backpack/backpack-admin-panel.yaml +++ b/http/exposed-panels/backpack/backpack-admin-panel.yaml @@ -10,9 +10,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Backpack Admin" + verified: true tags: panel,backpack,admin http: diff --git a/http/exposed-panels/bedita-panel.yaml b/http/exposed-panels/bedita-panel.yaml index 80dc42bfb2..ddb5e1c160 100644 --- a/http/exposed-panels/bedita-panel.yaml +++ b/http/exposed-panels/bedita-panel.yaml @@ -13,9 +13,9 @@ info: cpe: cpe:2.3:a:bedita:bedita:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: bedita product: bedita shodan-query: http.title:"BEdita" + vendor: bedita tags: panel,bedita http: diff --git a/http/exposed-panels/beego-admin-dashboard.yaml b/http/exposed-panels/beego-admin-dashboard.yaml index e5811ef9f7..22d1488037 100644 --- a/http/exposed-panels/beego-admin-dashboard.yaml +++ b/http/exposed-panels/beego-admin-dashboard.yaml @@ -14,11 +14,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:beego:beego:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: beego product: beego shodan-query: html:"Beego Admin Dashboard" + vendor: beego + verified: true tags: panel,beego,unauth http: diff --git a/http/exposed-panels/bigbluebutton-login.yaml b/http/exposed-panels/bigbluebutton-login.yaml index 7ff1746bb1..4138ba3f2e 100644 --- a/http/exposed-panels/bigbluebutton-login.yaml +++ b/http/exposed-panels/bigbluebutton-login.yaml @@ -12,8 +12,8 @@ info: cpe: cpe:2.3:a:bigbluebutton:greenlight:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: bigbluebutton product: greenlight + vendor: bigbluebutton tags: panel,bigbluebutton http: diff --git a/http/exposed-panels/bigfix-login.yaml b/http/exposed-panels/bigfix-login.yaml index a68e11a863..9c5494fb58 100644 --- a/http/exposed-panels/bigfix-login.yaml +++ b/http/exposed-panels/bigfix-login.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + google-query: intitle:"BigFix" max-request: 1 shodan-query: http.title:"BigFix" - google-query: intitle:"BigFix" tags: panel,bigfix http: diff --git a/http/exposed-panels/bigip-rest-panel.yaml b/http/exposed-panels/bigip-rest-panel.yaml index 23ffe2be86..cc49e1b1c3 100644 --- a/http/exposed-panels/bigip-rest-panel.yaml +++ b/http/exposed-panels/bigip-rest-panel.yaml @@ -16,9 +16,9 @@ info: cpe: cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: f5 product: big-ip_access_policy_manager shodan-query: http.title:"BIG-IP®-+Redirect" +"Server" + vendor: f5 tags: panel,bigip,f5 http: diff --git a/http/exposed-panels/biotime-panel.yaml b/http/exposed-panels/biotime-panel.yaml index a9efea6b24..c5b589e260 100644 --- a/http/exposed-panels/biotime-panel.yaml +++ b/http/exposed-panels/biotime-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: http.title:"BioTime" + verified: true tags: panel,biotime http: diff --git a/http/exposed-panels/bitdefender-gravityzone.yaml b/http/exposed-panels/bitdefender-gravityzone.yaml index 58ac9acee3..56ce04d8b4 100644 --- a/http/exposed-panels/bitdefender-gravityzone.yaml +++ b/http/exposed-panels/bitdefender-gravityzone.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:bitdefender:gravityzone:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: bitdefender product: gravityzone shodan-query: title:"Bitdefender GravityZone" + vendor: bitdefender + verified: true tags: panel,bitdefender http: diff --git a/http/exposed-panels/bitrix-panel.yaml b/http/exposed-panels/bitrix-panel.yaml index 3dec0a4e09..358de53163 100644 --- a/http/exposed-panels/bitrix-panel.yaml +++ b/http/exposed-panels/bitrix-panel.yaml @@ -10,8 +10,8 @@ info: cpe: cpe:2.3:a:bitrix:bitrix24:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: bitrix product: bitrix24 + vendor: bitrix tags: panel,bitrix,login http: diff --git a/http/exposed-panels/bitwarden-vault-panel.yaml b/http/exposed-panels/bitwarden-vault-panel.yaml index f7f143f593..c0f79ca4db 100644 --- a/http/exposed-panels/bitwarden-vault-panel.yaml +++ b/http/exposed-panels/bitwarden-vault-panel.yaml @@ -9,11 +9,11 @@ info: classification: cpe: cpe:2.3:a:bitwarden:bitwarden:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: bitwarden product: bitwarden shodan-query: title:"Bitwarden Web Vault" + vendor: bitwarden + verified: true tags: panel,bitwarden,vault,detect http: diff --git a/http/exposed-panels/black-duck-panel.yaml b/http/exposed-panels/black-duck-panel.yaml index 5464f2025e..b7abefcc13 100644 --- a/http/exposed-panels/black-duck-panel.yaml +++ b/http/exposed-panels/black-duck-panel.yaml @@ -13,9 +13,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"Black Duck" + verified: true tags: panel,blackduck,synopsys http: diff --git a/http/exposed-panels/bloofoxcms-login-panel.yaml b/http/exposed-panels/bloofoxcms-login-panel.yaml index 9c9fb7c36b..c70416ad14 100644 --- a/http/exposed-panels/bloofoxcms-login-panel.yaml +++ b/http/exposed-panels/bloofoxcms-login-panel.yaml @@ -7,11 +7,11 @@ info: classification: cpe: cpe:2.3:a:bloofox:bloofoxcms:*:*:*:*:*:*:*:* metadata: - verified: "true" - max-request: 2 - vendor: bloofox - product: bloofoxcms fofa-query: Powered by bloofoxCMS + max-request: 2 + product: bloofoxcms + vendor: bloofox + verified: "true" tags: panel,bloofox,cms http: diff --git a/http/exposed-panels/bmc/bmc-discovery-panel.yaml b/http/exposed-panels/bmc/bmc-discovery-panel.yaml index 8ad4ee183e..f7a06681ee 100644 --- a/http/exposed-panels/bmc/bmc-discovery-panel.yaml +++ b/http/exposed-panels/bmc/bmc-discovery-panel.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"BMC Software" + verified: true tags: panel,bmc http: diff --git a/http/exposed-panels/bolt-cms-panel.yaml b/http/exposed-panels/bolt-cms-panel.yaml index ddc1032616..540b00d09c 100644 --- a/http/exposed-panels/bolt-cms-panel.yaml +++ b/http/exposed-panels/bolt-cms-panel.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:boltcms:bolt:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: boltcms product: bolt + vendor: boltcms tags: panel,bolt,cms,login,boltcms http: diff --git a/http/exposed-panels/bookstack-panel.yaml b/http/exposed-panels/bookstack-panel.yaml index a00622eeb1..d2e5dc91c6 100644 --- a/http/exposed-panels/bookstack-panel.yaml +++ b/http/exposed-panels/bookstack-panel.yaml @@ -13,9 +13,9 @@ info: cpe: cpe:2.3:a:bookstackapp:bookstack:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: bookstackapp product: bookstack shodan-query: http.title:"BookStack" + vendor: bookstackapp tags: panel,bookstack,bookstackapp http: diff --git a/http/exposed-panels/buildbot-panel.yaml b/http/exposed-panels/buildbot-panel.yaml index d8b5f481e9..6fd9dc497e 100644 --- a/http/exposed-panels/buildbot-panel.yaml +++ b/http/exposed-panels/buildbot-panel.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:buildbot:buildbot:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: buildbot product: buildbot shodan-query: http.title:"BuildBot" + vendor: buildbot + verified: true tags: panel,buildbot,cicd http: diff --git a/http/exposed-panels/bynder-panel.yaml b/http/exposed-panels/bynder-panel.yaml index 4df9fcf7e8..9d72dff4bd 100644 --- a/http/exposed-panels/bynder-panel.yaml +++ b/http/exposed-panels/bynder-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.bynder.com/en/ metadata: - verified: true max-request: 1 shodan-query: http.favicon.hash:1017650009 + verified: true tags: panel,bynder,login,detect http: diff --git a/http/exposed-panels/c2/ares-rat-c2.yaml b/http/exposed-panels/c2/ares-rat-c2.yaml index 8e2cda4833..71aa6b7939 100644 --- a/http/exposed-panels/c2/ares-rat-c2.yaml +++ b/http/exposed-panels/c2/ares-rat-c2.yaml @@ -9,9 +9,9 @@ info: reference: - https://github.com/montysecurity/C2-Tracker/blob/main/tracker.py metadata: - verified: true max-request: 1 shodan-query: product:'Ares RAT C2' + verified: true tags: c2,ir,osint,ares,panel,rat http: diff --git a/http/exposed-panels/c2/brute-ratel-c4.yaml b/http/exposed-panels/c2/brute-ratel-c4.yaml index 81aa3b1c5f..31e53afd96 100644 --- a/http/exposed-panels/c2/brute-ratel-c4.yaml +++ b/http/exposed-panels/c2/brute-ratel-c4.yaml @@ -9,9 +9,9 @@ info: reference: - https://bruteratel.com/ metadata: - verified: "true" max-request: 1 shodan-query: http.html_hash:-1957161625 + verified: "true" tags: c2,bruteratel,c4,panel http: diff --git a/http/exposed-panels/c2/caldera-c2.yaml b/http/exposed-panels/c2/caldera-c2.yaml index c9b0c10605..d8092dae1d 100644 --- a/http/exposed-panels/c2/caldera-c2.yaml +++ b/http/exposed-panels/c2/caldera-c2.yaml @@ -10,9 +10,9 @@ info: - https://github.com/mitre/caldera - https://github.com/montysecurity/C2-Tracker/blob/main/tracker.py metadata: - verified: true - max-request: 1 fofa-query: http.favicon.hash:-636718605 + max-request: 1 + verified: true tags: c2,ir,osint,caldera,panel http: diff --git a/http/exposed-panels/c2/covenant-c2.yaml b/http/exposed-panels/c2/covenant-c2.yaml index b4a69cce82..3321d610c8 100644 --- a/http/exposed-panels/c2/covenant-c2.yaml +++ b/http/exposed-panels/c2/covenant-c2.yaml @@ -9,9 +9,9 @@ info: reference: | https://www.socinvestigation.com/shodan-filters-to-hunt-adversaries-infrastructure-and-c2/ metadata: - verified: true max-request: 1 shodan-query: ssl:”Covenant” http.component:”Blazor” + verified: true tags: c2,ir,osint,covenant,panel http: diff --git a/http/exposed-panels/c2/deimos-c2.yaml b/http/exposed-panels/c2/deimos-c2.yaml index 0676958d0c..ec42a53d8f 100644 --- a/http/exposed-panels/c2/deimos-c2.yaml +++ b/http/exposed-panels/c2/deimos-c2.yaml @@ -9,9 +9,9 @@ info: reference: | https://twitter.com/MichalKoczwara/status/1551632627387473920 metadata: - verified: true max-request: 1 shodan-query: http.html_hash:-14029177 + verified: true tags: c2,ir,osint,deimosc2,panel http: diff --git a/http/exposed-panels/c2/empire-c2.yaml b/http/exposed-panels/c2/empire-c2.yaml index 8704c38beb..33aa844a71 100644 --- a/http/exposed-panels/c2/empire-c2.yaml +++ b/http/exposed-panels/c2/empire-c2.yaml @@ -10,9 +10,9 @@ info: - https://github.com/thehappydinoa/awesome-censys-queries#security-applications - https://bc-security.gitbook.io/empire-wiki/ metadata: - verified: "true" - max-request: 1 censys-query: bc517bf173440dad15b99a051389fadc366d5df2 || dcb32e6256459d3660fdc90e4c79e95a921841cc + max-request: 1 + verified: "true" tags: c2,ir,osint,empire,panel http: diff --git a/http/exposed-panels/c2/evilginx.yaml b/http/exposed-panels/c2/evilginx.yaml index a337c6bf28..33fe9927d3 100644 --- a/http/exposed-panels/c2/evilginx.yaml +++ b/http/exposed-panels/c2/evilginx.yaml @@ -9,9 +9,9 @@ info: reference: - https://dmcxblue.gitbook.io/red-team-notes-2-0/red-team-infrastructure/delivery/evilginx metadata: - verified: "true" - max-request: 1 censys-query: b18d778b4e4b6bf1fd5b2d790c941270145a6a6d + max-request: 1 + verified: "true" tags: tech,evilginx,c2,phishing,panel http: diff --git a/http/exposed-panels/c2/hack5-cloud-c2.yaml b/http/exposed-panels/c2/hack5-cloud-c2.yaml index f2bb9eb10f..3a591b9c05 100644 --- a/http/exposed-panels/c2/hack5-cloud-c2.yaml +++ b/http/exposed-panels/c2/hack5-cloud-c2.yaml @@ -9,9 +9,9 @@ info: reference: - https://twitter.com/fofabot/status/1742737671037091854 metadata: - verified: true - max-request: 1 fofa-query: app="Hak5-C2" + max-request: 1 + verified: true tags: c2,ir,osint,hack5c2,panel http: diff --git a/http/exposed-panels/c2/hookbot-rat.yaml b/http/exposed-panels/c2/hookbot-rat.yaml index 800de730da..b5859c0e76 100644 --- a/http/exposed-panels/c2/hookbot-rat.yaml +++ b/http/exposed-panels/c2/hookbot-rat.yaml @@ -7,9 +7,9 @@ info: description: | Hookbot panel were detected. metadata: - verified: true max-request: 1 shodan-query: title:"hookbot" + verified: true tags: tech,rat,hookbot,c2,panel,detect http: diff --git a/http/exposed-panels/c2/meduza-stealer.yaml b/http/exposed-panels/c2/meduza-stealer.yaml index e2d64c3292..d0656a3536 100644 --- a/http/exposed-panels/c2/meduza-stealer.yaml +++ b/http/exposed-panels/c2/meduza-stealer.yaml @@ -7,9 +7,9 @@ info: description: | Meduza Stealer panel were detected. metadata: - verified: "true" max-request: 1 shodan-query: http.title:"Meduza Stealer" + verified: "true" tags: rat,meduza-stealer,c2,panel http: diff --git a/http/exposed-panels/c2/mystic-stealer.yaml b/http/exposed-panels/c2/mystic-stealer.yaml index 9407d10f67..cb4971803b 100644 --- a/http/exposed-panels/c2/mystic-stealer.yaml +++ b/http/exposed-panels/c2/mystic-stealer.yaml @@ -7,9 +7,9 @@ info: description: | Mystic Stealer panel were detected. metadata: - verified: "true" max-request: 1 shodan-query: http.title:"Mystic Stealer" + verified: "true" tags: tech,rat,mystic-stealer,c2,panel http: diff --git a/http/exposed-panels/c2/mythic-c2.yaml b/http/exposed-panels/c2/mythic-c2.yaml index 7ae2886353..6c80b2a5fb 100644 --- a/http/exposed-panels/c2/mythic-c2.yaml +++ b/http/exposed-panels/c2/mythic-c2.yaml @@ -10,9 +10,9 @@ info: reference: | https://www.socinvestigation.com/shodan-filters-to-hunt-adversaries-infrastructure-and-c2/ metadata: - verified: true max-request: 1 shodan-query: ssl:Mythic port:7443 + verified: true tags: c2,ir,osint,mythic,panel http: diff --git a/http/exposed-panels/c2/nh-c2.yaml b/http/exposed-panels/c2/nh-c2.yaml index b05a9f341b..4dc4466b6a 100644 --- a/http/exposed-panels/c2/nh-c2.yaml +++ b/http/exposed-panels/c2/nh-c2.yaml @@ -7,9 +7,9 @@ info: reference: - https://twitter.com/MichalKoczwara/status/1616179246216396806 metadata: - verified: "true" - max-request: 1 censys-query: 10baf5fcdde4563d3e145a1f553ae433fb1c3572 + max-request: 1 + verified: "true" tags: tech,nh,c2,panel http: diff --git a/http/exposed-panels/c2/pupyc2.yaml b/http/exposed-panels/c2/pupyc2.yaml index ed163b0dc9..694db8c8f7 100644 --- a/http/exposed-panels/c2/pupyc2.yaml +++ b/http/exposed-panels/c2/pupyc2.yaml @@ -10,9 +10,9 @@ info: - https://twitter.com/TLP_R3D/status/1654038602282565632 - https://github.com/n1nj4sec/pupy metadata: - verified: true max-request: 1 shodan-query: aa3939fc357723135870d5036b12a67097b03309 + verified: true tags: c2,ir,osint,pupyc2,panel http: diff --git a/http/exposed-panels/c2/rhadamanthys-stealer-panel.yaml b/http/exposed-panels/c2/rhadamanthys-stealer-panel.yaml index 71479d7822..02959fa844 100644 --- a/http/exposed-panels/c2/rhadamanthys-stealer-panel.yaml +++ b/http/exposed-panels/c2/rhadamanthys-stealer-panel.yaml @@ -8,8 +8,8 @@ info: - https://twitter.com/0xperator/status/1677873700610162690 - https://github.com/alex14324/Rhadamanthys-Stealer metadata: - verified: true max-request: 1 + verified: true tags: c2,rhadamanthys,stealer,panel http: diff --git a/http/exposed-panels/c2/supershell-c2.yaml b/http/exposed-panels/c2/supershell-c2.yaml index 821db9b4ab..0de7bff39c 100644 --- a/http/exposed-panels/c2/supershell-c2.yaml +++ b/http/exposed-panels/c2/supershell-c2.yaml @@ -10,9 +10,9 @@ info: - https://twitter.com/S4nsLimit3/status/1693619836339859497 - https://github.com/tdragon6/Supershell/blob/main/README_EN.md metadata: - verified: true - max-request: 1 fofa-query: icon_hash="-1010228102" + max-request: 1 + verified: true tags: c2,ir,osint,supershell,panel http: diff --git a/http/exposed-panels/c2/viper-c2.yaml b/http/exposed-panels/c2/viper-c2.yaml index 8a26d2021e..88ce93aee0 100644 --- a/http/exposed-panels/c2/viper-c2.yaml +++ b/http/exposed-panels/c2/viper-c2.yaml @@ -9,10 +9,10 @@ info: reference: - https://twitter.com/MichalKoczwara/status/1635724410274414596 metadata: - verified: "true" + censys-query: 057f3b5488605b4d224d038e340866e2cdfed4a3 max-request: 1 shodan-query: http.html_hash:1015055567 - censys-query: 057f3b5488605b4d224d038e340866e2cdfed4a3 + verified: "true" tags: tech,viper,c2,malware,ir,panel http: diff --git a/http/exposed-panels/cacti-panel.yaml b/http/exposed-panels/cacti-panel.yaml index 9b735e8ba3..c619f5efa4 100644 --- a/http/exposed-panels/cacti-panel.yaml +++ b/http/exposed-panels/cacti-panel.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: cacti product: cacti + vendor: cacti tags: tech,cacti,login,panel http: diff --git a/http/exposed-panels/cas-login.yaml b/http/exposed-panels/cas-login.yaml index c5a4bd4044..69deb8264c 100644 --- a/http/exposed-panels/cas-login.yaml +++ b/http/exposed-panels/cas-login.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:apereo:central_authentication_service:*:*:*:*:*:*:*:* metadata: + github: https://github.com/apereo/cas max-request: 1 - vendor: apereo product: central_authentication_service shodan-query: http.title:'CAS - Central Authentication Service' - github: https://github.com/apereo/cas + vendor: apereo tags: apereo,cas,panel,login http: diff --git a/http/exposed-panels/casaos-panel.yaml b/http/exposed-panels/casaos-panel.yaml index 17fbcb2c03..60d8bec6a2 100644 --- a/http/exposed-panels/casaos-panel.yaml +++ b/http/exposed-panels/casaos-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: html:"CasaOS" + verified: true tags: panel,casaos,login,detect http: diff --git a/http/exposed-panels/casdoor-login.yaml b/http/exposed-panels/casdoor-login.yaml index 59bc127a5f..a425aef2af 100644 --- a/http/exposed-panels/casdoor-login.yaml +++ b/http/exposed-panels/casdoor-login.yaml @@ -13,9 +13,9 @@ info: cpe: cpe:2.3:a:casbin:casdoor:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: casbin product: casdoor shodan-query: http.title:"Casdoor" + vendor: casbin tags: panel,casdoor,casbin http: diff --git a/http/exposed-panels/casemanager-panel.yaml b/http/exposed-panels/casemanager-panel.yaml index dc546b3df7..a86d060782 100644 --- a/http/exposed-panels/casemanager-panel.yaml +++ b/http/exposed-panels/casemanager-panel.yaml @@ -9,8 +9,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - max-request: 1 fofa-query: title="CaseManager" + max-request: 1 tags: casemanager,panel http: diff --git a/http/exposed-panels/caton-network-manager-system.yaml b/http/exposed-panels/caton-network-manager-system.yaml index 830c9c5ea5..5ea1913c64 100644 --- a/http/exposed-panels/caton-network-manager-system.yaml +++ b/http/exposed-panels/caton-network-manager-system.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"Caton Network Manager System" + verified: true tags: caton,manager,login,panel http: diff --git a/http/exposed-panels/ccm-detect.yaml b/http/exposed-panels/ccm-detect.yaml index dbea138b5a..9244e1dd55 100644 --- a/http/exposed-panels/ccm-detect.yaml +++ b/http/exposed-panels/ccm-detect.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.html:"CCM - Authentication Failure" + verified: true tags: panel,clearcom,ccm http: diff --git a/http/exposed-panels/centreon-panel.yaml b/http/exposed-panels/centreon-panel.yaml index dac09a31d2..58f87a48a1 100644 --- a/http/exposed-panels/centreon-panel.yaml +++ b/http/exposed-panels/centreon-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:centreon:centreon_web:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: centreon product: centreon_web shodan-query: http.title:"Centreon" + vendor: centreon tags: panel,centreon,login http: diff --git a/http/exposed-panels/changedetection-panel.yaml b/http/exposed-panels/changedetection-panel.yaml index bf62f88b06..9d1bbc86a7 100644 --- a/http/exposed-panels/changedetection-panel.yaml +++ b/http/exposed-panels/changedetection-panel.yaml @@ -10,9 +10,9 @@ info: - https://github.com/dgtlmoon/changedetection.io - https://changedetection.io/ metadata: - verified: true max-request: 1 shodan-query: title:"Change Detection" + verified: true tags: panel,changedetection,detect http: diff --git a/http/exposed-panels/checkmk/checkmk-login.yaml b/http/exposed-panels/checkmk/checkmk-login.yaml index bec999ce36..b423ced58d 100644 --- a/http/exposed-panels/checkmk/checkmk-login.yaml +++ b/http/exposed-panels/checkmk/checkmk-login.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:tribe29:checkmk:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: tribe29 product: checkmk + vendor: tribe29 tags: login,tech,synology,rackstation,panel,tribe29 http: diff --git a/http/exposed-panels/checkpoint/ssl-network-extender.yaml b/http/exposed-panels/checkpoint/ssl-network-extender.yaml index 483ee64150..336df52378 100644 --- a/http/exposed-panels/checkpoint/ssl-network-extender.yaml +++ b/http/exposed-panels/checkpoint/ssl-network-extender.yaml @@ -13,11 +13,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:checkpoint:ssl_network_extender:*:*:*:*:-:*:*:* metadata: + google-query: intitle:"SSL Network Extender Login" max-request: 1 - vendor: checkpoint product: ssl_network_extender shodan-query: http.title:"Check Point SSL Network Extender" - google-query: intitle:"SSL Network Extender Login" + vendor: checkpoint tags: panel,checkpoint,router http: diff --git a/http/exposed-panels/chronos-panel.yaml b/http/exposed-panels/chronos-panel.yaml index aabc6e2ab0..fdb20d8a8d 100644 --- a/http/exposed-panels/chronos-panel.yaml +++ b/http/exposed-panels/chronos-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://www.asys.fr/chronos metadata: - verified: true + fofa-query: body="chronoslogin.js" max-request: 1 shodan-query: http.html:"chronoslogin.js" - fofa-query: body="chronoslogin.js" + verified: true tags: panel,chronos,login,detect http: diff --git a/http/exposed-panels/cisco-unity-panel.yaml b/http/exposed-panels/cisco-unity-panel.yaml index 210792249c..e109b0e066 100644 --- a/http/exposed-panels/cisco-unity-panel.yaml +++ b/http/exposed-panels/cisco-unity-panel.yaml @@ -7,9 +7,9 @@ info: description: | A Cisco Unity Connection instance was detected. metadata: - verified: true max-request: 2 shodan-query: html:"Cisco Unity Connection" + verified: true tags: panel,cisco,unity,login,detect http: diff --git a/http/exposed-panels/cisco/cisco-anyconnect-vpn.yaml b/http/exposed-panels/cisco/cisco-anyconnect-vpn.yaml index 0514ce24e8..0d3f6df1d7 100644 --- a/http/exposed-panels/cisco/cisco-anyconnect-vpn.yaml +++ b/http/exposed-panels/cisco/cisco-anyconnect-vpn.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:windows:*:*:* metadata: max-request: 1 - vendor: cisco product: anyconnect_secure_mobility_client + vendor: cisco tags: cisco,panel,vpn http: diff --git a/http/exposed-panels/cisco/cisco-asa-panel.yaml b/http/exposed-panels/cisco/cisco-asa-panel.yaml index 03b963d458..549f7107cc 100644 --- a/http/exposed-panels/cisco/cisco-asa-panel.yaml +++ b/http/exposed-panels/cisco/cisco-asa-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: cisco product: adaptive_security_appliance_software + vendor: cisco tags: cisco,panel http: diff --git a/http/exposed-panels/cisco/cisco-edge-340.yaml b/http/exposed-panels/cisco/cisco-edge-340.yaml index 09fe953a40..58777fc4cb 100644 --- a/http/exposed-panels/cisco/cisco-edge-340.yaml +++ b/http/exposed-panels/cisco/cisco-edge-340.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:o:cisco:edge_340_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: cisco product: edge_340_firmware shodan-query: http.title:"Cisco Edge 340" + vendor: cisco tags: panel,cisco http: diff --git a/http/exposed-panels/cisco/cisco-expressway-panel.yaml b/http/exposed-panels/cisco/cisco-expressway-panel.yaml index 9de3c2a082..da05d10e66 100644 --- a/http/exposed-panels/cisco/cisco-expressway-panel.yaml +++ b/http/exposed-panels/cisco/cisco-expressway-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.cisco.com/c/en/us/products/unified-communications/expressway-series/index.html metadata: - verified: true max-request: 1 shodan-query: html:"Cisco Expressway" + verified: true tags: panel,cisco,login,detect http: diff --git a/http/exposed-panels/cisco/cisco-finesse-login.yaml b/http/exposed-panels/cisco/cisco-finesse-login.yaml index ff8298d87d..6cc147d625 100644 --- a/http/exposed-panels/cisco/cisco-finesse-login.yaml +++ b/http/exposed-panels/cisco/cisco-finesse-login.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:cisco:finesse:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: cisco product: finesse + vendor: cisco tags: panel,cisco,edb http: diff --git a/http/exposed-panels/cisco/cisco-integrated-login.yaml b/http/exposed-panels/cisco/cisco-integrated-login.yaml index 449bdaf726..05e8a275bc 100644 --- a/http/exposed-panels/cisco/cisco-integrated-login.yaml +++ b/http/exposed-panels/cisco/cisco-integrated-login.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:cisco:integrated_management_controller:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: cisco product: integrated_management_controller + vendor: cisco tags: panel,cisco,edb http: diff --git a/http/exposed-panels/cisco/cisco-ios-xe-panel.yaml b/http/exposed-panels/cisco/cisco-ios-xe-panel.yaml index 5e56c0a84d..5dbc02e7fb 100644 --- a/http/exposed-panels/cisco/cisco-ios-xe-panel.yaml +++ b/http/exposed-panels/cisco/cisco-ios-xe-panel.yaml @@ -13,11 +13,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:* metadata: - verified: "true" max-request: 2 - vendor: cisco product: ios_xe shodan-query: http.html_hash:1076109428 + vendor: cisco + verified: "true" tags: panel,cisco,ssl ssl: - address: "{{Host}}:{{Port}}" diff --git a/http/exposed-panels/cisco/cisco-onprem-panel.yaml b/http/exposed-panels/cisco/cisco-onprem-panel.yaml index a971e8bfe9..619ff6936c 100644 --- a/http/exposed-panels/cisco/cisco-onprem-panel.yaml +++ b/http/exposed-panels/cisco/cisco-onprem-panel.yaml @@ -12,12 +12,12 @@ info: classification: cpe: cpe:2.3:a:cisco:smart_software_manager_on-prem:*:*:*:*:*:*:*:* metadata: - verified: true + fofa-query: title="On-Prem License Workspace" max-request: 2 - vendor: cisco product: smart_software_manager_on-prem shodan-query: title:"On-Prem License Workspace" - fofa-query: title="On-Prem License Workspace" + vendor: cisco + verified: true tags: cisco,manager,login,panel http: diff --git a/http/exposed-panels/cisco/cisco-prime-infrastructure.yaml b/http/exposed-panels/cisco/cisco-prime-infrastructure.yaml index 35134ad8ee..589de4f482 100644 --- a/http/exposed-panels/cisco/cisco-prime-infrastructure.yaml +++ b/http/exposed-panels/cisco/cisco-prime-infrastructure.yaml @@ -12,9 +12,9 @@ info: cpe: cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: cisco product: prime_infrastructure shodan-query: http.title:"prime infrastructure" + vendor: cisco tags: panel,cisco http: diff --git a/http/exposed-panels/cisco/cisco-sd-wan.yaml b/http/exposed-panels/cisco/cisco-sd-wan.yaml index 19a4e7dbfd..383fa25abe 100644 --- a/http/exposed-panels/cisco/cisco-sd-wan.yaml +++ b/http/exposed-panels/cisco/cisco-sd-wan.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: cisco product: sd-wan + vendor: cisco tags: panel,cisco http: diff --git a/http/exposed-panels/cisco/cisco-secure-desktop.yaml b/http/exposed-panels/cisco/cisco-secure-desktop.yaml index ccd059d5bd..7bb349dd37 100644 --- a/http/exposed-panels/cisco/cisco-secure-desktop.yaml +++ b/http/exposed-panels/cisco/cisco-secure-desktop.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:cisco:secure_desktop:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: cisco product: secure_desktop + vendor: cisco tags: cisco,panel http: diff --git a/http/exposed-panels/cisco/cisco-systems-login.yaml b/http/exposed-panels/cisco/cisco-systems-login.yaml index 60e1bdb3c4..bf615685c0 100644 --- a/http/exposed-panels/cisco/cisco-systems-login.yaml +++ b/http/exposed-panels/cisco/cisco-systems-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + google-query: intitle:"Cisco Systems Login" max-request: 1 shodan-query: http.title:"Cisco Systems Login" - google-query: intitle:"Cisco Systems Login" tags: panel,cisco http: diff --git a/http/exposed-panels/cisco/cisco-telepresence.yaml b/http/exposed-panels/cisco/cisco-telepresence.yaml index e8ca2df71e..a15f79e67a 100644 --- a/http/exposed-panels/cisco/cisco-telepresence.yaml +++ b/http/exposed-panels/cisco/cisco-telepresence.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"Cisco Telepresence" + verified: true tags: panel,cisco http: diff --git a/http/exposed-panels/cisco/cisco-ucs-kvm-login.yaml b/http/exposed-panels/cisco/cisco-ucs-kvm-login.yaml index 9f7f950e49..fbd57909eb 100644 --- a/http/exposed-panels/cisco/cisco-ucs-kvm-login.yaml +++ b/http/exposed-panels/cisco/cisco-ucs-kvm-login.yaml @@ -13,9 +13,9 @@ info: cpe: cpe:2.3:a:cisco:unified_computing_system:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: cisco product: unified_computing_system shodan-query: http.title:"Cisco UCS KVM Direct" + vendor: cisco tags: panel,cisco,ucs,kvm http: diff --git a/http/exposed-panels/cisco/cisco-vmanage-login.yaml b/http/exposed-panels/cisco/cisco-vmanage-login.yaml index d2d07d5e06..387f20f781 100644 --- a/http/exposed-panels/cisco/cisco-vmanage-login.yaml +++ b/http/exposed-panels/cisco/cisco-vmanage-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Cisco vManage" + verified: true tags: panel,cisco http: diff --git a/http/exposed-panels/cisco/cisco-webvpn-detect.yaml b/http/exposed-panels/cisco/cisco-webvpn-detect.yaml index d5f5f710a5..3c1915c944 100644 --- a/http/exposed-panels/cisco/cisco-webvpn-detect.yaml +++ b/http/exposed-panels/cisco/cisco-webvpn-detect.yaml @@ -11,10 +11,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true - max-request: 2 fofa-query: fid="U1TP/SJklrT9VLIEpZkQNg==" google-query: intitle:"SSLVPN Service" + max-request: 2 + verified: true tags: panel,cisco,vpn http: diff --git a/http/exposed-panels/citrix-adc-gateway-detect.yaml b/http/exposed-panels/citrix-adc-gateway-detect.yaml index 91ee4e9e8e..d531e2a1be 100644 --- a/http/exposed-panels/citrix-adc-gateway-detect.yaml +++ b/http/exposed-panels/citrix-adc-gateway-detect.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:citrix:gateway:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: citrix product: gateway + vendor: citrix tags: panel,citrix http: diff --git a/http/exposed-panels/citrix-vpn-detect.yaml b/http/exposed-panels/citrix-vpn-detect.yaml index a1dc0579b2..804efdc634 100644 --- a/http/exposed-panels/citrix-vpn-detect.yaml +++ b/http/exposed-panels/citrix-vpn-detect.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:citrix:gateway:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: citrix product: gateway + vendor: citrix tags: panel,citrix http: diff --git a/http/exposed-panels/claris-filemaker-webdirect.yaml b/http/exposed-panels/claris-filemaker-webdirect.yaml index 13d3f8d43b..74349c7f7c 100644 --- a/http/exposed-panels/claris-filemaker-webdirect.yaml +++ b/http/exposed-panels/claris-filemaker-webdirect.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Claris FileMaker WebDirect" + verified: true tags: panel,edb http: diff --git a/http/exposed-panels/cleanweb-panel.yaml b/http/exposed-panels/cleanweb-panel.yaml index 2b542faa6f..b98d5b4879 100644 --- a/http/exposed-panels/cleanweb-panel.yaml +++ b/http/exposed-panels/cleanweb-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://tentelemed.com/ metadata: - verified: true max-request: 1 shodan-query: http.title:"CleanWeb" + verified: true tags: panel,cleanweb,login,detect http: diff --git a/http/exposed-panels/clearpass-policy-manager.yaml b/http/exposed-panels/clearpass-policy-manager.yaml index c4478fab7c..bcd204dd5a 100644 --- a/http/exposed-panels/clearpass-policy-manager.yaml +++ b/http/exposed-panels/clearpass-policy-manager.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: arubanetworks product: clearpass_policy_manager shodan-query: http.title:"ClearPass Policy Manager" + vendor: arubanetworks tags: panel,aruba,arubanetworks http: diff --git a/http/exposed-panels/cloudpanel-login.yaml b/http/exposed-panels/cloudpanel-login.yaml index 536c8c46e0..15eefeca35 100644 --- a/http/exposed-panels/cloudpanel-login.yaml +++ b/http/exposed-panels/cloudpanel-login.yaml @@ -7,12 +7,12 @@ info: classification: cpe: cpe:2.3:a:mgt-commerce:cloudpanel:*:*:*:*:*:*:*:* metadata: - verified: true + fofa-query: icon_hash="151132309" max-request: 1 - vendor: mgt-commerce product: cloudpanel shodan-query: http.favicon.hash:151132309 - fofa-query: icon_hash="151132309" + vendor: mgt-commerce + verified: true tags: panel,login,cloudpanel,detect,mgt-commerce http: diff --git a/http/exposed-panels/cobbler-webgui.yaml b/http/exposed-panels/cobbler-webgui.yaml index b73d2df0f3..003eb0353d 100644 --- a/http/exposed-panels/cobbler-webgui.yaml +++ b/http/exposed-panels/cobbler-webgui.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:cobblerd:cobbler:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: cobblerd product: cobbler shodan-query: http.title:"Cobbler Web Interface" + vendor: cobblerd tags: cobbler,webserver,panel,cobblerd http: diff --git a/http/exposed-panels/code-server-login.yaml b/http/exposed-panels/code-server-login.yaml index 577b1b5be8..ce1f1d0854 100644 --- a/http/exposed-panels/code-server-login.yaml +++ b/http/exposed-panels/code-server-login.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:coder:code-server:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: coder product: code-server shodan-query: http.title:"code-server login" + vendor: coder + verified: true tags: panel,detect,misc,coder http: diff --git a/http/exposed-panels/code42-panel.yaml b/http/exposed-panels/code42-panel.yaml index 41dd702fae..afaf429022 100644 --- a/http/exposed-panels/code42-panel.yaml +++ b/http/exposed-panels/code42-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:code42:code42:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: code42 product: code42 + vendor: code42 tags: panel,code42 http: diff --git a/http/exposed-panels/codemeter-webadmin-panel.yaml b/http/exposed-panels/codemeter-webadmin-panel.yaml index eac42fd9b3..c4dd8324f3 100644 --- a/http/exposed-panels/codemeter-webadmin-panel.yaml +++ b/http/exposed-panels/codemeter-webadmin-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:wibu:codemeter:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: wibu product: codemeter + vendor: wibu tags: codemeter,webadmin,panel,wibu http: diff --git a/http/exposed-panels/coldfusion-administrator-login.yaml b/http/exposed-panels/coldfusion-administrator-login.yaml index 999155f198..2cdeac80fe 100644 --- a/http/exposed-panels/coldfusion-administrator-login.yaml +++ b/http/exposed-panels/coldfusion-administrator-login.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: adobe product: coldfusion shodan-query: http.title:"ColdFusion Administrator Login" + vendor: adobe tags: panel,coldfusion,adobe http: diff --git a/http/exposed-panels/compal-panel.yaml b/http/exposed-panels/compal-panel.yaml index ac6443303b..342aa5b8b0 100644 --- a/http/exposed-panels/compal-panel.yaml +++ b/http/exposed-panels/compal-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:o:compal:ch7465lg_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: compal product: ch7465lg_firmware + vendor: compal tags: panel,compal http: diff --git a/http/exposed-panels/compalex-panel-detect.yaml b/http/exposed-panels/compalex-panel-detect.yaml index 6cbfc8bf64..f741dd8e85 100644 --- a/http/exposed-panels/compalex-panel-detect.yaml +++ b/http/exposed-panels/compalex-panel-detect.yaml @@ -7,10 +7,10 @@ info: reference: - http://compalex.net/ metadata: - verified: true max-request: 15 shodan-query: title:"COMPALEX" - tags: tech,php,compalex,sql,panel + verified: true + tags: tech,php,compalex,sql http: - method: GET diff --git a/http/exposed-panels/completeview-web-panel.yaml b/http/exposed-panels/completeview-web-panel.yaml index 410ae4f957..3f4dee010d 100644 --- a/http/exposed-panels/completeview-web-panel.yaml +++ b/http/exposed-panels/completeview-web-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"CompleteView Web Client" + verified: true tags: panel,completeview http: diff --git a/http/exposed-panels/concrete5/concrete5-install.yaml b/http/exposed-panels/concrete5/concrete5-install.yaml index 1ebcd12e18..37dcd3d528 100644 --- a/http/exposed-panels/concrete5/concrete5-install.yaml +++ b/http/exposed-panels/concrete5/concrete5-install.yaml @@ -10,11 +10,11 @@ info: classification: cpe: cpe:2.3:a:concrete5:concrete5:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: concrete5 product: concrete5 shodan-query: http.title:"Install concrete5" + vendor: concrete5 + verified: true tags: panel,install,concrete,cms,concrete5 http: diff --git a/http/exposed-panels/concrete5/concrete5-panel.yaml b/http/exposed-panels/concrete5/concrete5-panel.yaml index 25294aa1eb..0f4f85df24 100644 --- a/http/exposed-panels/concrete5/concrete5-panel.yaml +++ b/http/exposed-panels/concrete5/concrete5-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:concrete5:concrete5:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: concrete5 product: concrete5 shodan-query: http.title:"concrete5" + vendor: concrete5 tags: panel,concrete5,cms http: diff --git a/http/exposed-panels/connect-box-login.yaml b/http/exposed-panels/connect-box-login.yaml index fd12091933..a06eb455ff 100644 --- a/http/exposed-panels/connect-box-login.yaml +++ b/http/exposed-panels/connect-box-login.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:o:upc:connect_box_eurodocsis_firmware:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: upc product: connect_box_eurodocsis_firmware shodan-query: NET-DK/1.0 + vendor: upc + verified: true tags: panel,connectbox,iot,upc http: diff --git a/http/exposed-panels/connectwise-backup-manager.yaml b/http/exposed-panels/connectwise-backup-manager.yaml index f4a62d7ed8..748def1c77 100644 --- a/http/exposed-panels/connectwise-backup-manager.yaml +++ b/http/exposed-panels/connectwise-backup-manager.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.component:zk http.title:"Server Backup Manager" + verified: true tags: panel,connectwise,backup http: diff --git a/http/exposed-panels/connectwise-panel.yaml b/http/exposed-panels/connectwise-panel.yaml index 68aa329dfe..75feb4ba0f 100644 --- a/http/exposed-panels/connectwise-panel.yaml +++ b/http/exposed-panels/connectwise-panel.yaml @@ -9,11 +9,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:connectwise:screenconnect:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: connectwise product: screenconnect shodan-query: http.favicon.hash:-82958153 + vendor: connectwise + verified: true tags: screenconnect,panel,connectwise,detect http: diff --git a/http/exposed-panels/contao-login-panel.yaml b/http/exposed-panels/contao-login-panel.yaml index 487591c3a2..5a7d1ef6d3 100644 --- a/http/exposed-panels/contao-login-panel.yaml +++ b/http/exposed-panels/contao-login-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:contao:contao:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: contao product: contao shodan-query: http.html:"Contao Open Source CMS" + vendor: contao + verified: true tags: panel,contao http: diff --git a/http/exposed-panels/content-central-login.yaml b/http/exposed-panels/content-central-login.yaml index 97f57e01af..4d85515401 100644 --- a/http/exposed-panels/content-central-login.yaml +++ b/http/exposed-panels/content-central-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: http.title:"Content Central Login" + verified: true tags: panel,content-central http: diff --git a/http/exposed-panels/corebos-panel.yaml b/http/exposed-panels/corebos-panel.yaml index 541006d764..7f18a54ba0 100644 --- a/http/exposed-panels/corebos-panel.yaml +++ b/http/exposed-panels/corebos-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:corebos:corebos:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: corebos product: corebos shodan-query: http.html:"corebos" + vendor: corebos + verified: true tags: panel,corebos http: diff --git a/http/exposed-panels/cortex-xsoar-login.yaml b/http/exposed-panels/cortex-xsoar-login.yaml index 5a748d497e..e4d8cb7caf 100644 --- a/http/exposed-panels/cortex-xsoar-login.yaml +++ b/http/exposed-panels/cortex-xsoar-login.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:paloaltonetworks:cortex_xsoar:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: paloaltonetworks product: cortex_xsoar shodan-query: http.title:"Cortex XSOAR" + vendor: paloaltonetworks tags: panel,soar,login,paloaltonetworks http: diff --git a/http/exposed-panels/couchdb-exposure.yaml b/http/exposed-panels/couchdb-exposure.yaml index 630ad28708..48dd5fd207 100644 --- a/http/exposed-panels/couchdb-exposure.yaml +++ b/http/exposed-panels/couchdb-exposure.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:apache:couchdb:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: apache product: couchdb + vendor: apache tags: panel,couchdb,apache http: diff --git a/http/exposed-panels/couchdb-fauxton.yaml b/http/exposed-panels/couchdb-fauxton.yaml index 95db101af4..e4288cd1d3 100644 --- a/http/exposed-panels/couchdb-fauxton.yaml +++ b/http/exposed-panels/couchdb-fauxton.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:apache:couchdb:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: apache product: couchdb + vendor: apache tags: panel,apache,couchdb http: diff --git a/http/exposed-panels/cpanel-api-codes.yaml b/http/exposed-panels/cpanel-api-codes.yaml index 72bda20ccf..1cd654880a 100644 --- a/http/exposed-panels/cpanel-api-codes.yaml +++ b/http/exposed-panels/cpanel-api-codes.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: cpanel product: cpanel shodan-query: title:"CPanel - API Codes" + vendor: cpanel + verified: true tags: panel,cpanel http: diff --git a/http/exposed-panels/craftcms-admin-panel.yaml b/http/exposed-panels/craftcms-admin-panel.yaml index 64ecbd2e09..1c26ff0ad2 100644 --- a/http/exposed-panels/craftcms-admin-panel.yaml +++ b/http/exposed-panels/craftcms-admin-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:nystudio107:seomatic:*:*:*:*:craft_cms:*:*:* metadata: max-request: 1 - vendor: nystudio107 product: seomatic shodan-query: 'X-Powered-By: Craft CMS' + vendor: nystudio107 tags: panel,craftcms,nystudio107 http: diff --git a/http/exposed-panels/creatio-login-panel.yaml b/http/exposed-panels/creatio-login-panel.yaml index b5a4558643..26694cc128 100644 --- a/http/exposed-panels/creatio-login-panel.yaml +++ b/http/exposed-panels/creatio-login-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"Creatio" + verified: true tags: panel,creatio http: diff --git a/http/exposed-panels/crontab-ui.yaml b/http/exposed-panels/crontab-ui.yaml index 9cdc773ed3..c03e31f35c 100644 --- a/http/exposed-panels/crontab-ui.yaml +++ b/http/exposed-panels/crontab-ui.yaml @@ -7,9 +7,9 @@ info: reference: - https://www.facebook.com/photo/?fbid=629288492575007&set=a.467014098802448 metadata: - verified: true max-request: 1 shodan-query: html:"Crontab UI" + verified: true tags: exposure,crontab,ui,panel http: diff --git a/http/exposed-panels/crush-ftp-login.yaml b/http/exposed-panels/crush-ftp-login.yaml index ee048a668f..18da461a30 100644 --- a/http/exposed-panels/crush-ftp-login.yaml +++ b/http/exposed-panels/crush-ftp-login.yaml @@ -12,10 +12,10 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: crushftp product: crushftp + vendor: crushftp + verified: true tags: panel,edb,crushftp,detect http: diff --git a/http/exposed-panels/cryptobox-panel.yaml b/http/exposed-panels/cryptobox-panel.yaml index 7b4257d51a..b3670ef6da 100644 --- a/http/exposed-panels/cryptobox-panel.yaml +++ b/http/exposed-panels/cryptobox-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.ercom.com/solutions/cryptobox-presentation metadata: - verified: true max-request: 1 shodan-query: title:"Cryptobox" + verified: true tags: panel,cryptobox,login,detect http: diff --git a/http/exposed-panels/cudatel-panel.yaml b/http/exposed-panels/cudatel-panel.yaml index 3cd0d80735..5ec722251d 100644 --- a/http/exposed-panels/cudatel-panel.yaml +++ b/http/exposed-panels/cudatel-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"CudaTel" + verified: true tags: panel,cudatel http: diff --git a/http/exposed-panels/cvent-panel-detect.yaml b/http/exposed-panels/cvent-panel-detect.yaml index d2a6a7f654..835c0d561c 100644 --- a/http/exposed-panels/cvent-panel-detect.yaml +++ b/http/exposed-panels/cvent-panel-detect.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 5 shodan-query: http.html:"Cvent Inc" + verified: true tags: panel,cvent http: diff --git a/http/exposed-panels/cwp-webpanel.yaml b/http/exposed-panels/cwp-webpanel.yaml index fd8b0f9149..1373e8751b 100644 --- a/http/exposed-panels/cwp-webpanel.yaml +++ b/http/exposed-panels/cwp-webpanel.yaml @@ -9,8 +9,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - max-request: 1 fofa-query: title=="CWP |用户" || title=="Login | CentOS WebPanel" || body="CentOS WebPanel" + max-request: 1 tags: panel,centos http: diff --git a/http/exposed-panels/cyberoam-ssl-vpn-panel.yaml b/http/exposed-panels/cyberoam-ssl-vpn-panel.yaml index ed26e4c28f..d96f34f7b9 100644 --- a/http/exposed-panels/cyberoam-ssl-vpn-panel.yaml +++ b/http/exposed-panels/cyberoam-ssl-vpn-panel.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:h:sophos:cyberoam:*:*:*:*:*:*:*:* metadata: + google-query: intitle:"Cyberoam SSL VPN Portal" max-request: 1 - vendor: sophos product: cyberoam shodan-query: title:"Cyberoam SSL VPN Portal" - google-query: intitle:"Cyberoam SSL VPN Portal" + vendor: sophos tags: panel,cyberoam,vpn,sophos http: diff --git a/http/exposed-panels/dahua-web-panel.yaml b/http/exposed-panels/dahua-web-panel.yaml index 108d0a6397..b669d439bc 100644 --- a/http/exposed-panels/dahua-web-panel.yaml +++ b/http/exposed-panels/dahua-web-panel.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.favicon.hash:1653394551 + verified: true tags: edb,panel,dahua,detect http: diff --git a/http/exposed-panels/darktrace-threat-visualizer.yaml b/http/exposed-panels/darktrace-threat-visualizer.yaml index d188792d7a..84ddc7d128 100644 --- a/http/exposed-panels/darktrace-threat-visualizer.yaml +++ b/http/exposed-panels/darktrace-threat-visualizer.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:darktrace:threat_visualizer:*:*:*:*:android:*:*:* metadata: - verified: true max-request: 1 - vendor: darktrace product: threat_visualizer shodan-query: html:"Darktrace Threat Visualizer" + vendor: darktrace + verified: true tags: panel,darktrace http: diff --git a/http/exposed-panels/dashy-panel.yaml b/http/exposed-panels/dashy-panel.yaml index 9fb8840eff..6c8b6850c3 100644 --- a/http/exposed-panels/dashy-panel.yaml +++ b/http/exposed-panels/dashy-panel.yaml @@ -9,11 +9,11 @@ info: classification: cpe: cpe:2.3:a:dashy:dashy:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: dashy product: dashy shodan-query: http.favicon.hash:-1013024216 + vendor: dashy + verified: true tags: panel,dashy,detect http: diff --git a/http/exposed-panels/datadog-login.yaml b/http/exposed-panels/datadog-login.yaml index 4994e02c84..4aded9b958 100644 --- a/http/exposed-panels/datadog-login.yaml +++ b/http/exposed-panels/datadog-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Datadog" + verified: true tags: panel,datadog http: diff --git a/http/exposed-panels/dataease-panel.yaml b/http/exposed-panels/dataease-panel.yaml index 18e0d23da3..2f077d329d 100644 --- a/http/exposed-panels/dataease-panel.yaml +++ b/http/exposed-panels/dataease-panel.yaml @@ -11,11 +11,11 @@ info: classification: cpe: cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: dataease product: dataease shodan-query: html:"Dataease" + vendor: dataease + verified: true tags: login,panel,dataease http: diff --git a/http/exposed-panels/dataiku-panel.yaml b/http/exposed-panels/dataiku-panel.yaml index 42ae78c90a..0da072a99d 100644 --- a/http/exposed-panels/dataiku-panel.yaml +++ b/http/exposed-panels/dataiku-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"dataiku" + verified: true tags: panel,dataiku http: diff --git a/http/exposed-panels/davantis-panel.yaml b/http/exposed-panels/davantis-panel.yaml index 07007b967b..6b2fa8b95e 100644 --- a/http/exposed-panels/davantis-panel.yaml +++ b/http/exposed-panels/davantis-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"Davantis" + verified: true tags: panel,davantis http: diff --git a/http/exposed-panels/daybyday-panel.yaml b/http/exposed-panels/daybyday-panel.yaml index 8c87c428ec..1dcf171ee4 100644 --- a/http/exposed-panels/daybyday-panel.yaml +++ b/http/exposed-panels/daybyday-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:daybydaycrm:daybyday:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: daybydaycrm product: daybyday shodan-query: http.title:"Daybyday" + vendor: daybydaycrm tags: panel,daybyday,daybydaycrm http: diff --git a/http/exposed-panels/dell-bmc-panel-detect.yaml b/http/exposed-panels/dell-bmc-panel-detect.yaml index 7c556f2798..b50e9c7850 100644 --- a/http/exposed-panels/dell-bmc-panel-detect.yaml +++ b/http/exposed-panels/dell-bmc-panel-detect.yaml @@ -10,9 +10,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Dell Remote Management Controller" + verified: true tags: panel,bmc,dell,login http: diff --git a/http/exposed-panels/dell-idrac.yaml b/http/exposed-panels/dell-idrac.yaml index d7a4fc65c9..5de5884a50 100644 --- a/http/exposed-panels/dell-idrac.yaml +++ b/http/exposed-panels/dell-idrac.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: html:"thisIDRACText" + verified: true tags: panel,idrac,dell,detect http: diff --git a/http/exposed-panels/dell-wyse-login.yaml b/http/exposed-panels/dell-wyse-login.yaml index 734aa03be1..61562d6654 100644 --- a/http/exposed-panels/dell-wyse-login.yaml +++ b/http/exposed-panels/dell-wyse-login.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:dell:wyse_management_suite:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: dell product: wyse_management_suite + vendor: dell tags: panel,dell,login http: diff --git a/http/exposed-panels/deluge-webui-panel.yaml b/http/exposed-panels/deluge-webui-panel.yaml index dad634f521..9de52a2976 100644 --- a/http/exposed-panels/deluge-webui-panel.yaml +++ b/http/exposed-panels/deluge-webui-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:deluge-torrent:deluge:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: deluge-torrent product: deluge shodan-query: title:"Deluge WebUI" + vendor: deluge-torrent + verified: true tags: panel,deluge,deluge-torrent http: diff --git a/http/exposed-panels/digitalrebar-login.yaml b/http/exposed-panels/digitalrebar-login.yaml index 831d6eb3f1..6243172669 100644 --- a/http/exposed-panels/digitalrebar-login.yaml +++ b/http/exposed-panels/digitalrebar-login.yaml @@ -14,8 +14,8 @@ info: cpe: cpe:2.3:a:rackn:digital_rebar:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: rackn product: digital_rebar + vendor: rackn tags: rackn,digitalrebar,panel http: diff --git a/http/exposed-panels/directadmin-login-panel.yaml b/http/exposed-panels/directadmin-login-panel.yaml index 05c25a3b2f..e6c6ae6b56 100644 --- a/http/exposed-panels/directadmin-login-panel.yaml +++ b/http/exposed-panels/directadmin-login-panel.yaml @@ -13,9 +13,9 @@ info: cpe: cpe:2.3:a:directadmin:directadmin:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: directadmin product: directadmin shodan-query: title:"DirectAdmin Login" + vendor: directadmin tags: panel,directadmin http: diff --git a/http/exposed-panels/directum-login.yaml b/http/exposed-panels/directum-login.yaml index 364fb1b5e2..5768af5e60 100644 --- a/http/exposed-panels/directum-login.yaml +++ b/http/exposed-panels/directum-login.yaml @@ -9,8 +9,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - max-request: 1 fofa-query: title="Directum" + max-request: 1 tags: directum,panel http: diff --git a/http/exposed-panels/discuz-panel.yaml b/http/exposed-panels/discuz-panel.yaml index 30af114ecb..72429237ba 100644 --- a/http/exposed-panels/discuz-panel.yaml +++ b/http/exposed-panels/discuz-panel.yaml @@ -5,10 +5,10 @@ info: author: ritikchaddha severity: info metadata: - verified: true + fofa-query: title="Discuz!" max-request: 1 shodan-query: title:"Discuz!" - fofa-query: title="Discuz!" + verified: true tags: panel,discuz,detect,login http: diff --git a/http/exposed-panels/django-admin-panel.yaml b/http/exposed-panels/django-admin-panel.yaml index f05e077ca3..3d18400e9f 100644 --- a/http/exposed-panels/django-admin-panel.yaml +++ b/http/exposed-panels/django-admin-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: djangoproject product: django + vendor: djangoproject tags: panel,django,python,djangoproject http: diff --git a/http/exposed-panels/docebo-elearning-panel.yaml b/http/exposed-panels/docebo-elearning-panel.yaml index 7f36d42c2f..5454ee7885 100644 --- a/http/exposed-panels/docebo-elearning-panel.yaml +++ b/http/exposed-panels/docebo-elearning-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true - max-request: 1 fofa-query: title="Docebo E-learning" + max-request: 1 + verified: true tags: panel,docebo http: diff --git a/http/exposed-panels/dockge-panel.yaml b/http/exposed-panels/dockge-panel.yaml index 0fe258c1f2..7b2c54506c 100644 --- a/http/exposed-panels/dockge-panel.yaml +++ b/http/exposed-panels/dockge-panel.yaml @@ -10,11 +10,10 @@ info: - https://github.com/louislam/dockge - https://dockge.kuma.pet/ metadata: - verified: true max-request: 1 shodan-query: title:"Dockge" + verified: true tags: panel,dockge,login - http: - method: GET path: diff --git a/http/exposed-panels/dokuwiki-panel.yaml b/http/exposed-panels/dokuwiki-panel.yaml index 941ed1211e..67610dfb38 100644 --- a/http/exposed-panels/dokuwiki-panel.yaml +++ b/http/exposed-panels/dokuwiki-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.dokuwiki.org/dokuwiki metadata: - verified: true max-request: 1 shodan-query: http.html:"/dokuwiki/" + verified: true tags: panel,dokuwiki,login http: diff --git a/http/exposed-panels/doris-panel.yaml b/http/exposed-panels/doris-panel.yaml index 29e2840aa9..0d8470894c 100644 --- a/http/exposed-panels/doris-panel.yaml +++ b/http/exposed-panels/doris-panel.yaml @@ -6,9 +6,9 @@ info: severity: info description: Doris panel detection template. metadata: - verified: true max-request: 1 shodan-query: http.favicon.hash:24048806 + verified: true tags: doris,panel,login,detect http: diff --git a/http/exposed-panels/dotclear-panel.yaml b/http/exposed-panels/dotclear-panel.yaml index f93aaaa8cd..587c582458 100644 --- a/http/exposed-panels/dotclear-panel.yaml +++ b/http/exposed-panels/dotclear-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:dotclear:dotclear:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: dotclear product: dotclear shodan-query: http.title:"Dotclear" + vendor: dotclear tags: panel,dotclear http: diff --git a/http/exposed-panels/dotcms-admin-panel.yaml b/http/exposed-panels/dotcms-admin-panel.yaml index 42ef7ed566..5a42ed97af 100644 --- a/http/exposed-panels/dotcms-admin-panel.yaml +++ b/http/exposed-panels/dotcms-admin-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:dotcms:dotcms:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: dotcms product: dotcms + vendor: dotcms tags: panel,dotcms,cms http: diff --git a/http/exposed-panels/dplus-dashboard.yaml b/http/exposed-panels/dplus-dashboard.yaml index d9097baf8c..132729ee36 100644 --- a/http/exposed-panels/dplus-dashboard.yaml +++ b/http/exposed-panels/dplus-dashboard.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"DPLUS Dashboard" + verified: true tags: panel,dplus,exposure http: diff --git a/http/exposed-panels/dqs-superadmin-panel.yaml b/http/exposed-panels/dqs-superadmin-panel.yaml index 3bd88835ba..74f5cf2875 100644 --- a/http/exposed-panels/dqs-superadmin-panel.yaml +++ b/http/exposed-panels/dqs-superadmin-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"DQS Superadmin" + verified: true tags: panel,dqs,superadmin http: diff --git a/http/exposed-panels/dradis-pro-panel.yaml b/http/exposed-panels/dradis-pro-panel.yaml index 248031199c..9ec2e9828b 100644 --- a/http/exposed-panels/dradis-pro-panel.yaml +++ b/http/exposed-panels/dradis-pro-panel.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Dradis Professional Edition" + verified: true tags: panel,dradis http: diff --git a/http/exposed-panels/drawio-flowchartmaker-panel.yaml b/http/exposed-panels/drawio-flowchartmaker-panel.yaml index f0f066eae8..a0826f7469 100644 --- a/http/exposed-panels/drawio-flowchartmaker-panel.yaml +++ b/http/exposed-panels/drawio-flowchartmaker-panel.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:diagrams:drawio:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: diagrams product: drawio shodan-query: http.title:"Flowchart Maker" + vendor: diagrams + verified: true tags: panel,drawio,oss,diagrams http: diff --git a/http/exposed-panels/druid-console-exposure.yaml b/http/exposed-panels/druid-console-exposure.yaml index 4944c7aa81..4ba687a5c0 100644 --- a/http/exposed-panels/druid-console-exposure.yaml +++ b/http/exposed-panels/druid-console-exposure.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:alibaba:druid:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: alibaba product: druid + vendor: alibaba tags: panel,alibaba,druid http: diff --git a/http/exposed-panels/druid-panel.yaml b/http/exposed-panels/druid-panel.yaml index 7a90ead3e4..4ccebd1fca 100644 --- a/http/exposed-panels/druid-panel.yaml +++ b/http/exposed-panels/druid-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:apache:druid:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: apache product: druid + vendor: apache tags: panel,druid,apache http: diff --git a/http/exposed-panels/drupal-login.yaml b/http/exposed-panels/drupal-login.yaml index 317c190ae5..265533e4a6 100644 --- a/http/exposed-panels/drupal-login.yaml +++ b/http/exposed-panels/drupal-login.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: drupal product: drupal shodan-query: http.component:"drupal" + vendor: drupal tags: panel,drupal http: diff --git a/http/exposed-panels/dxplanning-panel.yaml b/http/exposed-panels/dxplanning-panel.yaml index 7caaad0caa..aaf6781ecb 100644 --- a/http/exposed-panels/dxplanning-panel.yaml +++ b/http/exposed-panels/dxplanning-panel.yaml @@ -9,8 +9,8 @@ info: reference: - https://www.dedalus.com/fr/wp-content/uploads/sites/13/2022/05/Catalogue-formations-DxCare-2022.pdf metadata: - verified: true max-request: 1 + verified: true tags: panel,dxplanning,login,detect http: diff --git a/http/exposed-panels/dynatrace-panel.yaml b/http/exposed-panels/dynatrace-panel.yaml index 1727044122..f22700791f 100644 --- a/http/exposed-panels/dynatrace-panel.yaml +++ b/http/exposed-panels/dynatrace-panel.yaml @@ -10,9 +10,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.favicon.hash:1828614783 + verified: true tags: dynatrace,login,panel http: diff --git a/http/exposed-panels/dzzoffice/dzzoffice-install.yaml b/http/exposed-panels/dzzoffice/dzzoffice-install.yaml index 34c41e971d..78fd8a55e3 100644 --- a/http/exposed-panels/dzzoffice/dzzoffice-install.yaml +++ b/http/exposed-panels/dzzoffice/dzzoffice-install.yaml @@ -11,12 +11,12 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:dzzoffice:dzzoffice:*:*:*:*:*:*:*:* metadata: - verified: true + fofa-query: title="dzzoffice" max-request: 1 - vendor: dzzoffice product: dzzoffice shodan-query: http.favicon.hash:-1961736892 - fofa-query: title="dzzoffice" + vendor: dzzoffice + verified: true tags: panel,dzzoffice,install http: diff --git a/http/exposed-panels/dzzoffice/dzzoffice-panel.yaml b/http/exposed-panels/dzzoffice/dzzoffice-panel.yaml index de12a1f0fb..b43211cc4a 100644 --- a/http/exposed-panels/dzzoffice/dzzoffice-panel.yaml +++ b/http/exposed-panels/dzzoffice/dzzoffice-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 3 shodan-query: http.favicon.hash:-1961736892 + verified: true tags: dzzoffice,panel http: diff --git a/http/exposed-panels/e-mobile-panel.yaml b/http/exposed-panels/e-mobile-panel.yaml index 6d2d6f80cc..a8478f1f9e 100644 --- a/http/exposed-panels/e-mobile-panel.yaml +++ b/http/exposed-panels/e-mobile-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 3 shodan-query: http.html:"E-Mobile " + verified: true tags: panel,e-mobile http: diff --git a/http/exposed-panels/eMerge-panel.yaml b/http/exposed-panels/eMerge-panel.yaml index 8dd0d80616..5fe66b3470 100644 --- a/http/exposed-panels/eMerge-panel.yaml +++ b/http/exposed-panels/eMerge-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:o:nortekcontrol:linear_emerge_essential_firmware:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: nortekcontrol product: linear_emerge_essential_firmware shodan-query: http.title:"eMerge" + vendor: nortekcontrol + verified: true tags: panel,emerge,nortek,nortekcontrol http: diff --git a/http/exposed-panels/earcu-panel.yaml b/http/exposed-panels/earcu-panel.yaml index 0190ef18de..6b052bed06 100644 --- a/http/exposed-panels/earcu-panel.yaml +++ b/http/exposed-panels/earcu-panel.yaml @@ -8,9 +8,9 @@ info: reference: - https://www.earcu.com/products metadata: - verified: "true" max-request: 1 shodan-query: html:'content="eArcu' + verified: "true" tags: panel,earcu,detect http: diff --git a/http/exposed-panels/easyjob-panel.yaml b/http/exposed-panels/easyjob-panel.yaml index 02d9c08d2a..37bf2e096b 100644 --- a/http/exposed-panels/easyjob-panel.yaml +++ b/http/exposed-panels/easyjob-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.en.because-software.com/software/easyjob/ metadata: - verified: true max-request: 1 shodan-query: http.title:"Log in - easyJOB" + verified: true tags: panel,easyjob,login http: diff --git a/http/exposed-panels/eclipse-birt-panel.yaml b/http/exposed-panels/eclipse-birt-panel.yaml index 8663563562..8586bce1e6 100644 --- a/http/exposed-panels/eclipse-birt-panel.yaml +++ b/http/exposed-panels/eclipse-birt-panel.yaml @@ -11,10 +11,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true + google-query: intitle:"Eclipse BIRT Home" max-request: 2 shodan-query: title:"Eclipse BIRT Home" - google-query: intitle:"Eclipse BIRT Home" + verified: true tags: panel,eclipsebirt,detect http: diff --git a/http/exposed-panels/edgeos-login.yaml b/http/exposed-panels/edgeos-login.yaml index e6d807d9f4..1fd6c668f9 100644 --- a/http/exposed-panels/edgeos-login.yaml +++ b/http/exposed-panels/edgeos-login.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:o:ui:edgeos:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: ui product: edgeos + vendor: ui tags: login,tech,edgeos,edgemax,panel,ui http: diff --git a/http/exposed-panels/efak-login-panel.yaml b/http/exposed-panels/efak-login-panel.yaml index d36186bfed..3a03a2f5b8 100644 --- a/http/exposed-panels/efak-login-panel.yaml +++ b/http/exposed-panels/efak-login-panel.yaml @@ -10,9 +10,9 @@ info: - https://github.com/smartloli/efak - https://www.kafka-eagle.org/ metadata: - verified: true max-request: 2 shodan-query: http.favicon.hash:1693580324 + verified: true tags: panel,efak,login,detect http: diff --git a/http/exposed-panels/eko-management-console-login.yaml b/http/exposed-panels/eko-management-console-login.yaml index f6824f19a1..3a97680038 100644 --- a/http/exposed-panels/eko-management-console-login.yaml +++ b/http/exposed-panels/eko-management-console-login.yaml @@ -11,10 +11,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true + google-query: intitle:"Charger Management Console" max-request: 1 shodan-query: http.title:"Charger Management Console" - google-query: intitle:"Charger Management Console" + verified: true tags: panel,eko http: diff --git a/http/exposed-panels/eko-software-update-panel.yaml b/http/exposed-panels/eko-software-update-panel.yaml index d07a8e776e..d749fced04 100644 --- a/http/exposed-panels/eko-software-update-panel.yaml +++ b/http/exposed-panels/eko-software-update-panel.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + google-query: intitle:"Ekoenergetyka-Polska Sp. z o.o - CCU3 Software Update for Embedded Systems" max-request: 1 shodan-query: http.title:"Ekoenergetyka-Polska Sp. z o.o - CCU3 Software Update for Embedded Systems" - google-query: intitle:"Ekoenergetyka-Polska Sp. z o.o - CCU3 Software Update for Embedded Systems" tags: panel,eko http: diff --git a/http/exposed-panels/elemiz-network-manager.yaml b/http/exposed-panels/elemiz-network-manager.yaml index 77831f8192..c2d4b796b0 100644 --- a/http/exposed-panels/elemiz-network-manager.yaml +++ b/http/exposed-panels/elemiz-network-manager.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Elemiz Network Manager" + verified: true tags: elemiz,manager,login,panel http: diff --git a/http/exposed-panels/emby-panel.yaml b/http/exposed-panels/emby-panel.yaml index c45b91346c..59824ba5be 100644 --- a/http/exposed-panels/emby-panel.yaml +++ b/http/exposed-panels/emby-panel.yaml @@ -14,11 +14,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:emby:emby:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: emby product: emby shodan-query: http.title:"emby" + vendor: emby + verified: true tags: panel,emby,oss http: diff --git a/http/exposed-panels/emessage-panel.yaml b/http/exposed-panels/emessage-panel.yaml index 7c4e6fbe80..4680f3580a 100644 --- a/http/exposed-panels/emessage-panel.yaml +++ b/http/exposed-panels/emessage-panel.yaml @@ -9,8 +9,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - max-request: 1 fofa-query: title="emessage" + max-request: 1 tags: panel,emessage http: diff --git a/http/exposed-panels/emqx-panel.yaml b/http/exposed-panels/emqx-panel.yaml index 8ef86df187..28e4a61fa6 100644 --- a/http/exposed-panels/emqx-panel.yaml +++ b/http/exposed-panels/emqx-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.emqx.io/ metadata: - verified: true max-request: 1 shodan-query: http.title:"EMQX Dashboard" + verified: true tags: panel,emqx,login,detect http: diff --git a/http/exposed-panels/ems-webclient-panel.yaml b/http/exposed-panels/ems-webclient-panel.yaml index 5e819fc243..03f94ee5ac 100644 --- a/http/exposed-panels/ems-webclient-panel.yaml +++ b/http/exposed-panels/ems-webclient-panel.yaml @@ -9,8 +9,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - max-request: 2 google-query: inurl:EMSWebClient/ + max-request: 2 tags: panel,ems http: diff --git a/http/exposed-panels/eos-http-browser.yaml b/http/exposed-panels/eos-http-browser.yaml index 9a8382515c..15abd0d391 100644 --- a/http/exposed-panels/eos-http-browser.yaml +++ b/http/exposed-panels/eos-http-browser.yaml @@ -7,9 +7,9 @@ info: reference: - https://www.facebook.com/photo/?fbid=634930085344181&set=pcb.634929508677572 metadata: - verified: true max-request: 2 shodan-query: title:"EOS HTTP Browser" + verified: true tags: exposure,eos,httpbrowser,panel http: diff --git a/http/exposed-panels/episerver-panel.yaml b/http/exposed-panels/episerver-panel.yaml index 515a4aa64a..430b0ac630 100644 --- a/http/exposed-panels/episerver-panel.yaml +++ b/http/exposed-panels/episerver-panel.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: html:"epihash" + verified: true tags: panel,optimizely,episerver http: diff --git a/http/exposed-panels/epson-projector-detect.yaml b/http/exposed-panels/epson-projector-detect.yaml index 5ef76ee09e..70a2535b5d 100644 --- a/http/exposed-panels/epson-projector-detect.yaml +++ b/http/exposed-panels/epson-projector-detect.yaml @@ -9,8 +9,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - max-request: 1 fofa-query: cgi-bin/webconf.exe + max-request: 1 tags: iot,projector,panel,unauth,epson http: diff --git a/http/exposed-panels/eset-protect-panel.yaml b/http/exposed-panels/eset-protect-panel.yaml index 45a3abe42d..f72761ffe7 100644 --- a/http/exposed-panels/eset-protect-panel.yaml +++ b/http/exposed-panels/eset-protect-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.favicon.hash:751911084 + verified: true tags: login,eset,panel,detect http: diff --git a/http/exposed-panels/esphome-panel.yaml b/http/exposed-panels/esphome-panel.yaml index 32735fd196..351cee5200 100644 --- a/http/exposed-panels/esphome-panel.yaml +++ b/http/exposed-panels/esphome-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:esphome:esphome:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: esphome product: esphome shodan-query: title:"Login - ESPHome" + vendor: esphome + verified: true tags: panel,esphome,iot http: diff --git a/http/exposed-panels/esxi-system.yaml b/http/exposed-panels/esxi-system.yaml index 854a4329e1..904b79daa0 100644 --- a/http/exposed-panels/esxi-system.yaml +++ b/http/exposed-panels/esxi-system.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:o:vmware:esxi:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: vmware product: esxi shodan-query: html:"esxUiApp" + vendor: vmware tags: panel,esxi,vmware http: diff --git a/http/exposed-panels/eventum-panel.yaml b/http/exposed-panels/eventum-panel.yaml index 51e22b09d4..44a44b21c8 100644 --- a/http/exposed-panels/eventum-panel.yaml +++ b/http/exposed-panels/eventum-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:mysql:eventum:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: mysql product: eventum shodan-query: http.favicon.hash:305412257 + vendor: mysql + verified: true tags: panel,eventum,mysql http: diff --git a/http/exposed-panels/evlink/evlink-panel.yaml b/http/exposed-panels/evlink/evlink-panel.yaml index 61399164c6..512e4081a8 100644 --- a/http/exposed-panels/evlink/evlink-panel.yaml +++ b/http/exposed-panels/evlink/evlink-panel.yaml @@ -5,10 +5,10 @@ info: author: ritikchaddha severity: info metadata: - verified: true + fofa-query: title="EVlink Local Controller" max-request: 1 shodan-query: title:"EVlink Local Controller" - fofa-query: title="EVlink Local Controller" + verified: true tags: panel,evlink,login,detect http: diff --git a/http/exposed-panels/evlink/evse-web-panel.yaml b/http/exposed-panels/evlink/evse-web-panel.yaml index 3d3ac99181..0bff8e7844 100644 --- a/http/exposed-panels/evlink/evse-web-panel.yaml +++ b/http/exposed-panels/evlink/evse-web-panel.yaml @@ -7,12 +7,12 @@ info: classification: cpe: cpe:2.3:o:schneider-electric:evlink_charging_station_firmware:*:*:*:*:*:*:*:* metadata: - verified: true + fofa-query: title="EVSE Web Interface" max-request: 2 - vendor: schneider-electric product: evlink_charging_station_firmware shodan-query: title:"EVSE Web Interface" - fofa-query: title="EVSE Web Interface" + vendor: schneider-electric + verified: true tags: panel,evlink,evse,login,detect,schneider-electric http: diff --git a/http/exposed-panels/ewm-manager-panel.yaml b/http/exposed-panels/ewm-manager-panel.yaml index 31c146ca47..2f22bacf8f 100644 --- a/http/exposed-panels/ewm-manager-panel.yaml +++ b/http/exposed-panels/ewm-manager-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"EWM Manager" + verified: true tags: ewm,manager,login,panel http: diff --git a/http/exposed-panels/exagrid-manager-panel.yaml b/http/exposed-panels/exagrid-manager-panel.yaml index fb7c6c0d93..eee45891d4 100644 --- a/http/exposed-panels/exagrid-manager-panel.yaml +++ b/http/exposed-panels/exagrid-manager-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:h:exagrid:backup_appliance:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: exagrid product: backup_appliance shodan-query: title:"ExaGrid Manager" + vendor: exagrid + verified: true tags: exagrid,manager,login,panel http: diff --git a/http/exposed-panels/exolis-engage-panel.yaml b/http/exposed-panels/exolis-engage-panel.yaml index 19e2b18260..c1f4f07e00 100644 --- a/http/exposed-panels/exolis-engage-panel.yaml +++ b/http/exposed-panels/exolis-engage-panel.yaml @@ -11,10 +11,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true + google-query: intitle:"engage - Portail soignant" max-request: 1 shodan-query: html:"engage - Portail soignant" - google-query: intitle:"engage - Portail soignant" + verified: true tags: panel,exolis,engage http: diff --git a/http/exposed-panels/exposed-webalizer.yaml b/http/exposed-panels/exposed-webalizer.yaml index b05b203bc7..4003614fe6 100644 --- a/http/exposed-panels/exposed-webalizer.yaml +++ b/http/exposed-panels/exposed-webalizer.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true - max-request: 1 google-query: intext:"webalizer" intext:"Usage Statistics for" + max-request: 1 + verified: true tags: panel,webalizer,edb http: diff --git a/http/exposed-panels/extron-cms-panel.yaml b/http/exposed-panels/extron-cms-panel.yaml index ce72f1d33e..b0beafeb6f 100644 --- a/http/exposed-panels/extron-cms-panel.yaml +++ b/http/exposed-panels/extron-cms-panel.yaml @@ -10,12 +10,12 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:ektron:ektron_content_management_system:*:*:*:*:*:*:*:* metadata: - verified: true + fofa-query: app="Ektron-CMS" max-request: 1 - vendor: ektron product: ektron_content_management_system shodan-query: http.html:"Ektron" - fofa-query: app="Ektron-CMS" + vendor: ektron + verified: true tags: panel,ektron,cms http: diff --git a/http/exposed-panels/ez-publish-panel.yaml b/http/exposed-panels/ez-publish-panel.yaml index ad22492a34..6c21e598ec 100644 --- a/http/exposed-panels/ez-publish-panel.yaml +++ b/http/exposed-panels/ez-publish-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.html:"eZ Publish" + verified: true tags: panel,ez http: diff --git a/http/exposed-panels/f-secure-policy-manager.yaml b/http/exposed-panels/f-secure-policy-manager.yaml index f0e2978553..b0084a5eab 100644 --- a/http/exposed-panels/f-secure-policy-manager.yaml +++ b/http/exposed-panels/f-secure-policy-manager.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:withsecure:f-secure_policy_manager:*:*:*:*:windows:*:*:* metadata: max-request: 1 - vendor: withsecure product: f-secure_policy_manager shodan-query: http.title:"F-Secure Policy Manager Server" + vendor: withsecure tags: login,panel,withsecure http: diff --git a/http/exposed-panels/fastpanel-hosting-control-panel.yaml b/http/exposed-panels/fastpanel-hosting-control-panel.yaml index 9ab7a7a91b..988de7f31e 100644 --- a/http/exposed-panels/fastpanel-hosting-control-panel.yaml +++ b/http/exposed-panels/fastpanel-hosting-control-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"FASTPANEL HOSTING CONTROL" + verified: true tags: panel,fastpanel http: diff --git a/http/exposed-panels/filebrowser-login-panel.yaml b/http/exposed-panels/filebrowser-login-panel.yaml index 7d68753635..661e69c2d7 100644 --- a/http/exposed-panels/filebrowser-login-panel.yaml +++ b/http/exposed-panels/filebrowser-login-panel.yaml @@ -9,11 +9,11 @@ info: classification: cpe: cpe:2.3:a:filebrowser:filebrowser:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 3 - vendor: filebrowser product: filebrowser shodan-query: http.favicon.hash:1052926265 + vendor: filebrowser + verified: true tags: panel,filebrowser,detect http: diff --git a/http/exposed-panels/fiori-launchpad.yaml b/http/exposed-panels/fiori-launchpad.yaml index 69d44b0e4f..6d1be7c276 100644 --- a/http/exposed-panels/fiori-launchpad.yaml +++ b/http/exposed-panels/fiori-launchpad.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:sap:fiori_launchpad:*:*:*:*:*:*:*:* metadata: - verified: true - max-request: 1 - vendor: sap - product: fiori_launchpad google-query: sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html -site:sap.com + max-request: 1 + product: fiori_launchpad + vendor: sap + verified: true tags: sap,fiori,edb,panel http: diff --git a/http/exposed-panels/fiorilaunchpad-logon.yaml b/http/exposed-panels/fiorilaunchpad-logon.yaml index 68458698f7..505d9a61fa 100644 --- a/http/exposed-panels/fiorilaunchpad-logon.yaml +++ b/http/exposed-panels/fiorilaunchpad-logon.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:sap:fiori_launchpad:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: sap product: fiori_launchpad + vendor: sap tags: panel,edb,sap http: diff --git a/http/exposed-panels/fireware-xtm-user-authentication.yaml b/http/exposed-panels/fireware-xtm-user-authentication.yaml index 75e2cacfef..59638c3d4c 100644 --- a/http/exposed-panels/fireware-xtm-user-authentication.yaml +++ b/http/exposed-panels/fireware-xtm-user-authentication.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:watchguard:fireware_xtm:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: watchguard product: fireware_xtm shodan-query: http.title:"Fireware XTM User Authentication" + vendor: watchguard tags: panel,watchguard http: diff --git a/http/exposed-panels/flahscookie-superadmin-panel.yaml b/http/exposed-panels/flahscookie-superadmin-panel.yaml index d70f473f0c..f2e6e1cad3 100644 --- a/http/exposed-panels/flahscookie-superadmin-panel.yaml +++ b/http/exposed-panels/flahscookie-superadmin-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Flahscookie Superadmin" + verified: true tags: panel,flahscookie,superadmin http: diff --git a/http/exposed-panels/flink-exposure.yaml b/http/exposed-panels/flink-exposure.yaml index 21f2603f95..5f85667f29 100644 --- a/http/exposed-panels/flink-exposure.yaml +++ b/http/exposed-panels/flink-exposure.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:apache:flink:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: apache product: flink + vendor: apache tags: panel,apache,flink http: diff --git a/http/exposed-panels/flip-cms-panel.yaml b/http/exposed-panels/flip-cms-panel.yaml index 19cf41e6c8..82d3a8adf5 100644 --- a/http/exposed-panels/flip-cms-panel.yaml +++ b/http/exposed-panels/flip-cms-panel.yaml @@ -12,8 +12,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 + verified: true tags: panel,flip,cms http: diff --git a/http/exposed-panels/flureedb-admin-console.yaml b/http/exposed-panels/flureedb-admin-console.yaml index aa7c7d8ed3..2c3dd935c2 100644 --- a/http/exposed-panels/flureedb-admin-console.yaml +++ b/http/exposed-panels/flureedb-admin-console.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"FlureeDB Admin Console" + verified: true tags: panel,flureedb http: diff --git a/http/exposed-panels/footprints-panel.yaml b/http/exposed-panels/footprints-panel.yaml index 6fd3e55d3e..1e6d23d686 100644 --- a/http/exposed-panels/footprints-panel.yaml +++ b/http/exposed-panels/footprints-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: title:"FootPrints Service Core Login" + verified: true tags: tech,panel,footprints http: diff --git a/http/exposed-panels/forcepoint.yaml b/http/exposed-panels/forcepoint.yaml index b89490b157..8b46c42de7 100644 --- a/http/exposed-panels/forcepoint.yaml +++ b/http/exposed-panels/forcepoint.yaml @@ -12,8 +12,8 @@ info: cpe: cpe:2.3:a:forcepoint:email_security:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: forcepoint product: email_security + vendor: forcepoint tags: forcepoint,panel,login http: diff --git a/http/exposed-panels/forti/fortiadc-panel.yaml b/http/exposed-panels/forti/fortiadc-panel.yaml index c49e47a3c9..aa17899a86 100644 --- a/http/exposed-panels/forti/fortiadc-panel.yaml +++ b/http/exposed-panels/forti/fortiadc-panel.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: fortinet product: fortiadc shodan-query: title:"FortiADC" + vendor: fortinet + verified: true tags: panel,fortinet http: diff --git a/http/exposed-panels/fortinet/fortiap-panel.yaml b/http/exposed-panels/fortinet/fortiap-panel.yaml index 050517cc64..4f3e294b49 100644 --- a/http/exposed-panels/fortinet/fortiap-panel.yaml +++ b/http/exposed-panels/fortinet/fortiap-panel.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:fortinet:fortiap:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: fortinet product: fortiap shodan-query: title:"FortiAP" + vendor: fortinet + verified: true tags: panel,fortinet,fortiap http: diff --git a/http/exposed-panels/fortinet/fortiauthenticator-detect.yaml b/http/exposed-panels/fortinet/fortiauthenticator-detect.yaml index 32860ae187..1b5b530b4d 100644 --- a/http/exposed-panels/fortinet/fortiauthenticator-detect.yaml +++ b/http/exposed-panels/fortinet/fortiauthenticator-detect.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:fortinet:fortiauthenticator:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: fortinet product: fortiauthenticator shodan-query: http.favicon.hash:-1653412201 + vendor: fortinet + verified: true tags: panel,fortinet,fortiauthenticator,detect http: diff --git a/http/exposed-panels/fortinet/forticlientems-panel.yaml b/http/exposed-panels/fortinet/forticlientems-panel.yaml index 6da792e2d5..50ba953014 100644 --- a/http/exposed-panels/fortinet/forticlientems-panel.yaml +++ b/http/exposed-panels/fortinet/forticlientems-panel.yaml @@ -5,9 +5,9 @@ info: author: h4sh5 severity: info metadata: - verified: true max-request: 1 shodan-query: http.favicon.hash:-800551065 + verified: true tags: panel,fortinet,forticlient,ems,login,detect http: diff --git a/http/exposed-panels/fortinet/fortimail-panel.yaml b/http/exposed-panels/fortinet/fortimail-panel.yaml index ff65119418..974a001ce3 100644 --- a/http/exposed-panels/fortinet/fortimail-panel.yaml +++ b/http/exposed-panels/fortinet/fortimail-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:* metadata: + fofa-query: Fortimail && port=443 max-request: 1 - vendor: fortinet product: fortimail shodan-query: title:"Fortimail" - fofa-query: Fortimail && port=443 + vendor: fortinet tags: panel,fortinet,fortimail,login http: diff --git a/http/exposed-panels/fortinet/fortinet-fortiddos-panel.yaml b/http/exposed-panels/fortinet/fortinet-fortiddos-panel.yaml index 540ceba5a6..e2f2071d91 100644 --- a/http/exposed-panels/fortinet/fortinet-fortiddos-panel.yaml +++ b/http/exposed-panels/fortinet/fortinet-fortiddos-panel.yaml @@ -11,11 +11,11 @@ info: classification: cpe: cpe:2.3:a:fortinet:fortiddos:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: fortinet product: fortiddos shodan-query: http.title:"FortiDDoS" + vendor: fortinet + verified: true tags: panel,fortinet,fortiddos,login http: diff --git a/http/exposed-panels/fortinet/fortinet-fortimanager-panel.yaml b/http/exposed-panels/fortinet/fortinet-fortimanager-panel.yaml index 64e3eb50c3..993d9c3700 100644 --- a/http/exposed-panels/fortinet/fortinet-fortimanager-panel.yaml +++ b/http/exposed-panels/fortinet/fortinet-fortimanager-panel.yaml @@ -14,8 +14,8 @@ info: cpe: cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: fortinet product: fortimanager + vendor: fortinet tags: panel,fortinet,fortios,fortimanager,detect http: diff --git a/http/exposed-panels/fortinet/fortinet-fortinac-panel.yaml b/http/exposed-panels/fortinet/fortinet-fortinac-panel.yaml index 4afe022ae1..22151fe786 100644 --- a/http/exposed-panels/fortinet/fortinet-fortinac-panel.yaml +++ b/http/exposed-panels/fortinet/fortinet-fortinac-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: fortinet product: fortinac shodan-query: http.title:"Fortinac" + vendor: fortinet + verified: true tags: panel,fortinet,fortinac,login http: diff --git a/http/exposed-panels/fortinet/fortinet-panel.yaml b/http/exposed-panels/fortinet/fortinet-panel.yaml index da10e4cb83..1c72c8a177 100644 --- a/http/exposed-panels/fortinet/fortinet-panel.yaml +++ b/http/exposed-panels/fortinet/fortinet-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: http.title:"FORTINET LOGIN" + verified: true tags: panel,fortinet,login,detect http: diff --git a/http/exposed-panels/fortinet/fortios-management-panel.yaml b/http/exposed-panels/fortinet/fortios-management-panel.yaml index 64a2656787..85cd4342a5 100644 --- a/http/exposed-panels/fortinet/fortios-management-panel.yaml +++ b/http/exposed-panels/fortinet/fortios-management-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: fortinet product: fortios shodan-query: http.favicon.hash:945408572 + vendor: fortinet + verified: true tags: panel,fortinet,fortios,fortigate,fortiproxy,fortiap http: diff --git a/http/exposed-panels/fortinet/fortios-panel.yaml b/http/exposed-panels/fortinet/fortios-panel.yaml index a373e833cf..10838001cc 100644 --- a/http/exposed-panels/fortinet/fortios-panel.yaml +++ b/http/exposed-panels/fortinet/fortios-panel.yaml @@ -13,11 +13,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: fortinet product: fortios shodan-query: http.favicon.hash:945408572 + vendor: fortinet + verified: true tags: panel,fortinet,fortios http: diff --git a/http/exposed-panels/fortinet/fortitester-login-panel.yaml b/http/exposed-panels/fortinet/fortitester-login-panel.yaml index 2fa4ab2320..3060079e5b 100644 --- a/http/exposed-panels/fortinet/fortitester-login-panel.yaml +++ b/http/exposed-panels/fortinet/fortitester-login-panel.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:fortinet:fortitester:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: fortinet product: fortitester shodan-query: title:"FortiTester" + vendor: fortinet + verified: true tags: panel,fortinet http: diff --git a/http/exposed-panels/fortinet/fortiweb-panel.yaml b/http/exposed-panels/fortinet/fortiweb-panel.yaml index 2300649187..44d8cbc9a9 100644 --- a/http/exposed-panels/fortinet/fortiweb-panel.yaml +++ b/http/exposed-panels/fortinet/fortiweb-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: fortinet product: fortiweb + vendor: fortinet tags: panel,fortinet,fortiweb,login http: diff --git a/http/exposed-panels/fortinet/fortiwlm-panel.yaml b/http/exposed-panels/fortinet/fortiwlm-panel.yaml index 5b442b34bb..aa4c6ccced 100644 --- a/http/exposed-panels/fortinet/fortiwlm-panel.yaml +++ b/http/exposed-panels/fortinet/fortiwlm-panel.yaml @@ -14,9 +14,9 @@ info: cpe: cpe:2.3:a:fortinet:fortiwlm:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: fortinet product: fortiwlm shodan-query: html:"fortiwlm" + vendor: fortinet tags: panel,fortinet,fortiwlm,login http: diff --git a/http/exposed-panels/freeipa-panel.yaml b/http/exposed-panels/freeipa-panel.yaml index 8f81e00c47..bd950ef518 100644 --- a/http/exposed-panels/freeipa-panel.yaml +++ b/http/exposed-panels/freeipa-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:freeipa:freeipa:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: freeipa product: freeipa shodan-query: html:"FreeIPA" + vendor: freeipa + verified: true tags: panel,login,freeipa http: diff --git a/http/exposed-panels/freepbx-administration-panel.yaml b/http/exposed-panels/freepbx-administration-panel.yaml index 8f66ca68e1..76807a0d96 100644 --- a/http/exposed-panels/freepbx-administration-panel.yaml +++ b/http/exposed-panels/freepbx-administration-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:sangoma:freepbx:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: sangoma product: freepbx shodan-query: http.title:"FreePBX Administration" + vendor: sangoma + verified: true tags: freepbx,panel,sangoma http: diff --git a/http/exposed-panels/friendica-panel.yaml b/http/exposed-panels/friendica-panel.yaml index ace864e75e..cbdcfa3f96 100644 --- a/http/exposed-panels/friendica-panel.yaml +++ b/http/exposed-panels/friendica-panel.yaml @@ -11,11 +11,11 @@ info: classification: cpe: cpe:2.3:a:friendica:friendica:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: friendica product: friendica shodan-query: http.title:"Friendica" + vendor: friendica + verified: true tags: friendica,panel,login,detect http: diff --git a/http/exposed-panels/froxlor-management-panel.yaml b/http/exposed-panels/froxlor-management-panel.yaml index d56570ab31..088c44c214 100644 --- a/http/exposed-panels/froxlor-management-panel.yaml +++ b/http/exposed-panels/froxlor-management-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:froxlor:froxlor:*:*:*:*:gentoo:*:*:* metadata: - verified: true max-request: 1 - vendor: froxlor product: froxlor shodan-query: title:"Froxlor Server Management Panel" + vendor: froxlor + verified: true tags: panel,froxlor http: diff --git a/http/exposed-panels/ftm-manager-panel.yaml b/http/exposed-panels/ftm-manager-panel.yaml index 4d660b7dd5..490375daf9 100644 --- a/http/exposed-panels/ftm-manager-panel.yaml +++ b/http/exposed-panels/ftm-manager-panel.yaml @@ -10,12 +10,12 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:ibm:financial_transaction_manager:*:*:*:*:digital_payments:*:*:* metadata: - verified: true + google-query: intitle:"FTM manager" max-request: 1 - vendor: ibm product: financial_transaction_manager shodan-query: http.html:"FTM manager" - google-query: intitle:"FTM manager" + vendor: ibm + verified: true tags: panel,ftm,ibm http: diff --git a/http/exposed-panels/fuelcms-panel.yaml b/http/exposed-panels/fuelcms-panel.yaml index 01aa0f9574..0120b99663 100644 --- a/http/exposed-panels/fuelcms-panel.yaml +++ b/http/exposed-panels/fuelcms-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:daylightstudio:fuel_cms:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: daylightstudio product: fuel_cms + vendor: daylightstudio tags: panel,fuelcms,oss,daylightstudio http: diff --git a/http/exposed-panels/fuji-xerox-printer-detect.yaml b/http/exposed-panels/fuji-xerox-printer-detect.yaml index 1eed56192c..38f34fb4e2 100644 --- a/http/exposed-panels/fuji-xerox-printer-detect.yaml +++ b/http/exposed-panels/fuji-xerox-printer-detect.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.html:"Fuji Xerox Co., Ltd" + verified: true tags: iot,panel,fuji,printer http: diff --git a/http/exposed-panels/fusionauth-admin-panel.yaml b/http/exposed-panels/fusionauth-admin-panel.yaml index 3671f2d832..e7b985e459 100644 --- a/http/exposed-panels/fusionauth-admin-panel.yaml +++ b/http/exposed-panels/fusionauth-admin-panel.yaml @@ -7,11 +7,11 @@ info: classification: cpe: cpe:2.3:a:fusionauth:fusionauth:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: fusionauth product: fusionauth shodan-query: title:"FusionAuth" + vendor: fusionauth + verified: true tags: panel,fusionauth,detect,login http: diff --git a/http/exposed-panels/gargoyle-router.yaml b/http/exposed-panels/gargoyle-router.yaml index fe8eee3a5f..a584c4547f 100644 --- a/http/exposed-panels/gargoyle-router.yaml +++ b/http/exposed-panels/gargoyle-router.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Gargoyle Router Management Utility" + verified: true tags: panel,iot,gargoyle,router,edb http: diff --git a/http/exposed-panels/geoserver-login-panel.yaml b/http/exposed-panels/geoserver-login-panel.yaml index c4a4a742f0..293f137891 100644 --- a/http/exposed-panels/geoserver-login-panel.yaml +++ b/http/exposed-panels/geoserver-login-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:osgeo:geoserver:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: osgeo product: geoserver shodan-query: title:"GeoServer" + vendor: osgeo + verified: true tags: panel,geoserver,osgeo http: diff --git a/http/exposed-panels/gerapy-detect.yaml b/http/exposed-panels/gerapy-detect.yaml index c1c2a585cf..392426a0d0 100644 --- a/http/exposed-panels/gerapy-detect.yaml +++ b/http/exposed-panels/gerapy-detect.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:gerapy:gerapy:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: gerapy product: gerapy + vendor: gerapy tags: tech,gerapy,panel http: diff --git a/http/exposed-panels/gira-homeserver-homepage.yaml b/http/exposed-panels/gira-homeserver-homepage.yaml index 5620a56b23..27e61c5edf 100644 --- a/http/exposed-panels/gira-homeserver-homepage.yaml +++ b/http/exposed-panels/gira-homeserver-homepage.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Gira HomeServer 4" + verified: true tags: panel,gira http: diff --git a/http/exposed-panels/git-repository-browser.yaml b/http/exposed-panels/git-repository-browser.yaml index c3d9668b43..38bb9e13f5 100644 --- a/http/exposed-panels/git-repository-browser.yaml +++ b/http/exposed-panels/git-repository-browser.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:cgit_project:cgit:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: cgit_project product: cgit shodan-query: http.title:"Git repository browser" + vendor: cgit_project + verified: true tags: panel,git,cgit_project http: diff --git a/http/exposed-panels/gitblit-panel.yaml b/http/exposed-panels/gitblit-panel.yaml index 2082a59af4..151c2f0b24 100644 --- a/http/exposed-panels/gitblit-panel.yaml +++ b/http/exposed-panels/gitblit-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:gitblit:gitblit:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: gitblit product: gitblit shodan-query: http.title:"Gitblit" + vendor: gitblit + verified: true tags: panel,gitblit http: diff --git a/http/exposed-panels/gitea-login.yaml b/http/exposed-panels/gitea-login.yaml index 81324d2fd2..9428b966d2 100644 --- a/http/exposed-panels/gitea-login.yaml +++ b/http/exposed-panels/gitea-login.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:gitea:gitea:*:*:*:*:jenkins:*:*:* metadata: max-request: 1 - vendor: gitea product: gitea shodan-query: html:"Powered by Gitea Version" + vendor: gitea tags: gitea,panel http: diff --git a/http/exposed-panels/github-enterprise-detect.yaml b/http/exposed-panels/github-enterprise-detect.yaml index 18ab18a273..c3f399b194 100644 --- a/http/exposed-panels/github-enterprise-detect.yaml +++ b/http/exposed-panels/github-enterprise-detect.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: github product: enterprise_server shodan-query: title:"Setup GitHub Enterprise" + vendor: github + verified: true tags: panel,github http: diff --git a/http/exposed-panels/gitlab-detect.yaml b/http/exposed-panels/gitlab-detect.yaml index 307b025801..74959bbd29 100644 --- a/http/exposed-panels/gitlab-detect.yaml +++ b/http/exposed-panels/gitlab-detect.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* metadata: max-request: 1 - vendor: gitlab product: gitlab shodan-query: http.title:"GitLab" + vendor: gitlab tags: panel,gitlab http: diff --git a/http/exposed-panels/globalprotect-panel.yaml b/http/exposed-panels/globalprotect-panel.yaml index f6834fd1bb..80607b6305 100644 --- a/http/exposed-panels/globalprotect-panel.yaml +++ b/http/exposed-panels/globalprotect-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:chrome:*:*:* metadata: max-request: 2 - vendor: paloaltonetworks product: globalprotect + vendor: paloaltonetworks tags: panel,panos,globalprotect,paloaltonetworks http: diff --git a/http/exposed-panels/glowroot-panel.yaml b/http/exposed-panels/glowroot-panel.yaml index 9219e8f043..84e7cdac14 100644 --- a/http/exposed-panels/glowroot-panel.yaml +++ b/http/exposed-panels/glowroot-panel.yaml @@ -7,9 +7,9 @@ info: reference: - https://www.facebook.com/photo?fbid=618105097026680&set=a.467014098802448 metadata: - verified: true max-request: 1 shodan-query: title:"Glowroot" + verified: true tags: panel,login,glowroot http: diff --git a/http/exposed-panels/glpi-panel.yaml b/http/exposed-panels/glpi-panel.yaml index a5c66d26cd..83b51c3801 100644 --- a/http/exposed-panels/glpi-panel.yaml +++ b/http/exposed-panels/glpi-panel.yaml @@ -13,11 +13,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 3 - vendor: glpi-project product: glpi shodan-query: http.title:"GLPI" + vendor: glpi-project + verified: true tags: glpi,edb,panel,glpi-project http: diff --git a/http/exposed-panels/gnu-mailman.yaml b/http/exposed-panels/gnu-mailman.yaml index fd7ce5853a..fed3a59f4f 100644 --- a/http/exposed-panels/gnu-mailman.yaml +++ b/http/exposed-panels/gnu-mailman.yaml @@ -11,11 +11,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:gnu:mailman:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: gnu product: mailman shodan-query: title:"Mailing Lists" + vendor: gnu + verified: true tags: exposure,mailman,panel,gnu http: diff --git a/http/exposed-panels/goanywhere-mft-login.yaml b/http/exposed-panels/goanywhere-mft-login.yaml index b4da5ffba1..1cf6e33ca8 100644 --- a/http/exposed-panels/goanywhere-mft-login.yaml +++ b/http/exposed-panels/goanywhere-mft-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: http.html:"GoAnywhere Managed File Transfer" + verified: true tags: panel,goanywhere,login,filetransfer http: diff --git a/http/exposed-panels/gocd-login.yaml b/http/exposed-panels/gocd-login.yaml index 183249acd8..198b90babc 100644 --- a/http/exposed-panels/gocd-login.yaml +++ b/http/exposed-panels/gocd-login.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:thoughtworks:gocd:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: thoughtworks product: gocd shodan-query: html:"GoCD Version" + vendor: thoughtworks tags: go,panel,gocd,thoughtworks http: diff --git a/http/exposed-panels/gocron-panel.yaml b/http/exposed-panels/gocron-panel.yaml index 5b9faeb0dd..5efaadd34e 100644 --- a/http/exposed-panels/gocron-panel.yaml +++ b/http/exposed-panels/gocron-panel.yaml @@ -9,8 +9,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - max-request: 1 fofa-query: app="gocron-定时任务系统" + max-request: 1 tags: gocron,panel http: diff --git a/http/exposed-panels/gogs-panel.yaml b/http/exposed-panels/gogs-panel.yaml index 5f58f64f4d..403505d3a4 100644 --- a/http/exposed-panels/gogs-panel.yaml +++ b/http/exposed-panels/gogs-panel.yaml @@ -12,12 +12,12 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:* metadata: - verified: true + google-query: intitle:"Sign In - Gogs" max-request: 1 - vendor: gogs product: gogs shodan-query: title:"Sign In - Gogs" - google-query: intitle:"Sign In - Gogs" + vendor: gogs + verified: true tags: panel,gogs http: diff --git a/http/exposed-panels/goodjob-dashboard.yaml b/http/exposed-panels/goodjob-dashboard.yaml index 5b09ba466b..25de5981a9 100644 --- a/http/exposed-panels/goodjob-dashboard.yaml +++ b/http/exposed-panels/goodjob-dashboard.yaml @@ -9,8 +9,8 @@ info: reference: - https://github.com/bensheldon/good_job metadata: - verified: true max-request: 2 + verified: true tags: unauth,panel,goodjob http: diff --git a/http/exposed-panels/gotify-panel.yaml b/http/exposed-panels/gotify-panel.yaml index f72fca4437..a8c44e2aca 100644 --- a/http/exposed-panels/gotify-panel.yaml +++ b/http/exposed-panels/gotify-panel.yaml @@ -10,11 +10,11 @@ info: classification: cpe: cpe:2.3:a:gotify:server:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: gotify product: server shodan-query: http.title:"Gotify" + vendor: gotify + verified: true tags: panel,gotify,login,detect http: diff --git a/http/exposed-panels/gradle/gradle-enterprise-panel.yaml b/http/exposed-panels/gradle/gradle-enterprise-panel.yaml index 39bd511370..daf8b22393 100644 --- a/http/exposed-panels/gradle/gradle-enterprise-panel.yaml +++ b/http/exposed-panels/gradle/gradle-enterprise-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:gradle:gradle_enterprise:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: gradle product: gradle_enterprise + vendor: gradle tags: panel,gradle http: diff --git a/http/exposed-panels/grafana-detect.yaml b/http/exposed-panels/grafana-detect.yaml index dcd07b0da2..8b6ce6302a 100644 --- a/http/exposed-panels/grafana-detect.yaml +++ b/http/exposed-panels/grafana-detect.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:* metadata: + category: devops max-request: 2 - vendor: grafana product: grafana shodan-query: title:"Grafana" - category: devops + vendor: grafana tags: panel,grafana,detect http: diff --git a/http/exposed-panels/grails-database-admin-console.yaml b/http/exposed-panels/grails-database-admin-console.yaml index a779d5ba45..49a5fd9567 100644 --- a/http/exposed-panels/grails-database-admin-console.yaml +++ b/http/exposed-panels/grails-database-admin-console.yaml @@ -15,8 +15,8 @@ info: cpe: cpe:2.3:a:grails:grails:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: grails product: grails + vendor: grails tags: grails,panel http: diff --git a/http/exposed-panels/graylog-panel.yaml b/http/exposed-panels/graylog-panel.yaml index 953269d225..c379cf6c1c 100644 --- a/http/exposed-panels/graylog-panel.yaml +++ b/http/exposed-panels/graylog-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://graylog.org/ metadata: - verified: true max-request: 1 shodan-query: http.title:"Graylog Web Interface" + verified: true tags: panel,graylog,login,detect http: diff --git a/http/exposed-panels/greenbone-panel.yaml b/http/exposed-panels/greenbone-panel.yaml index d5a1c403d3..d3ed86ef59 100644 --- a/http/exposed-panels/greenbone-panel.yaml +++ b/http/exposed-panels/greenbone-panel.yaml @@ -9,11 +9,11 @@ info: classification: cpe: cpe:2.3:a:greenbone:greenbone_security_assistant:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: greenbone product: greenbone_security_assistant shodan-query: http.title:"Greenbone Security Assistant" + vendor: greenbone + verified: true zoomeye-query: title:"Greenbone Security Assistant" tags: panel,greenbone,login diff --git a/http/exposed-panels/group-ib-panel.yaml b/http/exposed-panels/group-ib-panel.yaml index c20607adcb..88907a7d51 100644 --- a/http/exposed-panels/group-ib-panel.yaml +++ b/http/exposed-panels/group-ib-panel.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Group-IB Managed XDR" + verified: true tags: panel,groupib http: diff --git a/http/exposed-panels/gyra-master-admin.yaml b/http/exposed-panels/gyra-master-admin.yaml index 74bbd52c27..560af553bf 100644 --- a/http/exposed-panels/gyra-master-admin.yaml +++ b/http/exposed-panels/gyra-master-admin.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Login | GYRA Master Admin" + verified: true tags: panel,master,admin,gyra http: diff --git a/http/exposed-panels/h2console-panel.yaml b/http/exposed-panels/h2console-panel.yaml index c9d0e74bd0..d7293ec0a5 100644 --- a/http/exposed-panels/h2console-panel.yaml +++ b/http/exposed-panels/h2console-panel.yaml @@ -14,9 +14,9 @@ info: cpe: cpe:2.3:a:h2database:h2:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: h2database product: h2 shodan-query: http.title:"H2 Console" + vendor: h2database tags: panel,h2,console,h2database http: diff --git a/http/exposed-panels/hadoop-exposure.yaml b/http/exposed-panels/hadoop-exposure.yaml index 317ba47d7b..11a10ec489 100644 --- a/http/exposed-panels/hadoop-exposure.yaml +++ b/http/exposed-panels/hadoop-exposure.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: apache product: hadoop + vendor: apache tags: panel,apache,hadoop http: diff --git a/http/exposed-panels/haivision-gateway-panel.yaml b/http/exposed-panels/haivision-gateway-panel.yaml index 4113712893..d66f51b2ab 100644 --- a/http/exposed-panels/haivision-gateway-panel.yaml +++ b/http/exposed-panels/haivision-gateway-panel.yaml @@ -8,9 +8,9 @@ info: reference: - https://www.haivision.com/ metadata: - verified: true max-request: 1 shodan-query: http.title:"Haivision Gateway" + verified: true tags: panel,haivision,login,detect http: diff --git a/http/exposed-panels/haivision-media-platform-panel.yaml b/http/exposed-panels/haivision-media-platform-panel.yaml index 81ce258fcb..84496be21e 100644 --- a/http/exposed-panels/haivision-media-platform-panel.yaml +++ b/http/exposed-panels/haivision-media-platform-panel.yaml @@ -8,9 +8,9 @@ info: reference: - https://www.haivision.com/ metadata: - verified: true max-request: 1 shodan-query: http.title:"Haivision Media Platform" + verified: true tags: panel,haivision,login,detect http: diff --git a/http/exposed-panels/hangfire-dashboard.yaml b/http/exposed-panels/hangfire-dashboard.yaml index f4186c3765..638d0d263a 100644 --- a/http/exposed-panels/hangfire-dashboard.yaml +++ b/http/exposed-panels/hangfire-dashboard.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:hangfire:hangfire:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: hangfire product: hangfire shodan-query: title:"Overview – Hangfire Dashboard" + vendor: hangfire + verified: true tags: panel,hangfire http: diff --git a/http/exposed-panels/harbor-panel.yaml b/http/exposed-panels/harbor-panel.yaml index b42dbbeede..7032e8eda7 100644 --- a/http/exposed-panels/harbor-panel.yaml +++ b/http/exposed-panels/harbor-panel.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:linuxfoundation:harbor:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: linuxfoundation product: harbor shodan-query: http.favicon.hash:657337228 + vendor: linuxfoundation + verified: true tags: panel,harbor,linuxfoundation http: diff --git a/http/exposed-panels/hashicorp-consul-agent.yaml b/http/exposed-panels/hashicorp-consul-agent.yaml index e64a5af4ca..67ace0f535 100644 --- a/http/exposed-panels/hashicorp-consul-agent.yaml +++ b/http/exposed-panels/hashicorp-consul-agent.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:hashicorp:consul:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: hashicorp product: consul + vendor: hashicorp tags: tech,consul,api,panel,hashicorp http: diff --git a/http/exposed-panels/hashicorp-consul-webgui.yaml b/http/exposed-panels/hashicorp-consul-webgui.yaml index dca166df37..8ec7e31d62 100644 --- a/http/exposed-panels/hashicorp-consul-webgui.yaml +++ b/http/exposed-panels/hashicorp-consul-webgui.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:hashicorp:consul:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: hashicorp product: consul shodan-query: http.title:"Consul by HashiCorp" + vendor: hashicorp tags: consul,webserver,panel,hashicorp http: diff --git a/http/exposed-panels/hestia-panel.yaml b/http/exposed-panels/hestia-panel.yaml index d2ff2958d1..e175750dee 100644 --- a/http/exposed-panels/hestia-panel.yaml +++ b/http/exposed-panels/hestia-panel.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:hestiacp:control_panel:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: hestiacp product: control_panel shodan-query: title:"Hestia Control Panel" + vendor: hestiacp + verified: true tags: panel,hestia,detect,hestiacp http: diff --git a/http/exposed-panels/highmail-admin-panel.yaml b/http/exposed-panels/highmail-admin-panel.yaml index 39200740e6..7339331159 100644 --- a/http/exposed-panels/highmail-admin-panel.yaml +++ b/http/exposed-panels/highmail-admin-panel.yaml @@ -9,12 +9,12 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true + fofa-query: title="HighMail" max-request: 2 - vendor: aryanic product: high_cms shodan-query: title:"HighMail" - fofa-query: title="HighMail" + vendor: aryanic + verified: true tags: highmail,panel,aryanic http: diff --git a/http/exposed-panels/hivemanager-login-panel.yaml b/http/exposed-panels/hivemanager-login-panel.yaml index a7768cb9ee..f499040a7b 100644 --- a/http/exposed-panels/hivemanager-login-panel.yaml +++ b/http/exposed-panels/hivemanager-login-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.favicon.hash:1604363273 + verified: true tags: panel,hivemanager,aerohive http: diff --git a/http/exposed-panels/hmc-hybris-panel.yaml b/http/exposed-panels/hmc-hybris-panel.yaml index 409399568f..55a61328fc 100644 --- a/http/exposed-panels/hmc-hybris-panel.yaml +++ b/http/exposed-panels/hmc-hybris-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:sap:hybris:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: sap product: hybris + vendor: sap tags: panel,sap http: diff --git a/http/exposed-panels/home-assistant-panel.yaml b/http/exposed-panels/home-assistant-panel.yaml index bf3ba86c32..918fe8826e 100644 --- a/http/exposed-panels/home-assistant-panel.yaml +++ b/http/exposed-panels/home-assistant-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"Home Assistant" + verified: true tags: panel,iot,homeassistant http: diff --git a/http/exposed-panels/homebridge-panel.yaml b/http/exposed-panels/homebridge-panel.yaml index 33d2b5a2d2..436b05a6e9 100644 --- a/http/exposed-panels/homebridge-panel.yaml +++ b/http/exposed-panels/homebridge-panel.yaml @@ -10,9 +10,9 @@ info: - https://homebridge.io/ - https://github.com/homebridge metadata: - verified: true max-request: 1 shodan-query: title:"Homebridge" + verified: true tags: panel,homebridge,detect http: diff --git a/http/exposed-panels/homematic-panel.yaml b/http/exposed-panels/homematic-panel.yaml index c9c57a1b4c..f22258f2ff 100644 --- a/http/exposed-panels/homematic-panel.yaml +++ b/http/exposed-panels/homematic-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:o:eq-3:homematic_ccu3_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: eq-3 product: homematic_ccu3_firmware shodan-query: http.html:"Homematic" + vendor: eq-3 tags: panel,homematic,iot,eq-3 http: diff --git a/http/exposed-panels/homer-panel.yaml b/http/exposed-panels/homer-panel.yaml index fa28452b08..6f52a2f2c2 100644 --- a/http/exposed-panels/homer-panel.yaml +++ b/http/exposed-panels/homer-panel.yaml @@ -10,9 +10,9 @@ info: - https://github.com/bastienwirtz/homer - https://homer-demo.netlify.app/ metadata: - verified: true max-request: 1 shodan-query: http.favicon.hash:-417785140 + verified: true tags: panel,homer,detect,login http: diff --git a/http/exposed-panels/honeywell-xl-web-controller.yaml b/http/exposed-panels/honeywell-xl-web-controller.yaml index a8479afea4..6c8502736e 100644 --- a/http/exposed-panels/honeywell-xl-web-controller.yaml +++ b/http/exposed-panels/honeywell-xl-web-controller.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Honeywell XL Web Controller" + verified: true tags: panel,honeywell,edb http: diff --git a/http/exposed-panels/horde-login-panel.yaml b/http/exposed-panels/horde-login-panel.yaml index 57b8e41b17..90710f29b8 100644 --- a/http/exposed-panels/horde-login-panel.yaml +++ b/http/exposed-panels/horde-login-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: http.favicon.hash:-741491222 + verified: true tags: horde,panel http: diff --git a/http/exposed-panels/horde-webmail-login.yaml b/http/exposed-panels/horde-webmail-login.yaml index 853a9a7b2c..ada60681b0 100644 --- a/http/exposed-panels/horde-webmail-login.yaml +++ b/http/exposed-panels/horde-webmail-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: http.favicon.hash:2104916232 + verified: true tags: horde,webmail,panel http: diff --git a/http/exposed-panels/hospital-management-panel.yaml b/http/exposed-panels/hospital-management-panel.yaml index 6396f87d27..b11d86c86d 100644 --- a/http/exposed-panels/hospital-management-panel.yaml +++ b/http/exposed-panels/hospital-management-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:hospital_management_system_project:hospital_management_system:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: hospital_management_system_project product: hospital_management_system shodan-query: http.html:"Hospital Management System" + vendor: hospital_management_system_project + verified: true tags: panel,hms,cms,hospital_management_system_project http: diff --git a/http/exposed-panels/hp-ilo-5.yaml b/http/exposed-panels/hp-ilo-5.yaml index cafaf9b473..c14ff4693c 100644 --- a/http/exposed-panels/hp-ilo-5.yaml +++ b/http/exposed-panels/hp-ilo-5.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:h:hpe:integrated_lights-out_5:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: hpe product: integrated_lights-out_5 + vendor: hpe tags: hp,ilo,panel,hpe http: diff --git a/http/exposed-panels/hp-service-manager.yaml b/http/exposed-panels/hp-service-manager.yaml index 74dcb8b92f..79a93c2f95 100644 --- a/http/exposed-panels/hp-service-manager.yaml +++ b/http/exposed-panels/hp-service-manager.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:hp:service_manager:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: hp product: service_manager shodan-query: http.title:"HP Service Manager" + vendor: hp tags: panel,hp,service http: diff --git a/http/exposed-panels/hybris-administration-console.yaml b/http/exposed-panels/hybris-administration-console.yaml index 93e79c753d..f1d5fe80fc 100644 --- a/http/exposed-panels/hybris-administration-console.yaml +++ b/http/exposed-panels/hybris-administration-console.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:sap:hybris:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: sap product: hybris shodan-query: title:"Hybris" + vendor: sap + verified: true tags: panel,hybris,sap http: diff --git a/http/exposed-panels/hydra-dashboard.yaml b/http/exposed-panels/hydra-dashboard.yaml index c12b01a093..3bd3390591 100644 --- a/http/exposed-panels/hydra-dashboard.yaml +++ b/http/exposed-panels/hydra-dashboard.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:hydra_project:hydra:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: hydra_project product: hydra shodan-query: title:"Hydra Router Dashboard" + vendor: hydra_project + verified: true tags: panel,exposure,hydra,hydra_project http: diff --git a/http/exposed-panels/hypertest-dashboard.yaml b/http/exposed-panels/hypertest-dashboard.yaml index 8be49d0851..a3347248a1 100644 --- a/http/exposed-panels/hypertest-dashboard.yaml +++ b/http/exposed-panels/hypertest-dashboard.yaml @@ -12,9 +12,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"HyperTest" + verified: true tags: panel,exposure,hypertest http: diff --git a/http/exposed-panels/i-mscp-panel.yaml b/http/exposed-panels/i-mscp-panel.yaml index b3449ca29f..4a876cbdb8 100644 --- a/http/exposed-panels/i-mscp-panel.yaml +++ b/http/exposed-panels/i-mscp-panel.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"i-MSCP - Multi Server Control Panel" + verified: true tags: panel,i-mscp,detect http: diff --git a/http/exposed-panels/ibm-openadmin-panel.yaml b/http/exposed-panels/ibm-openadmin-panel.yaml index 2e71dd8946..7f69841051 100644 --- a/http/exposed-panels/ibm-openadmin-panel.yaml +++ b/http/exposed-panels/ibm-openadmin-panel.yaml @@ -5,9 +5,9 @@ info: author: DhiyaneshDK severity: info metadata: - verified: "true" max-request: 1 shodan-query: http.favicon.hash:965982073 + verified: "true" tags: openadmin,login,panel http: diff --git a/http/exposed-panels/ibm/ibm-dcec-panel.yaml b/http/exposed-panels/ibm/ibm-dcec-panel.yaml index 959675e44b..96828144b3 100644 --- a/http/exposed-panels/ibm/ibm-dcec-panel.yaml +++ b/http/exposed-panels/ibm/ibm-dcec-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.ibm.com/docs/en/odm/8.5.1?topic=console-tutorial-getting-started-decision-center-enterprise metadata: - verified: true max-request: 1 shodan-query: html:"Decision Center Enterprise console" + verified: true tags: panel,ibm,login,detect,decision-center http: diff --git a/http/exposed-panels/ibm/ibm-decision-server-console.yaml b/http/exposed-panels/ibm/ibm-decision-server-console.yaml index e9d078e1d4..33817f5e93 100644 --- a/http/exposed-panels/ibm/ibm-decision-server-console.yaml +++ b/http/exposed-panels/ibm/ibm-decision-server-console.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.ibm.com/docs/en/odm/8.12.0?topic=overview-introducing-rule-execution-server metadata: - verified: true max-request: 1 shodan-query: title:"Rule Execution Server" + verified: true tags: panel,ibm,login,detect,decision-server http: diff --git a/http/exposed-panels/ibm/ibm-maximo-login.yaml b/http/exposed-panels/ibm/ibm-maximo-login.yaml index 9fabdef9d0..177f699210 100644 --- a/http/exposed-panels/ibm/ibm-maximo-login.yaml +++ b/http/exposed-panels/ibm/ibm-maximo-login.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:ibm:maximo_asset_management:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: ibm product: maximo_asset_management shodan-query: http.favicon.hash:-399298961 + vendor: ibm + verified: true tags: maximo,panel,ibm http: diff --git a/http/exposed-panels/ibm/ibm-mqseries-web-console.yaml b/http/exposed-panels/ibm/ibm-mqseries-web-console.yaml index b041159502..e64a34a971 100644 --- a/http/exposed-panels/ibm/ibm-mqseries-web-console.yaml +++ b/http/exposed-panels/ibm/ibm-mqseries-web-console.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:ibm:mq:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: ibm product: mq + vendor: ibm tags: panel,ibm http: diff --git a/http/exposed-panels/ibm/ibm-note-login.yaml b/http/exposed-panels/ibm/ibm-note-login.yaml index ba34bbf349..c083983300 100644 --- a/http/exposed-panels/ibm/ibm-note-login.yaml +++ b/http/exposed-panels/ibm/ibm-note-login.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:ibm:inotes:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: ibm product: inotes + vendor: ibm tags: ibm,edb,panel http: diff --git a/http/exposed-panels/ibm/ibm-odm-panel.yaml b/http/exposed-panels/ibm/ibm-odm-panel.yaml index 9ba7feee8d..117df78337 100644 --- a/http/exposed-panels/ibm/ibm-odm-panel.yaml +++ b/http/exposed-panels/ibm/ibm-odm-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.ibm.com/docs/en/odm/8.12.0 metadata: - verified: true - max-request: 1 fofa-query: title="Decision Center | Business Console" + max-request: 1 + verified: true tags: panel,ibm,login,detect,decision-center http: diff --git a/http/exposed-panels/ibm/ibm-security-access-manager.yaml b/http/exposed-panels/ibm/ibm-security-access-manager.yaml index b4b94a9bf6..c751cbec14 100644 --- a/http/exposed-panels/ibm/ibm-security-access-manager.yaml +++ b/http/exposed-panels/ibm/ibm-security-access-manager.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:ibm:security_access_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: ibm product: security_access_manager + vendor: ibm tags: panel,ibm http: diff --git a/http/exposed-panels/ibm/ibm-websphere-admin-panel.yaml b/http/exposed-panels/ibm/ibm-websphere-admin-panel.yaml index d8137094ed..5bc5d81de3 100644 --- a/http/exposed-panels/ibm/ibm-websphere-admin-panel.yaml +++ b/http/exposed-panels/ibm/ibm-websphere-admin-panel.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:z\/os:*:*:* metadata: - verified: true max-request: 1 - vendor: ibm product: websphere_application_server shodan-query: http.favicon.hash:1337147129 + vendor: ibm + verified: true tags: websphere,panel,ibm http: diff --git a/http/exposed-panels/ibm/ibm-websphere-panel.yaml b/http/exposed-panels/ibm/ibm-websphere-panel.yaml index dee5c670f4..0d6156006b 100644 --- a/http/exposed-panels/ibm/ibm-websphere-panel.yaml +++ b/http/exposed-panels/ibm/ibm-websphere-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:ibm:websphere_portal:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: ibm product: websphere_portal shodan-query: http.html:"IBM WebSphere Portal" + vendor: ibm tags: ibm,websphere,panel http: diff --git a/http/exposed-panels/icc-pro-login.yaml b/http/exposed-panels/icc-pro-login.yaml index c4db2e584e..77c85504cc 100644 --- a/http/exposed-panels/icc-pro-login.yaml +++ b/http/exposed-panels/icc-pro-login.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Login to ICC PRO system" + verified: true tags: panel,icc-pro,edb http: diff --git a/http/exposed-panels/icewarp-panel-detect.yaml b/http/exposed-panels/icewarp-panel-detect.yaml index c71d753a4d..ed973c706f 100644 --- a/http/exposed-panels/icewarp-panel-detect.yaml +++ b/http/exposed-panels/icewarp-panel-detect.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:icewarp:icewarp_server:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: icewarp product: icewarp_server shodan-query: title:"icewarp" + vendor: icewarp + verified: true tags: icewarp,panel http: diff --git a/http/exposed-panels/icinga-web-login.yaml b/http/exposed-panels/icinga-web-login.yaml index bc08c5d52f..0f66a0a299 100644 --- a/http/exposed-panels/icinga-web-login.yaml +++ b/http/exposed-panels/icinga-web-login.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:icinga:icinga_web_2:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: icinga product: icinga_web_2 shodan-query: http.title:"Icinga Web 2 Login" + vendor: icinga tags: panel,icinga http: diff --git a/http/exposed-panels/iclock-admin-panel.yaml b/http/exposed-panels/iclock-admin-panel.yaml index 7dbc42947c..a2a177d802 100644 --- a/http/exposed-panels/iclock-admin-panel.yaml +++ b/http/exposed-panels/iclock-admin-panel.yaml @@ -8,9 +8,9 @@ info: classification: cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: html:"iClock Automatic" + verified: true tags: panel,iclock,login,admin http: diff --git a/http/exposed-panels/ictprotege-login-panel.yaml b/http/exposed-panels/ictprotege-login-panel.yaml index 0a4afed702..e511dfea5b 100644 --- a/http/exposed-panels/ictprotege-login-panel.yaml +++ b/http/exposed-panels/ictprotege-login-panel.yaml @@ -9,11 +9,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:o:ict:protege_wx_firmware:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: ict product: protege_wx_firmware shodan-query: title:"ICT Protege WX®" + vendor: ict + verified: true tags: panel,ictprotege,ict http: diff --git a/http/exposed-panels/identity-services-engine.yaml b/http/exposed-panels/identity-services-engine.yaml index 5f5418069f..7515087915 100644 --- a/http/exposed-panels/identity-services-engine.yaml +++ b/http/exposed-panels/identity-services-engine.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: cisco product: identity_services_engine shodan-query: http.title:"Identity Services Engine" + vendor: cisco tags: panel,cisco http: diff --git a/http/exposed-panels/ilch-admin-panel.yaml b/http/exposed-panels/ilch-admin-panel.yaml index 7b98a8b480..6d14559f55 100644 --- a/http/exposed-panels/ilch-admin-panel.yaml +++ b/http/exposed-panels/ilch-admin-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:ilch:cms:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: ilch product: cms shodan-query: http.title:"Ilch" + vendor: ilch + verified: true tags: panel,ilch,cms http: diff --git a/http/exposed-panels/ilias-panel.yaml b/http/exposed-panels/ilias-panel.yaml index ba0bacba0c..279a62451a 100644 --- a/http/exposed-panels/ilias-panel.yaml +++ b/http/exposed-panels/ilias-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:ilias:ilias:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: ilias product: ilias shodan-query: http.html:"ILIAS" + vendor: ilias + verified: true tags: panel,ilias http: diff --git a/http/exposed-panels/immich-panel.yaml b/http/exposed-panels/immich-panel.yaml index c20599872b..d45707b487 100644 --- a/http/exposed-panels/immich-panel.yaml +++ b/http/exposed-panels/immich-panel.yaml @@ -10,9 +10,9 @@ info: - https://immich.app/ - https://github.com/immich-app/immich metadata: - verified: true max-request: 1 shodan-query: http.favicon.hash:-43504595 + verified: true tags: panel,immich,detect http: diff --git a/http/exposed-panels/incapptic-connect-panel.yaml b/http/exposed-panels/incapptic-connect-panel.yaml index d5594098a5..9aceccc8f0 100644 --- a/http/exposed-panels/incapptic-connect-panel.yaml +++ b/http/exposed-panels/incapptic-connect-panel.yaml @@ -13,11 +13,11 @@ info: cpe: cpe:2.3:a:ivanti:incapptic_connect:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: ivanti product: incapptic_connect shodan-query: - http.title:"incapptic" - http.favicon.hash:-1067582922 + vendor: ivanti tags: panel,ivanti,incapptic-connect http: diff --git a/http/exposed-panels/influxdb-panel.yaml b/http/exposed-panels/influxdb-panel.yaml index ea0e461101..d80a7113fe 100644 --- a/http/exposed-panels/influxdb-panel.yaml +++ b/http/exposed-panels/influxdb-panel.yaml @@ -13,9 +13,9 @@ info: cpe: cpe:2.3:a:influxdata:influxdb:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: influxdata product: influxdb shodan-query: http.title:"InfluxDB - Admin Interface" + vendor: influxdata tags: panel,influxdb,influxdata http: diff --git a/http/exposed-panels/intelbras-login.yaml b/http/exposed-panels/intelbras-login.yaml index 91bb5b9671..414f0b785f 100644 --- a/http/exposed-panels/intelbras-login.yaml +++ b/http/exposed-panels/intelbras-login.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + google-query: intitle:"Intelbras" "All Rights Reserved" -.com max-request: 1 shodan-query: http.title:"Intelbras" - google-query: intitle:"Intelbras" "All Rights Reserved" -.com tags: panel,edb http: diff --git a/http/exposed-panels/intelbras-panel.yaml b/http/exposed-panels/intelbras-panel.yaml index 53d2d0201c..40b7816458 100644 --- a/http/exposed-panels/intelbras-panel.yaml +++ b/http/exposed-panels/intelbras-panel.yaml @@ -10,12 +10,12 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:o:intelbras:cip_92200_firmware:*:*:*:*:*:*:*:* metadata: - verified: true + fofa-query: app="Intelbras" max-request: 1 - vendor: intelbras product: cip_92200_firmware shodan-query: http.title:"Intelbras" - fofa-query: app="Intelbras" + vendor: intelbras + verified: true tags: panel,intelbras http: diff --git a/http/exposed-panels/intellian-aptus-panel.yaml b/http/exposed-panels/intellian-aptus-panel.yaml index eaaf85f0f6..9aad1b4290 100644 --- a/http/exposed-panels/intellian-aptus-panel.yaml +++ b/http/exposed-panels/intellian-aptus-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:intelliantech:aptus_web:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: intelliantech product: aptus_web shodan-query: http.title:"Intellian Aptus Web" + vendor: intelliantech tags: panel,intellian,aptus,intelliantech http: diff --git a/http/exposed-panels/interactsoftware-interact.yaml b/http/exposed-panels/interactsoftware-interact.yaml index 40075e0d5c..74bdb6aa8c 100644 --- a/http/exposed-panels/interactsoftware-interact.yaml +++ b/http/exposed-panels/interactsoftware-interact.yaml @@ -8,8 +8,8 @@ info: reference: - https://www.interactsoftware.com metadata: - verified: true max-request: 1 + verified: true tags: panel,interactsoftware,interact,detect http: diff --git a/http/exposed-panels/ipdiva-mediation-panel.yaml b/http/exposed-panels/ipdiva-mediation-panel.yaml index e636f39621..e5720f2222 100644 --- a/http/exposed-panels/ipdiva-mediation-panel.yaml +++ b/http/exposed-panels/ipdiva-mediation-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 3 shodan-query: http.html:"IPdiva" + verified: true tags: panel,ipdiva,mediation http: diff --git a/http/exposed-panels/isams-panel.yaml b/http/exposed-panels/isams-panel.yaml index 7837a02406..66d0ec9459 100644 --- a/http/exposed-panels/isams-panel.yaml +++ b/http/exposed-panels/isams-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.isams.com/platform/the-platform metadata: - verified: true max-request: 1 shodan-query: http.favicon.hash:-81573405 + verified: true tags: panel,isams,login http: diff --git a/http/exposed-panels/issabel-login.yaml b/http/exposed-panels/issabel-login.yaml index d4936e2ca1..0d43d96a38 100644 --- a/http/exposed-panels/issabel-login.yaml +++ b/http/exposed-panels/issabel-login.yaml @@ -9,8 +9,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - max-request: 1 fofa-query: title="Issabel" + max-request: 1 tags: issabel,panel http: diff --git a/http/exposed-panels/itop-panel.yaml b/http/exposed-panels/itop-panel.yaml index ee42fe7ea1..e6a684bafc 100644 --- a/http/exposed-panels/itop-panel.yaml +++ b/http/exposed-panels/itop-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: combodo product: itop + vendor: combodo tags: panel,itop,combodo http: diff --git a/http/exposed-panels/ivanti-connect-secure-panel.yaml b/http/exposed-panels/ivanti-connect-secure-panel.yaml index 8198643932..6c9690d6e6 100644 --- a/http/exposed-panels/ivanti-connect-secure-panel.yaml +++ b/http/exposed-panels/ivanti-connect-secure-panel.yaml @@ -11,11 +11,11 @@ info: classification: cpe: cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: ivanti product: connect_secure shodan-query: title:"Ivanti Connect Secure" + vendor: ivanti + verified: true tags: panel,connectsecure,login,ivanti http: diff --git a/http/exposed-panels/ixcache-panel.yaml b/http/exposed-panels/ixcache-panel.yaml index 15a3d347c1..00d153a95e 100644 --- a/http/exposed-panels/ixcache-panel.yaml +++ b/http/exposed-panels/ixcache-panel.yaml @@ -11,8 +11,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - max-request: 1 fofa-query: app="iXCache" + max-request: 1 tags: ixcache,panel http: diff --git a/http/exposed-panels/jamf-login.yaml b/http/exposed-panels/jamf-login.yaml index ff7b181a4b..f5b1aadfcb 100644 --- a/http/exposed-panels/jamf-login.yaml +++ b/http/exposed-panels/jamf-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Jamf Pro" + verified: true tags: panel,jamf http: diff --git a/http/exposed-panels/jamf-setup-assistant.yaml b/http/exposed-panels/jamf-setup-assistant.yaml index fe6b25f3cf..af8e1bacbe 100644 --- a/http/exposed-panels/jamf-setup-assistant.yaml +++ b/http/exposed-panels/jamf-setup-assistant.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.html:"Jamf Pro Setup" + verified: true tags: jamf,setup,panel http: diff --git a/http/exposed-panels/jaspersoft-panel.yaml b/http/exposed-panels/jaspersoft-panel.yaml index 1b857bedff..e0cf31ab64 100644 --- a/http/exposed-panels/jaspersoft-panel.yaml +++ b/http/exposed-panels/jaspersoft-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:tibco:jaspersoft:*:*:*:*:aws_with_multi-tenancy:*:*:* metadata: max-request: 2 - vendor: tibco product: jaspersoft shodan-query: http.title:"Jaspersoft" + vendor: tibco tags: panel,jaspersoft,tibco http: diff --git a/http/exposed-panels/jboss/jboss-jbpm-admin.yaml b/http/exposed-panels/jboss/jboss-jbpm-admin.yaml index 5c8e419848..fd09285f8a 100644 --- a/http/exposed-panels/jboss/jboss-jbpm-admin.yaml +++ b/http/exposed-panels/jboss/jboss-jbpm-admin.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:redhat:jbpm:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: redhat product: jbpm shodan-query: html:"JBossWS" + vendor: redhat + verified: true tags: jboss,panel,login,redhat http: diff --git a/http/exposed-panels/jboss/jboss-juddi.yaml b/http/exposed-panels/jboss/jboss-juddi.yaml index bd387a91c9..236e48f9eb 100644 --- a/http/exposed-panels/jboss/jboss-juddi.yaml +++ b/http/exposed-panels/jboss/jboss-juddi.yaml @@ -6,19 +6,19 @@ info: severity: info description: | The jUDDI (Java Universal Description, Discovery and Integration) Registry is a core component of the JBoss Enterprise SOA Platform. It is the product's default service registry and comes included as part of the product. In it are stored the addresses (end-point references) of all the services connected to the Enterprise Service Bus. It was implemented in JAXR and conforms to the UDDI specifications. - remediation: Restrict access to the service if not needed. reference: - https://github.com/ilmila/J2EEScan/blob/master/src/main/java/burp/j2ee/issues/impl/JBossJuddi.java + remediation: Restrict access to the service if not needed. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 cpe: cpe:2.3:a:redhat:jboss_enterprise_web_platform:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: redhat product: jboss_enterprise_web_platform shodan-query: html:"JBoss WS" + vendor: redhat + verified: true tags: panel,jboss,juddi,redhat http: diff --git a/http/exposed-panels/jboss/jboss-soa-platform.yaml b/http/exposed-panels/jboss/jboss-soa-platform.yaml index 4b0c41e79e..ff7e92a740 100644 --- a/http/exposed-panels/jboss/jboss-soa-platform.yaml +++ b/http/exposed-panels/jboss/jboss-soa-platform.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:redhat:jboss_soa_platform:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: redhat product: jboss_soa_platform shodan-query: http.title:"Welcome to the JBoss SOA Platform" + vendor: redhat + verified: true tags: panel,jboss,soa,redhat http: diff --git a/http/exposed-panels/jboss/jmx-console.yaml b/http/exposed-panels/jboss/jmx-console.yaml index 59601aa576..bc12927cd8 100644 --- a/http/exposed-panels/jboss/jmx-console.yaml +++ b/http/exposed-panels/jboss/jmx-console.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:redhat:jboss_keycloak:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: redhat product: jboss_keycloak + vendor: redhat tags: panel,jmx,jboss,redhat http: diff --git a/http/exposed-panels/jboss/wildfly-panel.yaml b/http/exposed-panels/jboss/wildfly-panel.yaml index db5d986c66..504744f093 100644 --- a/http/exposed-panels/jboss/wildfly-panel.yaml +++ b/http/exposed-panels/jboss/wildfly-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:redhat:wildfly:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: redhat product: wildfly + vendor: redhat tags: panel,jboss,wildfly,redhat http: diff --git a/http/exposed-panels/jcms-panel.yaml b/http/exposed-panels/jcms-panel.yaml index b516fd124c..6e4d3d8c79 100644 --- a/http/exposed-panels/jcms-panel.yaml +++ b/http/exposed-panels/jcms-panel.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:jalios:jcms:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: jalios product: jcms shodan-query: html:"Jalios JCMS" + vendor: jalios + verified: true tags: panel,jalios,jcms http: diff --git a/http/exposed-panels/jedox-web-panel.yaml b/http/exposed-panels/jedox-web-panel.yaml index e10eddb523..2253762d0e 100644 --- a/http/exposed-panels/jedox-web-panel.yaml +++ b/http/exposed-panels/jedox-web-panel.yaml @@ -11,12 +11,12 @@ info: classification: cpe: cpe:2.3:a:jedox:jedox:*:*:*:*:*:*:*:* metadata: - verified: true + google-query: intitle:"Jedox Web Login" max-request: 2 - vendor: jedox product: jedox shodan-query: title:"Jedox Web - Login" - google-query: intitle:"Jedox Web Login" + vendor: jedox + verified: true tags: panel,jedox,detect http: diff --git a/http/exposed-panels/jeedom-panel.yaml b/http/exposed-panels/jeedom-panel.yaml index ac16c73f18..3559df12db 100644 --- a/http/exposed-panels/jeedom-panel.yaml +++ b/http/exposed-panels/jeedom-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:jeedom:jeedom:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: jeedom product: jeedom shodan-query: http.title:"Jeedom" + vendor: jeedom tags: panel,jeedom,login http: diff --git a/http/exposed-panels/jellyseerr-login-panel.yaml b/http/exposed-panels/jellyseerr-login-panel.yaml index 9faacd5d31..be7e9325bf 100644 --- a/http/exposed-panels/jellyseerr-login-panel.yaml +++ b/http/exposed-panels/jellyseerr-login-panel.yaml @@ -7,9 +7,9 @@ info: reference: - https://github.com/Fallenbagel/jellyseerr metadata: - verified: true max-request: 2 shodan-query: http.favicon.hash:-2017604252 + verified: true tags: panel,jellyseerr,detect http: diff --git a/http/exposed-panels/jenkins-api-panel.yaml b/http/exposed-panels/jenkins-api-panel.yaml index 8e6d47836d..5dcd1de78f 100644 --- a/http/exposed-panels/jenkins-api-panel.yaml +++ b/http/exposed-panels/jenkins-api-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: jenkins product: jenkins + vendor: jenkins tags: panel,api,jenkins http: diff --git a/http/exposed-panels/jenkins-login.yaml b/http/exposed-panels/jenkins-login.yaml index 9c51c6b2df..0ea29f7978 100644 --- a/http/exposed-panels/jenkins-login.yaml +++ b/http/exposed-panels/jenkins-login.yaml @@ -5,16 +5,16 @@ info: author: pdteam severity: info description: Jenkins is an open source automation server. - remediation: Ensure proper access. reference: - https://www.jenkins.io/doc/book/security/ + remediation: Ensure proper access. classification: cwe-id: CWE-200 cpe: cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: jenkins product: jenkins + vendor: jenkins tags: panel,jenkins http: diff --git a/http/exposed-panels/joomla-panel.yaml b/http/exposed-panels/joomla-panel.yaml index 46b32b86bd..8b348589bc 100644 --- a/http/exposed-panels/joomla-panel.yaml +++ b/http/exposed-panels/joomla-panel.yaml @@ -8,8 +8,8 @@ info: cpe: cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: joomla product: joomla\! + vendor: joomla tags: panel,joomla http: diff --git a/http/exposed-panels/jorani-panel.yaml b/http/exposed-panels/jorani-panel.yaml index 02e66387ff..51e3b81b5b 100644 --- a/http/exposed-panels/jorani-panel.yaml +++ b/http/exposed-panels/jorani-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: html:"Login - Jorani" + verified: true tags: panel,jorani,login http: diff --git a/http/exposed-panels/jsherp-boot-panel.yaml b/http/exposed-panels/jsherp-boot-panel.yaml index 70d678ccab..b63038f32b 100644 --- a/http/exposed-panels/jsherp-boot-panel.yaml +++ b/http/exposed-panels/jsherp-boot-panel.yaml @@ -5,9 +5,9 @@ info: author: DhiyaneshDk severity: info metadata: - verified: true max-request: 1 shodan-query: http.favicon.hash:-1298131932 + verified: true tags: panel,jsherp,login,detect http: diff --git a/http/exposed-panels/jumpserver-panel.yaml b/http/exposed-panels/jumpserver-panel.yaml index 84e8d8bd26..94e58f7239 100644 --- a/http/exposed-panels/jumpserver-panel.yaml +++ b/http/exposed-panels/jumpserver-panel.yaml @@ -12,9 +12,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:'JumpServer' + verified: true zoomeye-query: title:'JumpServer' tags: panel,jumpserver diff --git a/http/exposed-panels/juniper-panel.yaml b/http/exposed-panels/juniper-panel.yaml index 1bd9ddfa79..874135d346 100644 --- a/http/exposed-panels/juniper-panel.yaml +++ b/http/exposed-panels/juniper-panel.yaml @@ -12,9 +12,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"Juniper Web Device Manager" + verified: true tags: panel,juniper,vpn,login http: diff --git a/http/exposed-panels/kafka-center-login.yaml b/http/exposed-panels/kafka-center-login.yaml index 5f1c75c746..d329aac6c3 100644 --- a/http/exposed-panels/kafka-center-login.yaml +++ b/http/exposed-panels/kafka-center-login.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:apache:kafka:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: apache product: kafka shodan-query: http.title:"Kafka Center" + vendor: apache tags: panel,kafka,apache http: diff --git a/http/exposed-panels/kafka-consumer-monitor.yaml b/http/exposed-panels/kafka-consumer-monitor.yaml index 33680e0a18..84989f2823 100644 --- a/http/exposed-panels/kafka-consumer-monitor.yaml +++ b/http/exposed-panels/kafka-consumer-monitor.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:apache:kafka:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: apache product: kafka shodan-query: http.title:"Kafka Consumer Offset Monitor" + vendor: apache tags: panel,kafka,apache http: diff --git a/http/exposed-panels/kafka-monitoring.yaml b/http/exposed-panels/kafka-monitoring.yaml index bcef85c932..a718eb2282 100644 --- a/http/exposed-panels/kafka-monitoring.yaml +++ b/http/exposed-panels/kafka-monitoring.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:apache:kafka:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: apache product: kafka + vendor: apache tags: panel,kafka,apache http: diff --git a/http/exposed-panels/kafka-topics-ui.yaml b/http/exposed-panels/kafka-topics-ui.yaml index d66f120ca8..ee3176e197 100644 --- a/http/exposed-panels/kafka-topics-ui.yaml +++ b/http/exposed-panels/kafka-topics-ui.yaml @@ -14,9 +14,9 @@ info: cpe: cpe:2.3:a:provectus:ui:*:*:*:*:kafka:*:*:* metadata: max-request: 2 - vendor: provectus - product: ui platform: kafka + product: ui + vendor: provectus tags: panel,kafka,apache,detect,provectus http: diff --git a/http/exposed-panels/kanboard-login.yaml b/http/exposed-panels/kanboard-login.yaml index e9bb3bb5f8..eb355cb888 100644 --- a/http/exposed-panels/kanboard-login.yaml +++ b/http/exposed-panels/kanboard-login.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:kanboard:kanboard:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: kanboard product: kanboard shodan-query: http.favicon.hash:2056442365 + vendor: kanboard + verified: true tags: panel,kanboard http: diff --git a/http/exposed-panels/kasm-login-panel.yaml b/http/exposed-panels/kasm-login-panel.yaml index f168590290..ae8db990d7 100644 --- a/http/exposed-panels/kasm-login-panel.yaml +++ b/http/exposed-panels/kasm-login-panel.yaml @@ -12,9 +12,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: http.favicon.hash:-2144699833 + verified: true tags: panel,kasm,login,detect http: diff --git a/http/exposed-panels/kavita-panel-detect.yaml b/http/exposed-panels/kavita-panel-detect.yaml index f7128ee27a..37ae6f4ace 100644 --- a/http/exposed-panels/kavita-panel-detect.yaml +++ b/http/exposed-panels/kavita-panel-detect.yaml @@ -12,9 +12,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"kavita" + verified: true tags: panel,kavita http: diff --git a/http/exposed-panels/kenesto-login.yaml b/http/exposed-panels/kenesto-login.yaml index 9c7e4a97c9..789fc4d1a0 100644 --- a/http/exposed-panels/kenesto-login.yaml +++ b/http/exposed-panels/kenesto-login.yaml @@ -11,8 +11,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - max-request: 1 fofa-query: app="kenesto" + max-request: 1 tags: login,tech,kenesto,panel http: diff --git a/http/exposed-panels/kettle-panel.yaml b/http/exposed-panels/kettle-panel.yaml index 91bee88751..4199c91c89 100644 --- a/http/exposed-panels/kettle-panel.yaml +++ b/http/exposed-panels/kettle-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: basic realm="Kettle" + verified: true tags: panel,kettle http: diff --git a/http/exposed-panels/keycloak-admin-panel.yaml b/http/exposed-panels/keycloak-admin-panel.yaml index 034f950d2d..48e890ebd1 100644 --- a/http/exposed-panels/keycloak-admin-panel.yaml +++ b/http/exposed-panels/keycloak-admin-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 3 - vendor: redhat product: keycloak shodan-query: http.favicon.hash:-1105083093 + vendor: redhat + verified: true tags: panel,keycloak,redhat http: diff --git a/http/exposed-panels/kibana-panel.yaml b/http/exposed-panels/kibana-panel.yaml index c68c4f116a..de0f9663c9 100644 --- a/http/exposed-panels/kibana-panel.yaml +++ b/http/exposed-panels/kibana-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:* metadata: max-request: 3 - vendor: elastic product: kibana shodan-query: http.title:"Kibana" + vendor: elastic tags: panel,kibana,elastic http: diff --git a/http/exposed-panels/kiteworks-pcn-panel.yaml b/http/exposed-panels/kiteworks-pcn-panel.yaml index 678c6bafd3..3941b2c4b6 100644 --- a/http/exposed-panels/kiteworks-pcn-panel.yaml +++ b/http/exposed-panels/kiteworks-pcn-panel.yaml @@ -11,11 +11,11 @@ info: classification: cpe: cpe:2.3:a:accellion:kiteworks:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: accellion product: kiteworks shodan-query: http.favicon.hash:-1215318992 + vendor: accellion + verified: true tags: panel,kiteworks,login,detect,accellion http: diff --git a/http/exposed-panels/kiwitcms-login.yaml b/http/exposed-panels/kiwitcms-login.yaml index 8e3c5dba07..acc185fa66 100644 --- a/http/exposed-panels/kiwitcms-login.yaml +++ b/http/exposed-panels/kiwitcms-login.yaml @@ -13,9 +13,9 @@ info: cpe: cpe:2.3:a:kiwitcms:kiwi_tcms:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: kiwitcms product: kiwi_tcms shodan-query: title:"Kiwi TCMS - Login",http.favicon.hash:-1909533337 + vendor: kiwitcms tags: kiwitcms,panel http: diff --git a/http/exposed-panels/kkfileview-panel.yaml b/http/exposed-panels/kkfileview-panel.yaml index 57283e8efc..55dbbfd9ed 100644 --- a/http/exposed-panels/kkfileview-panel.yaml +++ b/http/exposed-panels/kkfileview-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"kkFileView" + verified: true tags: panel,kkfileview http: diff --git a/http/exposed-panels/klr300n-panel.yaml b/http/exposed-panels/klr300n-panel.yaml index 8d7f97df3a..7366d676ed 100644 --- a/http/exposed-panels/klr300n-panel.yaml +++ b/http/exposed-panels/klr300n-panel.yaml @@ -10,9 +10,9 @@ info: - http://www.keo.com.br/produtos/roteador-klr-300n - http://www.keo.com.br/wp-content/uploads/2017/09/Manual_KLR_300N_03-17_site.pdf metadata: - verified: true - max-request: 1 fofa-query: Roteador Wireless KLR 300N + max-request: 1 + verified: true tags: keo,klr300n,panel,login http: diff --git a/http/exposed-panels/kodak-network-panel.yaml b/http/exposed-panels/kodak-network-panel.yaml index 2ed52a106a..67bc929959 100644 --- a/http/exposed-panels/kodak-network-panel.yaml +++ b/http/exposed-panels/kodak-network-panel.yaml @@ -7,9 +7,9 @@ info: description: | A Kedacom network keyboard console panel was detected. metadata: - verified: true - max-request: 1 fofa-query: 网络键盘控制台 + max-request: 1 + verified: true tags: panel,login,kedacom,network http: diff --git a/http/exposed-panels/koel-panel.yaml b/http/exposed-panels/koel-panel.yaml index 08a11e2039..a0385811fa 100644 --- a/http/exposed-panels/koel-panel.yaml +++ b/http/exposed-panels/koel-panel.yaml @@ -10,9 +10,9 @@ info: - https://koel.dev/ - https://github.com/koel/koel metadata: - verified: true max-request: 1 shodan-query: title:"Koel" + verified: true tags: panel,koel,login http: diff --git a/http/exposed-panels/konga-panel.yaml b/http/exposed-panels/konga-panel.yaml index 3e4274000a..dcb714ce86 100644 --- a/http/exposed-panels/konga-panel.yaml +++ b/http/exposed-panels/konga-panel.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:pantsel:konga:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: pantsel product: konga + vendor: pantsel tags: tech,konga,oss,panel,pantsel http: diff --git a/http/exposed-panels/kopano-webapp-panel.yaml b/http/exposed-panels/kopano-webapp-panel.yaml index d18c9d7d25..2c6f0c4b71 100644 --- a/http/exposed-panels/kopano-webapp-panel.yaml +++ b/http/exposed-panels/kopano-webapp-panel.yaml @@ -8,9 +8,9 @@ info: reference: - https://kopano.com/ metadata: - verified: true max-request: 1 shodan-query: http.title:"Kopano WebApp" + verified: true tags: panel,kopano,login,detect http: diff --git a/http/exposed-panels/kraken-cluster-monitoring.yaml b/http/exposed-panels/kraken-cluster-monitoring.yaml index f2d810aefb..8dd6d119a6 100644 --- a/http/exposed-panels/kraken-cluster-monitoring.yaml +++ b/http/exposed-panels/kraken-cluster-monitoring.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"Kraken dashboard" + verified: true tags: panel,kraken,cluster http: diff --git a/http/exposed-panels/kubernetes-dashboard.yaml b/http/exposed-panels/kubernetes-dashboard.yaml index 07b367388e..34e3a778cc 100644 --- a/http/exposed-panels/kubernetes-dashboard.yaml +++ b/http/exposed-panels/kubernetes-dashboard.yaml @@ -10,8 +10,8 @@ info: cwe-id: CWE-200 metadata: max-request: 1 - vendor: kubernetes product: dashboard + vendor: kubernetes tags: panel,kubernetes,devops http: diff --git a/http/exposed-panels/kubernetes-enterprise-manager.yaml b/http/exposed-panels/kubernetes-enterprise-manager.yaml index 100a02d0aa..2703b5ccb3 100644 --- a/http/exposed-panels/kubernetes-enterprise-manager.yaml +++ b/http/exposed-panels/kubernetes-enterprise-manager.yaml @@ -10,10 +10,10 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:* metadata: - max-request: 1 - vendor: kubernetes - product: kubernetes fofa-query: app="Kubernetes-Enterprise-Manager" + max-request: 1 + product: kubernetes + vendor: kubernetes tags: tech,kubernetes,panel http: diff --git a/http/exposed-panels/kubernetes-mirantis.yaml b/http/exposed-panels/kubernetes-mirantis.yaml index 1d8f7c856d..63903170f1 100644 --- a/http/exposed-panels/kubernetes-mirantis.yaml +++ b/http/exposed-panels/kubernetes-mirantis.yaml @@ -9,10 +9,10 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true + fofa-query: app="Mirantis-Kubernetes-Engine" max-request: 1 shodan-query: http.html:"Mirantis Kubernetes Engine" - fofa-query: app="Mirantis-Kubernetes-Engine" + verified: true tags: tech,kubernetes,devops,kube,k8s,panel http: diff --git a/http/exposed-panels/kubernetes-web-view.yaml b/http/exposed-panels/kubernetes-web-view.yaml index d505b0a3a9..4f00638cae 100644 --- a/http/exposed-panels/kubernetes-web-view.yaml +++ b/http/exposed-panels/kubernetes-web-view.yaml @@ -11,11 +11,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: kubernetes product: kubernetes shodan-query: title:"Kubernetes Web View" + vendor: kubernetes + verified: true tags: panel,misconfig,kubernetes,k8s http: diff --git a/http/exposed-panels/kubeview-dashboard.yaml b/http/exposed-panels/kubeview-dashboard.yaml index 3edfa37f40..95d6f14f14 100644 --- a/http/exposed-panels/kubeview-dashboard.yaml +++ b/http/exposed-panels/kubeview-dashboard.yaml @@ -10,11 +10,11 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 - vendor: kubeview_project product: kubeview shodan-query: http.favicon.hash:-379154636 + vendor: kubeview_project + verified: true tags: exposure,k8s,kubernetes,kubeview,dashboard,panel,kubeview_project http: diff --git a/http/exposed-panels/labkey-server-login.yaml b/http/exposed-panels/labkey-server-login.yaml index 007c129392..ca086da89c 100644 --- a/http/exposed-panels/labkey-server-login.yaml +++ b/http/exposed-panels/labkey-server-login.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:labkey:labkey_server:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: labkey product: labkey_server shodan-query: 'title:"Sign In: /home"' + vendor: labkey + verified: true tags: panel,labkey http: diff --git a/http/exposed-panels/labtech-panel.yaml b/http/exposed-panels/labtech-panel.yaml index 99f8540c2e..03d12747aa 100644 --- a/http/exposed-panels/labtech-panel.yaml +++ b/http/exposed-panels/labtech-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:labtech_software:labtech:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: labtech_software product: labtech + vendor: labtech_software tags: panel,labtech,labtech_software http: diff --git a/http/exposed-panels/lancom-router-panel.yaml b/http/exposed-panels/lancom-router-panel.yaml index d785944471..c71df494f3 100644 --- a/http/exposed-panels/lancom-router-panel.yaml +++ b/http/exposed-panels/lancom-router-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: html:"LANCOM Systems GmbH" + verified: true tags: panel,lancom,router http: diff --git a/http/exposed-panels/lansweeper-login.yaml b/http/exposed-panels/lansweeper-login.yaml index 4bf539e082..d6ee32ec14 100644 --- a/http/exposed-panels/lansweeper-login.yaml +++ b/http/exposed-panels/lansweeper-login.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:lansweeper:lansweeper:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: lansweeper product: lansweeper shodan-query: title:"Lansweeper - Login" + vendor: lansweeper + verified: true tags: lansweeper,tech,panel http: diff --git a/http/exposed-panels/ldap-account-manager-panel.yaml b/http/exposed-panels/ldap-account-manager-panel.yaml index 9c7623438a..3ba3a162d6 100644 --- a/http/exposed-panels/ldap-account-manager-panel.yaml +++ b/http/exposed-panels/ldap-account-manager-panel.yaml @@ -12,9 +12,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: title:"LDAP Account Manager" + verified: true tags: panel,ldap http: diff --git a/http/exposed-panels/lenovo-fp-panel.yaml b/http/exposed-panels/lenovo-fp-panel.yaml index 80cb991aae..8ce4d1b5e6 100644 --- a/http/exposed-panels/lenovo-fp-panel.yaml +++ b/http/exposed-panels/lenovo-fp-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:lenovo:fan_power_controller:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: lenovo product: fan_power_controller shodan-query: http.html:"Fan and Power Controller" + vendor: lenovo + verified: true tags: panel,lenovo http: diff --git a/http/exposed-panels/librenms-login.yaml b/http/exposed-panels/librenms-login.yaml index 04787f97b4..13cbab886c 100644 --- a/http/exposed-panels/librenms-login.yaml +++ b/http/exposed-panels/librenms-login.yaml @@ -10,10 +10,10 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:* metadata: - max-request: 1 - vendor: librenms - product: librenms fofa-query: title="librenms" + max-request: 1 + product: librenms + vendor: librenms tags: librenms,panel http: diff --git a/http/exposed-panels/librephotos-panel.yaml b/http/exposed-panels/librephotos-panel.yaml index b63b378024..24ce313d6e 100644 --- a/http/exposed-panels/librephotos-panel.yaml +++ b/http/exposed-panels/librephotos-panel.yaml @@ -7,9 +7,9 @@ info: reference: - https://github.com/LibrePhotos/librephotos metadata: - verified: true max-request: 1 shodan-query: title:"LibrePhotos" + verified: true tags: panel,librephotos,detect,login http: diff --git a/http/exposed-panels/librespeed-panel.yaml b/http/exposed-panels/librespeed-panel.yaml index cccf0d50e9..de2f5f7c49 100644 --- a/http/exposed-panels/librespeed-panel.yaml +++ b/http/exposed-panels/librespeed-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://github.com/librespeed/speedtest metadata: - verified: true max-request: 1 shodan-query: title:"LibreSpeed" + verified: true tags: panel,librespeed,detect http: diff --git a/http/exposed-panels/liferay-portal.yaml b/http/exposed-panels/liferay-portal.yaml index b687aef5ec..2e77adaecd 100644 --- a/http/exposed-panels/liferay-portal.yaml +++ b/http/exposed-panels/liferay-portal.yaml @@ -13,11 +13,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 3 - vendor: liferay product: liferay_portal shodan-query: http.favicon.hash:129457226 + vendor: liferay + verified: true tags: panel,liferay,portal http: diff --git a/http/exposed-panels/linkerd-panel.yaml b/http/exposed-panels/linkerd-panel.yaml index 24231c2b90..f519306563 100644 --- a/http/exposed-panels/linkerd-panel.yaml +++ b/http/exposed-panels/linkerd-panel.yaml @@ -11,11 +11,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:linkerd:linkerd:*:*:*:*:kubernetes:*:*:* metadata: - verified: true max-request: 1 - vendor: linkerd product: linkerd shodan-query: html:"data-controller-namespace" + vendor: linkerd + verified: true tags: panel,misconfig,linkerd,exposure http: diff --git a/http/exposed-panels/linshare-panel.yaml b/http/exposed-panels/linshare-panel.yaml index f3211780a6..1cbd30641e 100644 --- a/http/exposed-panels/linshare-panel.yaml +++ b/http/exposed-panels/linshare-panel.yaml @@ -9,9 +9,9 @@ info: - https://www.linshare.org/ - https://github.com/linagora/linshare metadata: - verified: true max-request: 3 shodan-query: http.title:"LinShare" + verified: true tags: panel,linshare,login,detect http: diff --git a/http/exposed-panels/livehelperchat-admin-panel.yaml b/http/exposed-panels/livehelperchat-admin-panel.yaml index 967290938f..ecba3823f0 100644 --- a/http/exposed-panels/livehelperchat-admin-panel.yaml +++ b/http/exposed-panels/livehelperchat-admin-panel.yaml @@ -10,12 +10,12 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:livehelperchat:live_helper_chat:*:*:*:*:*:*:*:* metadata: - verified: true + fofa-query: title="Live Helper Chat" max-request: 1 - vendor: livehelperchat product: live_helper_chat shodan-query: title:"Live Helper Chat" - fofa-query: title="Live Helper Chat" + vendor: livehelperchat + verified: true tags: livehelperchat,panel http: diff --git a/http/exposed-panels/livezilla-login-panel.yaml b/http/exposed-panels/livezilla-login-panel.yaml index 74e894d8d3..e5954e2f65 100644 --- a/http/exposed-panels/livezilla-login-panel.yaml +++ b/http/exposed-panels/livezilla-login-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:livezilla:livezilla:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: livezilla product: livezilla + vendor: livezilla tags: panel,livezilla,login http: diff --git a/http/exposed-panels/locklizard-webviewer-panel.yaml b/http/exposed-panels/locklizard-webviewer-panel.yaml index 57a6e7b9dc..9dc5197be3 100644 --- a/http/exposed-panels/locklizard-webviewer-panel.yaml +++ b/http/exposed-panels/locklizard-webviewer-panel.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: html:"Locklizard Web Viewer" + verified: true tags: panel,locklizard,webviewer http: diff --git a/http/exposed-panels/lockself-panel.yaml b/http/exposed-panels/lockself-panel.yaml index 781e23acc1..100c23b03a 100644 --- a/http/exposed-panels/lockself-panel.yaml +++ b/http/exposed-panels/lockself-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.lockself.com/en/ metadata: - verified: true max-request: 1 shodan-query: http.title:"LockSelf" + verified: true tags: panel,lockself,login,detect http: diff --git a/http/exposed-panels/logitech-harmony-portal.yaml b/http/exposed-panels/logitech-harmony-portal.yaml index cdd28d2e8d..ff6b57b576 100644 --- a/http/exposed-panels/logitech-harmony-portal.yaml +++ b/http/exposed-panels/logitech-harmony-portal.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"Logitech Harmony Pro Installer" + verified: true tags: panel,logitech,harmony,exposure http: diff --git a/http/exposed-panels/lomnido-panel.yaml b/http/exposed-panels/lomnido-panel.yaml index 257a57b10c..ed6906b085 100644 --- a/http/exposed-panels/lomnido-panel.yaml +++ b/http/exposed-panels/lomnido-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://lomnido.com/ metadata: - verified: true max-request: 1 shodan-query: http.title:"Lomnido Login" + verified: true tags: lomnido,panel,login,detect http: diff --git a/http/exposed-panels/looker-panel.yaml b/http/exposed-panels/looker-panel.yaml index 8fc1e16a09..8cfc10179a 100644 --- a/http/exposed-panels/looker-panel.yaml +++ b/http/exposed-panels/looker-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.html:"lookerVersion" + verified: true tags: panel,login,looker http: diff --git a/http/exposed-panels/loxone-panel.yaml b/http/exposed-panels/loxone-panel.yaml index e60d8fd34d..1f10ffc748 100644 --- a/http/exposed-panels/loxone-panel.yaml +++ b/http/exposed-panels/loxone-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"Loxone Intercom Video" + verified: true tags: panel,loxone http: diff --git a/http/exposed-panels/mach-proweb-login.yaml b/http/exposed-panels/mach-proweb-login.yaml index 8daab9a27c..e592756d4d 100644 --- a/http/exposed-panels/mach-proweb-login.yaml +++ b/http/exposed-panels/mach-proweb-login.yaml @@ -12,9 +12,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true - max-request: 1 google-query: intitle:"Log on to MACH-ProWeb" + max-request: 1 + verified: true tags: panel,machproweb,edb http: diff --git a/http/exposed-panels/machform-admin-panel.yaml b/http/exposed-panels/machform-admin-panel.yaml index d5e6529fc0..48721ca1b5 100644 --- a/http/exposed-panels/machform-admin-panel.yaml +++ b/http/exposed-panels/machform-admin-panel.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"MachForm Admin Panel" + verified: true tags: panel,machform,admin http: diff --git a/http/exposed-panels/maestro-login-panel.yaml b/http/exposed-panels/maestro-login-panel.yaml index b7633739c7..1a207ca7ae 100644 --- a/http/exposed-panels/maestro-login-panel.yaml +++ b/http/exposed-panels/maestro-login-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"Maestro - LuCI" + verified: true tags: panel,maestro,luci http: diff --git a/http/exposed-panels/mag-dashboard-panel.yaml b/http/exposed-panels/mag-dashboard-panel.yaml index 212d688bc6..4131968392 100644 --- a/http/exposed-panels/mag-dashboard-panel.yaml +++ b/http/exposed-panels/mag-dashboard-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"MAG Dashboard Login" + verified: true tags: panel,mag http: diff --git a/http/exposed-panels/magento-admin-panel.yaml b/http/exposed-panels/magento-admin-panel.yaml index f6eafc14cb..2b34bec945 100644 --- a/http/exposed-panels/magento-admin-panel.yaml +++ b/http/exposed-panels/magento-admin-panel.yaml @@ -13,11 +13,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:magento:magento:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: magento product: magento shodan-query: http.component:"Magento" + vendor: magento + verified: true tags: magento,panel http: diff --git a/http/exposed-panels/magento-downloader-panel.yaml b/http/exposed-panels/magento-downloader-panel.yaml index 20038a1c10..776d0ef150 100644 --- a/http/exposed-panels/magento-downloader-panel.yaml +++ b/http/exposed-panels/magento-downloader-panel.yaml @@ -12,11 +12,11 @@ info: classification: cpe: cpe:2.3:a:magento:magento:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: magento product: magento shodan-query: http.component:"Magento" + vendor: magento + verified: true tags: magento,exposure,panel http: diff --git a/http/exposed-panels/magnolia-panel.yaml b/http/exposed-panels/magnolia-panel.yaml index 142f151ca9..b89b7d42ac 100644 --- a/http/exposed-panels/magnolia-panel.yaml +++ b/http/exposed-panels/magnolia-panel.yaml @@ -12,9 +12,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: html:"Magnolia is a registered trademark" + verified: true tags: magnolia,panel,login http: diff --git a/http/exposed-panels/mailhog-panel.yaml b/http/exposed-panels/mailhog-panel.yaml index 90982dff9f..90246e87a5 100644 --- a/http/exposed-panels/mailhog-panel.yaml +++ b/http/exposed-panels/mailhog-panel.yaml @@ -12,9 +12,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.html:"mailhog" + verified: true tags: panel,mailhog,mail,smtp http: diff --git a/http/exposed-panels/mailwatch-login.yaml b/http/exposed-panels/mailwatch-login.yaml index 8ce0bfce40..03d81def4c 100644 --- a/http/exposed-panels/mailwatch-login.yaml +++ b/http/exposed-panels/mailwatch-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"MailWatch Login Page" + verified: true tags: panel,mailwatch http: diff --git a/http/exposed-panels/maltrail-panel.yaml b/http/exposed-panels/maltrail-panel.yaml index 06fd079f2c..d8e45550eb 100644 --- a/http/exposed-panels/maltrail-panel.yaml +++ b/http/exposed-panels/maltrail-panel.yaml @@ -7,9 +7,9 @@ info: description: | Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user defined lists, where trail can be anything from domain name, URL (e.g. hXXp://109.162.38.120/harsh02.exe for known malicious executable), IP address (e.g. 185.130.5.231 for known attacker) or HTTP User-Agent header value. metadata: - verified: true max-request: 1 shodan-query: title:"Maltrail" + verified: true tags: panel,maltrail,detect http: diff --git a/http/exposed-panels/mantisbt-panel.yaml b/http/exposed-panels/mantisbt-panel.yaml index 2c4027e4bc..2740052f80 100644 --- a/http/exposed-panels/mantisbt-panel.yaml +++ b/http/exposed-panels/mantisbt-panel.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:mantisbt:mantisbt:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: mantisbt product: mantisbt shodan-query: http.favicon.hash:662709064 + vendor: mantisbt + verified: true tags: panel,mantisbt http: diff --git a/http/exposed-panels/matomo-login-portal.yaml b/http/exposed-panels/matomo-login-portal.yaml index f5b7ef02b0..7acc2f4b04 100644 --- a/http/exposed-panels/matomo-login-portal.yaml +++ b/http/exposed-panels/matomo-login-portal.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:matomo:matomo:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: matomo product: matomo + vendor: matomo tags: panel,matomo http: diff --git a/http/exposed-panels/memos-panel.yaml b/http/exposed-panels/memos-panel.yaml index 74585c5d18..d6e8a9d429 100644 --- a/http/exposed-panels/memos-panel.yaml +++ b/http/exposed-panels/memos-panel.yaml @@ -12,11 +12,11 @@ info: classification: cpe: cpe:2.3:a:usememos:memos:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: usememos product: memos shodan-query: title:"Memos" + vendor: usememos + verified: true tags: panel,memos,detect,usememos http: diff --git a/http/exposed-panels/meshcentral-login.yaml b/http/exposed-panels/meshcentral-login.yaml index 6cc895231b..ab9bc4476b 100644 --- a/http/exposed-panels/meshcentral-login.yaml +++ b/http/exposed-panels/meshcentral-login.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:meshcentral:meshcentral:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: meshcentral product: meshcentral shodan-query: http.title:"MeshCentral - Login" + vendor: meshcentral tags: panel,meshcentral http: diff --git a/http/exposed-panels/metabase-panel.yaml b/http/exposed-panels/metabase-panel.yaml index b7906fe51b..4f4365f5e0 100644 --- a/http/exposed-panels/metabase-panel.yaml +++ b/http/exposed-panels/metabase-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:metabase:metabase:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: metabase product: metabase shodan-query: http.title:"Metabase" + vendor: metabase tags: panel,metabase,login http: diff --git a/http/exposed-panels/metasploit-panel.yaml b/http/exposed-panels/metasploit-panel.yaml index 03c8949d5c..6e9ffcbe38 100644 --- a/http/exposed-panels/metasploit-panel.yaml +++ b/http/exposed-panels/metasploit-panel.yaml @@ -11,11 +11,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:rapid7:metasploit:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: rapid7 product: metasploit shodan-query: http.title:"metasploit" + vendor: rapid7 + verified: true zoomeye-query: title:'Metasploit' tags: panel,metasploit,login,rapid7 diff --git a/http/exposed-panels/metasploit-setup-page.yaml b/http/exposed-panels/metasploit-setup-page.yaml index c1e1f3d7aa..13fd587383 100644 --- a/http/exposed-panels/metasploit-setup-page.yaml +++ b/http/exposed-panels/metasploit-setup-page.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:rapid7:metasploit:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: rapid7 product: metasploit shodan-query: title:"Metasploit - Setup and Configuration" + vendor: rapid7 + verified: true tags: panel,metasploit,setup,rapid7 http: diff --git a/http/exposed-panels/metersphere-login.yaml b/http/exposed-panels/metersphere-login.yaml index f7f667c7f9..c91bce9369 100644 --- a/http/exposed-panels/metersphere-login.yaml +++ b/http/exposed-panels/metersphere-login.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:metersphere:metersphere:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: metersphere product: metersphere + vendor: metersphere tags: panel,metersphere http: diff --git a/http/exposed-panels/mfiles-web-detect.yaml b/http/exposed-panels/mfiles-web-detect.yaml index b3f66011aa..eb80eff0e3 100644 --- a/http/exposed-panels/mfiles-web-detect.yaml +++ b/http/exposed-panels/mfiles-web-detect.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:m-files:m-files:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: m-files product: m-files shodan-query: http.html:"M-Files Web" + vendor: m-files + verified: true tags: panel,m-files http: diff --git a/http/exposed-panels/microfocus-admin-server.yaml b/http/exposed-panels/microfocus-admin-server.yaml index 5be221c3c9..d0317d8a0b 100644 --- a/http/exposed-panels/microfocus-admin-server.yaml +++ b/http/exposed-panels/microfocus-admin-server.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:microfocus:enterprise_server:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: microfocus product: enterprise_server shodan-query: Micro Focus DSD + vendor: microfocus + verified: true tags: panel,exposure,microfocus,admin http: diff --git a/http/exposed-panels/microfocus-filr-panel.yaml b/http/exposed-panels/microfocus-filr-panel.yaml index 6967ee8499..6e2a354d47 100644 --- a/http/exposed-panels/microfocus-filr-panel.yaml +++ b/http/exposed-panels/microfocus-filr-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:microfocus:filr:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: microfocus product: filr shodan-query: http.html:"Micro Focus Filr" + vendor: microfocus + verified: true tags: panel,microfocus,filr http: diff --git a/http/exposed-panels/microfocus-vibe-panel.yaml b/http/exposed-panels/microfocus-vibe-panel.yaml index 152d306e11..ce86900f15 100644 --- a/http/exposed-panels/microfocus-vibe-panel.yaml +++ b/http/exposed-panels/microfocus-vibe-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:microfocus:vibe:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: microfocus product: vibe shodan-query: http.html:"Micro Focus Vibe" + vendor: microfocus + verified: true tags: panel,microfocus,vibe http: diff --git a/http/exposed-panels/microsoft-exchange-panel.yaml b/http/exposed-panels/microsoft-exchange-panel.yaml index dfd7021a48..719b83d355 100644 --- a/http/exposed-panels/microsoft-exchange-panel.yaml +++ b/http/exposed-panels/microsoft-exchange-panel.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:microsoft:exchange_server:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: microsoft product: exchange_server + vendor: microsoft tags: microsoft,panel,exchange http: diff --git a/http/exposed-panels/mikrotik/mikrotik-routeros-old.yaml b/http/exposed-panels/mikrotik/mikrotik-routeros-old.yaml index f062554712..380d7a3880 100644 --- a/http/exposed-panels/mikrotik/mikrotik-routeros-old.yaml +++ b/http/exposed-panels/mikrotik/mikrotik-routeros-old.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: mikrotik product: routeros shodan-query: title:"mikrotik routeros > administration" + vendor: mikrotik + verified: true tags: panel,login,mikrotik http: diff --git a/http/exposed-panels/mikrotik/mikrotik-routeros.yaml b/http/exposed-panels/mikrotik/mikrotik-routeros.yaml index cc9b82334f..01a84ddab1 100644 --- a/http/exposed-panels/mikrotik/mikrotik-routeros.yaml +++ b/http/exposed-panels/mikrotik/mikrotik-routeros.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: mikrotik product: routeros + vendor: mikrotik tags: panel,login,mikrotik http: diff --git a/http/exposed-panels/mini-start-page.yaml b/http/exposed-panels/mini-start-page.yaml index 6231ba16c2..5f72162cad 100644 --- a/http/exposed-panels/mini-start-page.yaml +++ b/http/exposed-panels/mini-start-page.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:miniweb_http_server_project:miniweb_http_server:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: miniweb_http_server_project product: miniweb_http_server + vendor: miniweb_http_server_project tags: edb,panel,miniweb_http_server_project http: diff --git a/http/exposed-panels/minio-browser.yaml b/http/exposed-panels/minio-browser.yaml index 3dd3691917..46d3b2ecc6 100644 --- a/http/exposed-panels/minio-browser.yaml +++ b/http/exposed-panels/minio-browser.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:minio:minio:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: minio product: minio shodan-query: title:"MinIO Browser" + vendor: minio tags: panel,minio http: diff --git a/http/exposed-panels/minio-console.yaml b/http/exposed-panels/minio-console.yaml index dce33da761..77ffc45b7a 100644 --- a/http/exposed-panels/minio-console.yaml +++ b/http/exposed-panels/minio-console.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + fofa-query: app="MinIO-Console" max-request: 1 shodan-query: title:"MinIO Console" - fofa-query: app="MinIO-Console" tags: panel,minio http: diff --git a/http/exposed-panels/misp-panel.yaml b/http/exposed-panels/misp-panel.yaml index 07d10b253b..16b06e9fb9 100644 --- a/http/exposed-panels/misp-panel.yaml +++ b/http/exposed-panels/misp-panel.yaml @@ -7,11 +7,11 @@ info: classification: cpe: cpe:2.3:a:misp:misp:*:*:*:*:*:*:*:* metadata: - verified: "true" max-request: 1 - vendor: misp product: misp shodan-query: http.title:"Users - MISP" + vendor: misp + verified: "true" tags: panel,misp http: diff --git a/http/exposed-panels/mitel-panel-detect.yaml b/http/exposed-panels/mitel-panel-detect.yaml index ba0ce17741..33abfab6bd 100644 --- a/http/exposed-panels/mitel-panel-detect.yaml +++ b/http/exposed-panels/mitel-panel-detect.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:mitel:cmg_suite:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: mitel product: cmg_suite shodan-query: http.html:"Mitel Networks" + vendor: mitel + verified: true tags: panel,mitel http: diff --git a/http/exposed-panels/mobile-management-panel.yaml b/http/exposed-panels/mobile-management-panel.yaml index 6ddcc21bdb..1bbe3f00db 100644 --- a/http/exposed-panels/mobile-management-panel.yaml +++ b/http/exposed-panels/mobile-management-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true - max-request: 1 fofa-query: title="移动管理平台-企业管理" + max-request: 1 + verified: true tags: panel,mobile,management http: diff --git a/http/exposed-panels/mobileiron-sentry.yaml b/http/exposed-panels/mobileiron-sentry.yaml index cb20c289af..2741bb9a06 100644 --- a/http/exposed-panels/mobileiron-sentry.yaml +++ b/http/exposed-panels/mobileiron-sentry.yaml @@ -8,9 +8,9 @@ info: reference: - https://help.ivanti.com/mi/help/en_us/sntry/9.9.0/gdcl/Content/SentryGuide/MobileIron_Sentry_overvi.htm metadata: - verified: true max-request: 1 shodan-query: http.favicon.hash:967636089 + verified: true tags: panel,mobileiron http: diff --git a/http/exposed-panels/modoboa-panel.yaml b/http/exposed-panels/modoboa-panel.yaml index d105abd8eb..18622fd964 100644 --- a/http/exposed-panels/modoboa-panel.yaml +++ b/http/exposed-panels/modoboa-panel.yaml @@ -13,11 +13,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:modoboa:modoboa:*:*:*:*:modoboa:*:*:* metadata: - verified: true max-request: 2 - vendor: modoboa product: modoboa shodan-query: http.favicon.hash:1949005079 + vendor: modoboa + verified: true tags: panel,modoboa,mail http: diff --git a/http/exposed-panels/monstra-admin-panel.yaml b/http/exposed-panels/monstra-admin-panel.yaml index 3e896095d3..a1cfbb7446 100644 --- a/http/exposed-panels/monstra-admin-panel.yaml +++ b/http/exposed-panels/monstra-admin-panel.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:monstra:monstra_cms:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: monstra product: monstra_cms shodan-query: http.favicon.hash:419828698 + vendor: monstra + verified: true tags: panel,monstra http: diff --git a/http/exposed-panels/moodle-workplace-panel.yaml b/http/exposed-panels/moodle-workplace-panel.yaml index 401caa49aa..664ae7c57b 100644 --- a/http/exposed-panels/moodle-workplace-panel.yaml +++ b/http/exposed-panels/moodle-workplace-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://moodle.com/solutions/workplace/ metadata: - verified: true max-request: 1 shodan-query: http.html:"moodle" + verified: true tags: panel,moodle,login,detect http: diff --git a/http/exposed-panels/movable-type-login.yaml b/http/exposed-panels/movable-type-login.yaml index d17882af1e..5a2c684c1f 100644 --- a/http/exposed-panels/movable-type-login.yaml +++ b/http/exposed-panels/movable-type-login.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:sixapart:movable_type:*:*:*:*:-:*:*:* metadata: max-request: 2 - vendor: sixapart product: movable_type shodan-query: title:"サインイン | Movable Type Pro" + vendor: sixapart tags: panel,movable,sixapart http: diff --git a/http/exposed-panels/mpftvc-admin-panel.yaml b/http/exposed-panels/mpftvc-admin-panel.yaml index 3a16c48408..ea4e37d4a5 100644 --- a/http/exposed-panels/mpftvc-admin-panel.yaml +++ b/http/exposed-panels/mpftvc-admin-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"AdminLogin - MPFTVC" + verified: true tags: panel,mpftvc,admin http: diff --git a/http/exposed-panels/mpsec-isg1000-panel.yaml b/http/exposed-panels/mpsec-isg1000-panel.yaml index deca6872b1..9bac4c2874 100644 --- a/http/exposed-panels/mpsec-isg1000-panel.yaml +++ b/http/exposed-panels/mpsec-isg1000-panel.yaml @@ -5,9 +5,9 @@ info: author: DhiyaneshDk severity: info metadata: - verified: true - max-request: 1 fofa-query: 迈普通信技术股份有限公司 + max-request: 1 + verified: true tags: panel,login,mpsec,isg1000 http: diff --git a/http/exposed-panels/ms-exchange-web-service.yaml b/http/exposed-panels/ms-exchange-web-service.yaml index 597ba9a22a..be34eb8a95 100644 --- a/http/exposed-panels/ms-exchange-web-service.yaml +++ b/http/exposed-panels/ms-exchange-web-service.yaml @@ -12,12 +12,12 @@ info: classification: cpe: cpe:2.3:a:microsoft:exchange_server:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: microsoft product: exchange_server shodan-query: http.favicon.hash:1768726119 - tags: ms,microsoft,exchange,tech,panel + vendor: microsoft + verified: true + tags: ms,microsoft,exchange,tech http: - method: GET diff --git a/http/exposed-panels/mspcontrol-login.yaml b/http/exposed-panels/mspcontrol-login.yaml index ec09178e35..922d329190 100644 --- a/http/exposed-panels/mspcontrol-login.yaml +++ b/http/exposed-panels/mspcontrol-login.yaml @@ -12,9 +12,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + google-query: intitle:"MSPControl - Sign In" max-request: 1 shodan-query: http.title:"MSPControl - Sign In" - google-query: intitle:"MSPControl - Sign In" tags: panel,mspcontrol http: diff --git a/http/exposed-panels/mybb-forum-detect.yaml b/http/exposed-panels/mybb-forum-detect.yaml index 5d60debefb..dcea77b3ba 100644 --- a/http/exposed-panels/mybb-forum-detect.yaml +++ b/http/exposed-panels/mybb-forum-detect.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:mybb:mybb:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: mybb product: mybb shodan-query: http.title:"MyBB" + vendor: mybb + verified: true tags: panel,mybb,forum http: diff --git a/http/exposed-panels/mybb/mybb-forum-install.yaml b/http/exposed-panels/mybb/mybb-forum-install.yaml index 0a7f4fdc2f..5a196f0c86 100644 --- a/http/exposed-panels/mybb/mybb-forum-install.yaml +++ b/http/exposed-panels/mybb/mybb-forum-install.yaml @@ -11,11 +11,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:mybb:mybb:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: mybb product: mybb shodan-query: http.title:"MyBB" + vendor: mybb + verified: true tags: panel,mybb,forum http: diff --git a/http/exposed-panels/mylittleadmin-panel.yaml b/http/exposed-panels/mylittleadmin-panel.yaml index e1d131b6cb..a3237e9e19 100644 --- a/http/exposed-panels/mylittleadmin-panel.yaml +++ b/http/exposed-panels/mylittleadmin-panel.yaml @@ -12,9 +12,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: http.html:"myLittleAdmin" + verified: true tags: panel,mylittleadmin,login http: diff --git a/http/exposed-panels/mylittlebackup-panel.yaml b/http/exposed-panels/mylittlebackup-panel.yaml index e9d54daae3..8ec72eb852 100644 --- a/http/exposed-panels/mylittlebackup-panel.yaml +++ b/http/exposed-panels/mylittlebackup-panel.yaml @@ -12,9 +12,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 3 shodan-query: http.html:"myLittleBackup" + verified: true tags: panel,mylittlebackup http: diff --git a/http/exposed-panels/mystrom-panel.yaml b/http/exposed-panels/mystrom-panel.yaml index 600dea0694..0d6189c806 100644 --- a/http/exposed-panels/mystrom-panel.yaml +++ b/http/exposed-panels/mystrom-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"myStrom" + verified: true tags: panel,mystrom,iot http: diff --git a/http/exposed-panels/nagios-panel.yaml b/http/exposed-panels/nagios-panel.yaml index 675503a837..cee463eb8d 100644 --- a/http/exposed-panels/nagios-panel.yaml +++ b/http/exposed-panels/nagios-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:nagios:nagios:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: nagios product: nagios shodan-query: http.title:"nagios" + vendor: nagios + verified: true tags: panel,nagios http: diff --git a/http/exposed-panels/nagios-xi-panel.yaml b/http/exposed-panels/nagios-xi-panel.yaml index 544632ffba..f01ff51d81 100644 --- a/http/exposed-panels/nagios-xi-panel.yaml +++ b/http/exposed-panels/nagios-xi-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:nagios:nagios_xi:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: nagios product: nagios_xi shodan-query: http.title:"Nagios XI" + vendor: nagios + verified: true tags: panel,nagios,nagios-xi http: diff --git a/http/exposed-panels/nagvis-panel.yaml b/http/exposed-panels/nagvis-panel.yaml index f3ff910e57..08c25860be 100644 --- a/http/exposed-panels/nagvis-panel.yaml +++ b/http/exposed-panels/nagvis-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:nagvis:nagvis:*:*:*:*:nagios_xi:*:*:* metadata: - verified: true max-request: 2 - vendor: nagvis product: nagvis shodan-query: http.html:"NagVis" + vendor: nagvis + verified: true tags: panel,nagvis http: diff --git a/http/exposed-panels/navicat-server-panel.yaml b/http/exposed-panels/navicat-server-panel.yaml index 8c559d9eda..bd70ad4dca 100644 --- a/http/exposed-panels/navicat-server-panel.yaml +++ b/http/exposed-panels/navicat-server-panel.yaml @@ -7,10 +7,10 @@ info: description: | Navicat On-Prem Server is an on-premise solution that provides you with the option to host a cloud environment for storing Navicat objects internally at your location. In our On-Prem environment, you can enjoy complete control over your system and maintain 100% privacy. It is secure and reliable that allow you to maintain a level of control that the cloud often cannot. metadata: - verified: true + fofa-query: icon_hash="598296063" max-request: 2 shodan-query: http.favicon.hash:598296063 - fofa-query: icon_hash="598296063" + verified: true tags: panel,navicat,on-prem,detect http: diff --git a/http/exposed-panels/ncentral-panel.yaml b/http/exposed-panels/ncentral-panel.yaml index 618b1a49b0..da3aa0895b 100644 --- a/http/exposed-panels/ncentral-panel.yaml +++ b/http/exposed-panels/ncentral-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"N-central Login" + verified: true tags: panel,n-central http: diff --git a/http/exposed-panels/nconf-panel.yaml b/http/exposed-panels/nconf-panel.yaml index 2b6ea83d55..4daf13fbc9 100644 --- a/http/exposed-panels/nconf-panel.yaml +++ b/http/exposed-panels/nconf-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"nconf" + verified: true tags: panel,nconf http: diff --git a/http/exposed-panels/neo4j-browser.yaml b/http/exposed-panels/neo4j-browser.yaml index 5e5975f404..aaf0bee5cf 100644 --- a/http/exposed-panels/neo4j-browser.yaml +++ b/http/exposed-panels/neo4j-browser.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:neo4j:neo4j:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: neo4j product: neo4j shodan-query: http.title:"Neo4j Browser" + vendor: neo4j tags: neo4j,exposure,unauth,panel http: diff --git a/http/exposed-panels/neobox-panel.yaml b/http/exposed-panels/neobox-panel.yaml index 94b83fea98..a0e3b76d90 100644 --- a/http/exposed-panels/neobox-panel.yaml +++ b/http/exposed-panels/neobox-panel.yaml @@ -9,10 +9,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true + fofa-query: app="neobox-Web-Server" max-request: 1 shodan-query: http.html:"NeoboxUI" - fofa-query: app="neobox-Web-Server" + verified: true tags: panel,neobox,webserver http: diff --git a/http/exposed-panels/neocase-hrportal-panel.yaml b/http/exposed-panels/neocase-hrportal-panel.yaml index 7a73044b1d..c23e7c9e89 100644 --- a/http/exposed-panels/neocase-hrportal-panel.yaml +++ b/http/exposed-panels/neocase-hrportal-panel.yaml @@ -10,8 +10,8 @@ info: - https://www.neocasesoftware.com/neocase-hr-solution/ - https://www.neocasesoftware.com/self-service-portal-module/ metadata: - verified: true max-request: 1 + verified: true tags: panel,neocase,login,detect http: diff --git a/http/exposed-panels/nessus-panel.yaml b/http/exposed-panels/nessus-panel.yaml index 45c28630c5..588f857b3c 100644 --- a/http/exposed-panels/nessus-panel.yaml +++ b/http/exposed-panels/nessus-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: tenable product: nessus shodan-query: title:"Nessus" + vendor: tenable + verified: true tags: panel,nessus,tenable http: diff --git a/http/exposed-panels/netdata-dashboard-detected.yaml b/http/exposed-panels/netdata-dashboard-detected.yaml index 0bfb55fa07..a5a83daaa3 100644 --- a/http/exposed-panels/netdata-dashboard-detected.yaml +++ b/http/exposed-panels/netdata-dashboard-detected.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:netdata:netdata:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: netdata product: netdata shodan-query: 'Server: NetData Embedded HTTP Server' + vendor: netdata tags: netdata,panel,tech http: diff --git a/http/exposed-panels/netdata-panel.yaml b/http/exposed-panels/netdata-panel.yaml index c4bed6ddcd..26798b2611 100644 --- a/http/exposed-panels/netdata-panel.yaml +++ b/http/exposed-panels/netdata-panel.yaml @@ -14,9 +14,9 @@ info: cpe: cpe:2.3:a:netdata:netdata:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: netdata product: netdata shodan-query: http.title:"netdata dashboard" + vendor: netdata tags: panel,netdata http: diff --git a/http/exposed-panels/netflix-conductor-ui.yaml b/http/exposed-panels/netflix-conductor-ui.yaml index a94393ecbf..0462ba72f9 100644 --- a/http/exposed-panels/netflix-conductor-ui.yaml +++ b/http/exposed-panels/netflix-conductor-ui.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:netflix:conductor:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: netflix product: conductor shodan-query: http.title:"Conductor UI", http.title:"Workflow UI" + vendor: netflix tags: webserver,netflix,conductor,panel http: diff --git a/http/exposed-panels/netris-dashboard-panel.yaml b/http/exposed-panels/netris-dashboard-panel.yaml index 5c711c085e..62f1a9ce5a 100644 --- a/http/exposed-panels/netris-dashboard-panel.yaml +++ b/http/exposed-panels/netris-dashboard-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"Netris Dashboard" + verified: true tags: panel,netris http: diff --git a/http/exposed-panels/netscaler-aaa-login.yaml b/http/exposed-panels/netscaler-aaa-login.yaml index 9a4710678e..0f98f074fc 100644 --- a/http/exposed-panels/netscaler-aaa-login.yaml +++ b/http/exposed-panels/netscaler-aaa-login.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:citrix:netscaler:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: citrix product: netscaler + vendor: citrix tags: panel,netscaler,login,edb,citrix http: diff --git a/http/exposed-panels/netscaler-gateway.yaml b/http/exposed-panels/netscaler-gateway.yaml index 95aac8af1e..cd5bb833e0 100644 --- a/http/exposed-panels/netscaler-gateway.yaml +++ b/http/exposed-panels/netscaler-gateway.yaml @@ -5,16 +5,16 @@ info: author: joeldeleep severity: info description: Citrix NetScaler is an application delivery controller that improves the delivery speed and quality of applications to an end user. - remediation: Ensure proper access. reference: - https://stack.watch/product/citrix/netscaler-gateway/ + remediation: Ensure proper access. classification: cwe-id: CWE-200 cpe: cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: citrix product: netscaler_gateway + vendor: citrix tags: panel,netscaler,citrix http: diff --git a/http/exposed-panels/netsparker-panel.yaml b/http/exposed-panels/netsparker-panel.yaml index ef3ab1d1d3..3880f122f5 100644 --- a/http/exposed-panels/netsparker-panel.yaml +++ b/http/exposed-panels/netsparker-panel.yaml @@ -12,9 +12,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"Sign in to Netsparker Enterprise" + verified: true tags: panel,netsparker http: diff --git a/http/exposed-panels/nexus-panel.yaml b/http/exposed-panels/nexus-panel.yaml index 2496d2bc4a..2d0faf7e38 100644 --- a/http/exposed-panels/nexus-panel.yaml +++ b/http/exposed-panels/nexus-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.sonatype.com/products/sonatype-nexus-repository metadata: - verified: true max-request: 1 shodan-query: http.title:"Sonatype Nexus Repository" + verified: true tags: panel,nexus,login,detect http: diff --git a/http/exposed-panels/nginx-admin-panel.yaml b/http/exposed-panels/nginx-admin-panel.yaml index ccdddd90ad..43dcf7b921 100644 --- a/http/exposed-panels/nginx-admin-panel.yaml +++ b/http/exposed-panels/nginx-admin-panel.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"nginx admin manager" + verified: true tags: panel,nginx,admin http: diff --git a/http/exposed-panels/nginx-ui-dashboard.yaml b/http/exposed-panels/nginx-ui-dashboard.yaml index 90635f9d28..79966ae719 100644 --- a/http/exposed-panels/nginx-ui-dashboard.yaml +++ b/http/exposed-panels/nginx-ui-dashboard.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: f5 product: nginx shodan-query: http.title:"nginx ui" + vendor: f5 + verified: true tags: panel,nginx,exposure,f5 http: diff --git a/http/exposed-panels/noescape-login.yaml b/http/exposed-panels/noescape-login.yaml index c60b13b383..a9905cdc35 100644 --- a/http/exposed-panels/noescape-login.yaml +++ b/http/exposed-panels/noescape-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"NoEscape - Login" + verified: true tags: panel,noescape http: diff --git a/http/exposed-panels/nordex-wind-farm-portal.yaml b/http/exposed-panels/nordex-wind-farm-portal.yaml index 29e274e6a9..ecf2b77d53 100644 --- a/http/exposed-panels/nordex-wind-farm-portal.yaml +++ b/http/exposed-panels/nordex-wind-farm-portal.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.html:"Nordex Control" + verified: true tags: panel,nordex,iot http: diff --git a/http/exposed-panels/normhost-backup-server-manager.yaml b/http/exposed-panels/normhost-backup-server-manager.yaml index ac4ce40dbe..1c0cf7f445 100644 --- a/http/exposed-panels/normhost-backup-server-manager.yaml +++ b/http/exposed-panels/normhost-backup-server-manager.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"Normhost Backup server manager" + verified: true tags: panel,normhost http: diff --git a/http/exposed-panels/novnc-login-panel.yaml b/http/exposed-panels/novnc-login-panel.yaml index 99ba4c734a..a911a38285 100644 --- a/http/exposed-panels/novnc-login-panel.yaml +++ b/http/exposed-panels/novnc-login-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: http.title:"noVNC" + verified: true tags: panel,novnc http: diff --git a/http/exposed-panels/nozomi-panel.yaml b/http/exposed-panels/nozomi-panel.yaml index f0257dd0e0..5559224113 100644 --- a/http/exposed-panels/nozomi-panel.yaml +++ b/http/exposed-panels/nozomi-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"Please Login | Nozomi Networks Console" + verified: true tags: panel,nozomi http: diff --git a/http/exposed-panels/np-data-cache.yaml b/http/exposed-panels/np-data-cache.yaml index 5b4ecbfda6..18f3f2d729 100644 --- a/http/exposed-panels/np-data-cache.yaml +++ b/http/exposed-panels/np-data-cache.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"NP Data Cache" + verified: true tags: np,panel,cache http: diff --git a/http/exposed-panels/nport-web-console.yaml b/http/exposed-panels/nport-web-console.yaml index ab4a7e8b49..2b5dccb466 100644 --- a/http/exposed-panels/nport-web-console.yaml +++ b/http/exposed-panels/nport-web-console.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"NPort Web Console" + verified: true tags: panel,nport http: diff --git a/http/exposed-panels/nsq-admin-panel.yaml b/http/exposed-panels/nsq-admin-panel.yaml index 3f92170ef1..49402edaa0 100644 --- a/http/exposed-panels/nsq-admin-panel.yaml +++ b/http/exposed-panels/nsq-admin-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 6.5 cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"nsqadmin" + verified: true tags: nsq,admin,panel,exposure http: diff --git a/http/exposed-panels/nuxeo-platform-panel.yaml b/http/exposed-panels/nuxeo-platform-panel.yaml index c85557eb25..c4c52499a8 100644 --- a/http/exposed-panels/nuxeo-platform-panel.yaml +++ b/http/exposed-panels/nuxeo-platform-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Nuxeo Platform" + verified: true tags: panel,nuxeo http: diff --git a/http/exposed-panels/nzbget-panel.yaml b/http/exposed-panels/nzbget-panel.yaml index d09c8494e9..547d74dc37 100644 --- a/http/exposed-panels/nzbget-panel.yaml +++ b/http/exposed-panels/nzbget-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:nzbget:nzbget:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: nzbget product: nzbget shodan-query: html:"NZBGet" + vendor: nzbget + verified: true tags: panel,nzbget http: diff --git a/http/exposed-panels/o2-easy-panel.yaml b/http/exposed-panels/o2-easy-panel.yaml index fd9af7d682..eca156b9d7 100644 --- a/http/exposed-panels/o2-easy-panel.yaml +++ b/http/exposed-panels/o2-easy-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"O2 Easy Setup" + verified: true tags: panel,o2,easy,iot,router http: diff --git a/http/exposed-panels/ocomon-panel.yaml b/http/exposed-panels/ocomon-panel.yaml index 5c0323575a..c98a952b9f 100644 --- a/http/exposed-panels/ocomon-panel.yaml +++ b/http/exposed-panels/ocomon-panel.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:ocomon_project:ocomon:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: ocomon_project product: ocomon shodan-query: http.html:"OcoMon" + vendor: ocomon_project + verified: true tags: panel,ocomon,oss,ocomon_project http: diff --git a/http/exposed-panels/ocs-inventory-login.yaml b/http/exposed-panels/ocs-inventory-login.yaml index 37fc467a36..e1294b35c5 100644 --- a/http/exposed-panels/ocs-inventory-login.yaml +++ b/http/exposed-panels/ocs-inventory-login.yaml @@ -9,10 +9,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true + fofa-query: title="OCS Inventory" max-request: 2 shodan-query: title:"OCS Inventory" - fofa-query: title="OCS Inventory" + verified: true tags: ocs-inventory,panel http: diff --git a/http/exposed-panels/octoprint-login.yaml b/http/exposed-panels/octoprint-login.yaml index a6ad7c5757..d99e3d02c2 100644 --- a/http/exposed-panels/octoprint-login.yaml +++ b/http/exposed-panels/octoprint-login.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:octoprint:octoprint:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: octoprint product: octoprint + vendor: octoprint tags: octoprint,panel http: diff --git a/http/exposed-panels/odoo-database-manager.yaml b/http/exposed-panels/odoo-database-manager.yaml index 11acadfede..0107811c52 100644 --- a/http/exposed-panels/odoo-database-manager.yaml +++ b/http/exposed-panels/odoo-database-manager.yaml @@ -8,11 +8,11 @@ info: classification: cpe: cpe:2.3:a:odoo:odoo:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: odoo product: odoo shodan-query: title:"Odoo" + vendor: odoo + verified: true tags: panel,odoo,backup http: diff --git a/http/exposed-panels/odoo-panel.yaml b/http/exposed-panels/odoo-panel.yaml index 2e0c720531..401ea9b455 100644 --- a/http/exposed-panels/odoo-panel.yaml +++ b/http/exposed-panels/odoo-panel.yaml @@ -7,11 +7,11 @@ info: classification: cpe: cpe:2.3:a:odoo:odoo:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: odoo product: odoo shodan-query: title:"Odoo" + vendor: odoo + verified: true tags: login,panel,odoo http: diff --git a/http/exposed-panels/office-webapps-panel.yaml b/http/exposed-panels/office-webapps-panel.yaml index 6980c76080..70bf654553 100644 --- a/http/exposed-panels/office-webapps-panel.yaml +++ b/http/exposed-panels/office-webapps-panel.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-668 cpe: cpe:2.3:a:microsoft:office_web_apps_server:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: microsoft product: office_web_apps_server shodan-query: html:"Provide a link that opens Word" + vendor: microsoft + verified: true tags: panel,office-webapps,login,microsoft http: diff --git a/http/exposed-panels/officekeeper-admin-login.yaml b/http/exposed-panels/officekeeper-admin-login.yaml index 68e39c8451..aa0d9d3b66 100644 --- a/http/exposed-panels/officekeeper-admin-login.yaml +++ b/http/exposed-panels/officekeeper-admin-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: http.favicon.hash:-800060828 + verified: true tags: officekeeper,dlp,panel http: diff --git a/http/exposed-panels/oipm-detect.yaml b/http/exposed-panels/oipm-detect.yaml index 9731116b71..45aa8f0861 100644 --- a/http/exposed-panels/oipm-detect.yaml +++ b/http/exposed-panels/oipm-detect.yaml @@ -5,16 +5,16 @@ info: author: nodauf severity: info description: One Identity Password Manager is a secure password manager that gives enterprises control over password management, policies, and automated reset functions. - remediation: Ensure proper access. reference: - https://www.oneidentity.com/techbrief/security-guide-for-password-manager821177/ + remediation: Ensure proper access. classification: cwe-id: CWE-200 cpe: cpe:2.3:a:oneidentity:password_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: oneidentity product: password_manager + vendor: oneidentity tags: panel,oneidentity http: diff --git a/http/exposed-panels/olt-web-interface.yaml b/http/exposed-panels/olt-web-interface.yaml index 5b9c39153d..00908dc3b3 100644 --- a/http/exposed-panels/olt-web-interface.yaml +++ b/http/exposed-panels/olt-web-interface.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"OLT Web Management Interface" + verified: true tags: edb,panel,olt http: diff --git a/http/exposed-panels/omniampx-panel.yaml b/http/exposed-panels/omniampx-panel.yaml index 8e03c543cf..a85d6826eb 100644 --- a/http/exposed-panels/omniampx-panel.yaml +++ b/http/exposed-panels/omniampx-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.html:"Omnia MPX" + verified: true tags: panel,omnia,omniampx http: diff --git a/http/exposed-panels/onlyoffice-login-panel.yaml b/http/exposed-panels/onlyoffice-login-panel.yaml index 3a87261ab9..02193adf05 100644 --- a/http/exposed-panels/onlyoffice-login-panel.yaml +++ b/http/exposed-panels/onlyoffice-login-panel.yaml @@ -9,11 +9,11 @@ info: classification: cpe: cpe:2.3:a:onlyoffice:onlyoffice:*:*:*:*:*:*:*:* metadata: - verified: true - max-request: 2 - vendor: onlyoffice - product: onlyoffice fofa-query: app="ONLYOFFICE" && (icon_hash="1928933157" || icon_hash="826083956" || icon_hash="-1380930248" || icon_hash="-285544629" || icon_hash="812741391") + max-request: 2 + product: onlyoffice + vendor: onlyoffice + verified: true tags: panel,onlyoffice,detect http: diff --git a/http/exposed-panels/open-stack-dashboard-login.yaml b/http/exposed-panels/open-stack-dashboard-login.yaml index eea83a37ab..97e3553a22 100644 --- a/http/exposed-panels/open-stack-dashboard-login.yaml +++ b/http/exposed-panels/open-stack-dashboard-login.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: openstack product: horizon + vendor: openstack tags: panel,openstack,edb http: diff --git a/http/exposed-panels/open-virtualization-manager-panel.yaml b/http/exposed-panels/open-virtualization-manager-panel.yaml index a3802f7d5d..5a379e5aa8 100644 --- a/http/exposed-panels/open-virtualization-manager-panel.yaml +++ b/http/exposed-panels/open-virtualization-manager-panel.yaml @@ -12,9 +12,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-668 metadata: + google-query: intitle:"Ovirt-Engine" max-request: 2 shodan-query: title:"Ovirt-Engine" - google-query: intitle:"Ovirt-Engine" tags: panel,ovirt,oss http: diff --git a/http/exposed-panels/openam-panel.yaml b/http/exposed-panels/openam-panel.yaml index 272608ee7f..87d1f65ca5 100644 --- a/http/exposed-panels/openam-panel.yaml +++ b/http/exposed-panels/openam-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:forgerock:openam:*:*:*:*:*:*:*:* metadata: max-request: 20 - vendor: forgerock product: openam shodan-query: http.title:"OpenAM" + vendor: forgerock tags: panel,openam,opensso,login,forgerock http: diff --git a/http/exposed-panels/openbullet2-panel.yaml b/http/exposed-panels/openbullet2-panel.yaml index c5e63ad541..5a91a23619 100644 --- a/http/exposed-panels/openbullet2-panel.yaml +++ b/http/exposed-panels/openbullet2-panel.yaml @@ -9,9 +9,9 @@ info: classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N metadata: - verified: "true" max-request: 1 shodan-query: http.favicon.hash:-1264095219 + verified: "true" tags: openbullet,panel,login http: diff --git a/http/exposed-panels/opencart-panel.yaml b/http/exposed-panels/opencart-panel.yaml index 4c7bd01cdc..47f378633d 100644 --- a/http/exposed-panels/opencart-panel.yaml +++ b/http/exposed-panels/opencart-panel.yaml @@ -13,11 +13,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:opencart:opencart:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: opencart product: opencart shodan-query: html:"OpenCart" + vendor: opencart + verified: true tags: panel,opencart http: diff --git a/http/exposed-panels/opencats-panel.yaml b/http/exposed-panels/opencats-panel.yaml index 1a9630f392..821f0df3ea 100644 --- a/http/exposed-panels/opencats-panel.yaml +++ b/http/exposed-panels/opencats-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:opencats:opencats:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: opencats product: opencats shodan-query: title:"opencats" + vendor: opencats + verified: true tags: panel,opencats http: diff --git a/http/exposed-panels/openemr-detect.yaml b/http/exposed-panels/openemr-detect.yaml index f1fbee66fc..b74f7c5519 100644 --- a/http/exposed-panels/openemr-detect.yaml +++ b/http/exposed-panels/openemr-detect.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:open-emr:openemr:*:*:*:*:*:*:*:* metadata: + fofa-query: app="OpenEMR" max-request: 1 - vendor: open-emr product: openemr shodan-query: http.html:"OpenEMR" - fofa-query: app="OpenEMR" + vendor: open-emr tags: panel,openemr,open-emr http: diff --git a/http/exposed-panels/openerp-database.yaml b/http/exposed-panels/openerp-database.yaml index 70df4ce09c..15b3cf9a71 100644 --- a/http/exposed-panels/openerp-database.yaml +++ b/http/exposed-panels/openerp-database.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:odoo:odoo:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: odoo product: odoo + vendor: odoo tags: openerp,panel,odoo http: diff --git a/http/exposed-panels/openfire-admin-panel.yaml b/http/exposed-panels/openfire-admin-panel.yaml index d2ddb37113..b50f092600 100644 --- a/http/exposed-panels/openfire-admin-panel.yaml +++ b/http/exposed-panels/openfire-admin-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:igniterealtime:openfire:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: igniterealtime product: openfire shodan-query: http.title:"Openfire Admin Console" + vendor: igniterealtime + verified: true tags: panel,openfire,admin,console,igniterealtime http: diff --git a/http/exposed-panels/opengear-panel.yaml b/http/exposed-panels/opengear-panel.yaml index a09021d32c..6cd156b4a8 100644 --- a/http/exposed-panels/opengear-panel.yaml +++ b/http/exposed-panels/opengear-panel.yaml @@ -10,10 +10,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true - max-request: 1 fofa-query: app="opengear-Management-Console" google-query: intitle:"Opengear Management Console" + max-request: 1 + verified: true tags: panel,opengear http: diff --git a/http/exposed-panels/opennebula-panel.yaml b/http/exposed-panels/opennebula-panel.yaml index 02dafdbc83..4daec8781b 100644 --- a/http/exposed-panels/opennebula-panel.yaml +++ b/http/exposed-panels/opennebula-panel.yaml @@ -13,9 +13,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.html:"opennebula" + verified: true tags: panel,opennebula,cloud http: diff --git a/http/exposed-panels/opennms-web-console.yaml b/http/exposed-panels/opennms-web-console.yaml index 226a9b0529..b82544a167 100644 --- a/http/exposed-panels/opennms-web-console.yaml +++ b/http/exposed-panels/opennms-web-console.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:opennms:opennms:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: opennms product: opennms + vendor: opennms tags: panel,login,edb,opennms http: diff --git a/http/exposed-panels/opensis-panel.yaml b/http/exposed-panels/opensis-panel.yaml index c9a968142a..33455476e0 100644 --- a/http/exposed-panels/opensis-panel.yaml +++ b/http/exposed-panels/opensis-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:os4ed:opensis:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: os4ed product: opensis shodan-query: http.title:"openSIS" + vendor: os4ed tags: panel,opensis,login,os4ed http: diff --git a/http/exposed-panels/opentouch-multimediaservices-panel.yaml b/http/exposed-panels/opentouch-multimediaservices-panel.yaml index 471db9f2f1..924c7b80f5 100644 --- a/http/exposed-panels/opentouch-multimediaservices-panel.yaml +++ b/http/exposed-panels/opentouch-multimediaservices-panel.yaml @@ -9,8 +9,8 @@ info: reference: - https://www.al-enterprise.com/-/media/assets/internet/documents/opentouch-multimedia-services-datasheet-en.pdf metadata: - verified: true max-request: 2 + verified: true tags: panel,opentouch,login,detect http: diff --git a/http/exposed-panels/openvas-panel.yaml b/http/exposed-panels/openvas-panel.yaml index b92ace7112..b9ee0bb264 100644 --- a/http/exposed-panels/openvas-panel.yaml +++ b/http/exposed-panels/openvas-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://openvas.org/ metadata: - verified: true max-request: 1 shodan-query: http.favicon.hash:1606029165 + verified: true tags: panel,openvas,admin,login http: diff --git a/http/exposed-panels/openvpn-admin.yaml b/http/exposed-panels/openvpn-admin.yaml index 5ac5c11dbc..56b4ab95c7 100644 --- a/http/exposed-panels/openvpn-admin.yaml +++ b/http/exposed-panels/openvpn-admin.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:openvpn:openvpn:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 3 - vendor: openvpn product: openvpn shodan-query: http.title:"OpenVPN-Admin" + vendor: openvpn + verified: true tags: panel,openvpn,admin,config http: diff --git a/http/exposed-panels/openvpn-connect.yaml b/http/exposed-panels/openvpn-connect.yaml index 8960561613..b98fa64c01 100644 --- a/http/exposed-panels/openvpn-connect.yaml +++ b/http/exposed-panels/openvpn-connect.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:openvpn:connect:*:*:*:*:macos:*:*:* metadata: - verified: true max-request: 1 - vendor: openvpn product: connect shodan-query: http.title:"openvpn connect" + vendor: openvpn + verified: true tags: panel,openvpn,connect,vpn http: diff --git a/http/exposed-panels/openvpn-router-management.yaml b/http/exposed-panels/openvpn-router-management.yaml index bcdf8d4c3c..cd56bf19da 100644 --- a/http/exposed-panels/openvpn-router-management.yaml +++ b/http/exposed-panels/openvpn-router-management.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:openvpn:openvpn:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: openvpn product: openvpn shodan-query: http.html:"Router Management - Server OpenVPN" + vendor: openvpn + verified: true tags: panel,openvpn,router http: diff --git a/http/exposed-panels/openvz-web-login.yaml b/http/exposed-panels/openvz-web-login.yaml index 8618716b75..6209ebeb92 100644 --- a/http/exposed-panels/openvz-web-login.yaml +++ b/http/exposed-panels/openvz-web-login.yaml @@ -12,9 +12,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.favicon.hash:-1898583197 + verified: true tags: panel,openvz http: diff --git a/http/exposed-panels/openwrt-login.yaml b/http/exposed-panels/openwrt-login.yaml index bedb2374b1..5e382c6e0a 100644 --- a/http/exposed-panels/openwrt-login.yaml +++ b/http/exposed-panels/openwrt-login.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:o:openwrt:openwrt:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: openwrt product: openwrt shodan-query: http.title:"OpenWrt - LuCI" + vendor: openwrt tags: openwrt,router,panel http: diff --git a/http/exposed-panels/openwrt/openwrt-luci-panel.yaml b/http/exposed-panels/openwrt/openwrt-luci-panel.yaml index 7f5dfa2946..028980bfc7 100644 --- a/http/exposed-panels/openwrt/openwrt-luci-panel.yaml +++ b/http/exposed-panels/openwrt/openwrt-luci-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:x-wrt:luci:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: x-wrt product: luci shodan-query: http.title:"OpenWrt - LuCI" + vendor: x-wrt tags: panel,default-login,openwrt,x-wrt http: diff --git a/http/exposed-panels/openx-panel.yaml b/http/exposed-panels/openx-panel.yaml index a01855503b..87e35cb694 100644 --- a/http/exposed-panels/openx-panel.yaml +++ b/http/exposed-panels/openx-panel.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:revive-adserver:revive_adserver:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: revive-adserver product: revive_adserver shodan-query: title:"Revive Adserver" + vendor: revive-adserver + verified: true tags: panel,openx,revive,adserver,login,revive-adserver http: diff --git a/http/exposed-panels/opinio-panel.yaml b/http/exposed-panels/opinio-panel.yaml index 09e6e415fc..fcfbed532f 100644 --- a/http/exposed-panels/opinio-panel.yaml +++ b/http/exposed-panels/opinio-panel.yaml @@ -8,9 +8,9 @@ info: reference: - https://www.objectplanet.com/opinio/ metadata: - verified: true max-request: 2 shodan-query: http.title:"Opinio" + verified: true tags: panel,opinio,login,detect http: diff --git a/http/exposed-panels/oracle-business-control.yaml b/http/exposed-panels/oracle-business-control.yaml index e06e40134e..38ac27fff1 100644 --- a/http/exposed-panels/oracle-business-control.yaml +++ b/http/exposed-panels/oracle-business-control.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:oracle:commerce:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: oracle product: commerce shodan-query: http.title:"Oracle Commerce" + vendor: oracle tags: oracle,login,panel http: diff --git a/http/exposed-panels/oracle-business-intelligence.yaml b/http/exposed-panels/oracle-business-intelligence.yaml index d512424540..a3e69607ab 100644 --- a/http/exposed-panels/oracle-business-intelligence.yaml +++ b/http/exposed-panels/oracle-business-intelligence.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:oracle:business_intelligence:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: oracle product: business_intelligence shodan-query: http.title:"Oracle Business Intelligence Sign In" + vendor: oracle + verified: true tags: panel,oracle http: diff --git a/http/exposed-panels/oracle-enterprise-manager-login.yaml b/http/exposed-panels/oracle-enterprise-manager-login.yaml index f429b34a0c..fada237b4f 100644 --- a/http/exposed-panels/oracle-enterprise-manager-login.yaml +++ b/http/exposed-panels/oracle-enterprise-manager-login.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:oracle:enterprise_manager_base_platform:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: oracle product: enterprise_manager_base_platform + vendor: oracle tags: panel,oracle,manager,login http: diff --git a/http/exposed-panels/oracle-opera-login.yaml b/http/exposed-panels/oracle-opera-login.yaml index 2192be78cb..a7e758cb87 100644 --- a/http/exposed-panels/oracle-opera-login.yaml +++ b/http/exposed-panels/oracle-opera-login.yaml @@ -7,9 +7,9 @@ info: classification: cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: title:"Oracle Opera" && html:"/OperaLogin/Welcome.do" + verified: true tags: panel,opera,oracle,detect http: diff --git a/http/exposed-panels/oracle-people-enterprise.yaml b/http/exposed-panels/oracle-people-enterprise.yaml index b2c6b9332c..8f412d914d 100644 --- a/http/exposed-panels/oracle-people-enterprise.yaml +++ b/http/exposed-panels/oracle-people-enterprise.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:oracle:peoplesoft_enterprise:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: oracle product: peoplesoft_enterprise shodan-query: http.title:"Oracle Peoplesoft Enterprise" + vendor: oracle tags: oracle,login,panel http: diff --git a/http/exposed-panels/orchid-vms-panel.yaml b/http/exposed-panels/orchid-vms-panel.yaml index 4356fa9fe9..d5ba591ace 100644 --- a/http/exposed-panels/orchid-vms-panel.yaml +++ b/http/exposed-panels/orchid-vms-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:ipconfigure:orchid_core_vms:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: ipconfigure product: orchid_core_vms shodan-query: http.title:"Orchid Core VMS" + vendor: ipconfigure tags: panel,orchid,ipconfigure http: diff --git a/http/exposed-panels/osticket-panel.yaml b/http/exposed-panels/osticket-panel.yaml index f66d77c990..048f7c665f 100644 --- a/http/exposed-panels/osticket-panel.yaml +++ b/http/exposed-panels/osticket-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:osticket:osticket:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: osticket product: osticket shodan-query: http.html:"powered by osTicket" + vendor: osticket + verified: true tags: panel,osticket http: diff --git a/http/exposed-panels/osticket/osticket-install.yaml b/http/exposed-panels/osticket/osticket-install.yaml index 463e91cd71..560dccff29 100644 --- a/http/exposed-panels/osticket/osticket-install.yaml +++ b/http/exposed-panels/osticket/osticket-install.yaml @@ -11,11 +11,11 @@ info: cwe-id: CWE-284 cpe: cpe:2.3:a:osticket:osticket:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: osticket product: osticket shodan-query: http.title:"osTicket Installer" + vendor: osticket + verified: true tags: panel,osticket,install http: diff --git a/http/exposed-panels/ourmgmt3-panel.yaml b/http/exposed-panels/ourmgmt3-panel.yaml index 9f2d767df5..d64d1abaa4 100644 --- a/http/exposed-panels/ourmgmt3-panel.yaml +++ b/http/exposed-panels/ourmgmt3-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: http.title:"OurMGMT3" + verified: true tags: panel,ourmgmt3 http: diff --git a/http/exposed-panels/overseerr-panel.yaml b/http/exposed-panels/overseerr-panel.yaml index c33b8921a3..87932b0891 100644 --- a/http/exposed-panels/overseerr-panel.yaml +++ b/http/exposed-panels/overseerr-panel.yaml @@ -10,9 +10,9 @@ info: - https://overseerr.dev/ - https://github.com/sct/overseerr metadata: - verified: true - max-request: 1 fofa-query: Overseerr account + max-request: 1 + verified: true tags: panel,overseerr,detect http: diff --git a/http/exposed-panels/pahtool-panel.yaml b/http/exposed-panels/pahtool-panel.yaml index 99d4ab7d33..012020c54a 100644 --- a/http/exposed-panels/pahtool-panel.yaml +++ b/http/exposed-panels/pahtool-panel.yaml @@ -9,9 +9,9 @@ info: reference: - http://www.inovultus.com/index.html metadata: - verified: true max-request: 1 shodan-query: http.title:"PAHTool" + verified: true tags: panel,pahtool,login,detect http: diff --git a/http/exposed-panels/pairdrop-panel.yaml b/http/exposed-panels/pairdrop-panel.yaml index 79580f49f0..d2474629df 100644 --- a/http/exposed-panels/pairdrop-panel.yaml +++ b/http/exposed-panels/pairdrop-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://github.com/schlagmichdoch/pairdrop metadata: - verified: true max-request: 1 shodan-query: title:"PairDrop" + verified: true tags: panel,pairdrop,login http: diff --git a/http/exposed-panels/panabit-panel.yaml b/http/exposed-panels/panabit-panel.yaml index 7e918ecb69..668ea10cdc 100644 --- a/http/exposed-panels/panabit-panel.yaml +++ b/http/exposed-panels/panabit-panel.yaml @@ -11,8 +11,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - max-request: 1 fofa-query: app="Panabit-智能网关" + max-request: 1 tags: panabit,panel http: diff --git a/http/exposed-panels/pandora-fms-console.yaml b/http/exposed-panels/pandora-fms-console.yaml index 851363e72c..79d1cbeb9f 100644 --- a/http/exposed-panels/pandora-fms-console.yaml +++ b/http/exposed-panels/pandora-fms-console.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:pandorafms:pandora_fms:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: pandorafms product: pandora_fms + vendor: pandorafms tags: panel,edb,pandorafms http: diff --git a/http/exposed-panels/papercut-ng-panel.yaml b/http/exposed-panels/papercut-ng-panel.yaml index 82bc325346..0726e81f5f 100644 --- a/http/exposed-panels/papercut-ng-panel.yaml +++ b/http/exposed-panels/papercut-ng-panel.yaml @@ -9,11 +9,11 @@ info: classification: cpe: cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:* metadata: - verified: true - max-request: 1 - vendor: papercut - product: papercut_ng google-query: html:'content="PaperCut' + max-request: 1 + product: papercut_ng + vendor: papercut + verified: true tags: panel,papercut,detect http: diff --git a/http/exposed-panels/parallels/parallels-hsphere-detect.yaml b/http/exposed-panels/parallels/parallels-hsphere-detect.yaml index 21862d6c31..d3e74122bc 100644 --- a/http/exposed-panels/parallels/parallels-hsphere-detect.yaml +++ b/http/exposed-panels/parallels/parallels-hsphere-detect.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:parallels:h-sphere:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: parallels product: h-sphere shodan-query: title:"Parallels H-Sphere" + vendor: parallels + verified: true tags: panel,parallels,hsphere http: diff --git a/http/exposed-panels/parse-dashboard.yaml b/http/exposed-panels/parse-dashboard.yaml index 3e1bae7734..c20004c656 100644 --- a/http/exposed-panels/parse-dashboard.yaml +++ b/http/exposed-panels/parse-dashboard.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:parseplatform:parse-server:*:*:*:*:node.js:*:*:* metadata: - verified: true max-request: 1 - vendor: parseplatform product: parse-server shodan-query: title:"Parse Dashboard" + vendor: parseplatform + verified: true tags: panel,parse,exposure,parseplatform http: diff --git a/http/exposed-panels/passbolt-panel.yaml b/http/exposed-panels/passbolt-panel.yaml index 66bdcb5061..06aec42466 100644 --- a/http/exposed-panels/passbolt-panel.yaml +++ b/http/exposed-panels/passbolt-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.passbolt.com/ metadata: - verified: true max-request: 1 shodan-query: http.title:"Passbolt | Open source password manager for teams" + verified: true tags: panel,passbolt,login http: diff --git a/http/exposed-panels/payroll-management-system-panel.yaml b/http/exposed-panels/payroll-management-system-panel.yaml index 4794b0b663..3868bdb66d 100644 --- a/http/exposed-panels/payroll-management-system-panel.yaml +++ b/http/exposed-panels/payroll-management-system-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"Admin | Employee's Payroll Management System" + verified: true tags: panel,payroll http: diff --git a/http/exposed-panels/pdi-device-page.yaml b/http/exposed-panels/pdi-device-page.yaml index 0399c86419..4bff88bde9 100644 --- a/http/exposed-panels/pdi-device-page.yaml +++ b/http/exposed-panels/pdi-device-page.yaml @@ -7,9 +7,9 @@ info: reference: - https://www.facebook.com/photo?fbid=629130339257489&set=a.467014098802448 metadata: - verified: true max-request: 1 shodan-query: html:"PDI Intellifuel" + verified: true tags: exposure,pdi,intellifuel,panel http: diff --git a/http/exposed-panels/pega-web-panel.yaml b/http/exposed-panels/pega-web-panel.yaml index 8ca1c20440..c3197ad73d 100644 --- a/http/exposed-panels/pega-web-panel.yaml +++ b/http/exposed-panels/pega-web-panel.yaml @@ -13,12 +13,12 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:pega:platform:*:*:*:*:*:*:*:* metadata: - verified: true + google-query: inurl:"/prweb/PRAuth/app/default" max-request: 2 - vendor: pega product: platform shodan-query: title:"Pega Platform" - google-query: inurl:"/prweb/PRAuth/app/default" + vendor: pega + verified: true tags: panel,pega http: diff --git a/http/exposed-panels/persis-panel.yaml b/http/exposed-panels/persis-panel.yaml index 38ebd8bd61..f8f4350986 100644 --- a/http/exposed-panels/persis-panel.yaml +++ b/http/exposed-panels/persis-panel.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: title:"Persis" + verified: true tags: panel,persis http: diff --git a/http/exposed-panels/pfsense-login.yaml b/http/exposed-panels/pfsense-login.yaml index f32582933d..fc13174f08 100644 --- a/http/exposed-panels/pfsense-login.yaml +++ b/http/exposed-panels/pfsense-login.yaml @@ -13,11 +13,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:pfsense:pfsense:*:*:*:*:*:*:*:* metadata: + google-query: intitle:"pfSense - Login" max-request: 1 - vendor: pfsense product: pfsense shodan-query: http.title:"pfSense - Login" - google-query: intitle:"pfSense - Login" + vendor: pfsense tags: panel,pfsense http: diff --git a/http/exposed-panels/phabricator-login.yaml b/http/exposed-panels/phabricator-login.yaml index 4ab4604964..72810d2aa5 100644 --- a/http/exposed-panels/phabricator-login.yaml +++ b/http/exposed-panels/phabricator-login.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:phacility:phabricator:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: phacility product: phabricator shodan-query: html:"phabricator-standard-page" + vendor: phacility tags: panel,phabricator,phacility http: diff --git a/http/exposed-panels/phoronix-pane.yaml b/http/exposed-panels/phoronix-pane.yaml index 6052931d41..60b8ef0b26 100644 --- a/http/exposed-panels/phoronix-pane.yaml +++ b/http/exposed-panels/phoronix-pane.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:phoronix-media:phoronix_test_suite:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: phoronix-media product: phoronix_test_suite shodan-query: http.title:"phoronix-test-suite" + vendor: phoronix-media tags: panel,phoronix,phoronix-media http: diff --git a/http/exposed-panels/php-mailer.yaml b/http/exposed-panels/php-mailer.yaml index 1e2aa4769a..6b23015726 100644 --- a/http/exposed-panels/php-mailer.yaml +++ b/http/exposed-panels/php-mailer.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"PHP Mailer" + verified: true tags: panel,php,mailer http: diff --git a/http/exposed-panels/phpcollab-panel.yaml b/http/exposed-panels/phpcollab-panel.yaml index 607a650caa..b664f552fc 100644 --- a/http/exposed-panels/phpcollab-panel.yaml +++ b/http/exposed-panels/phpcollab-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:phpcollab:phpcollab:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: phpcollab product: phpcollab shodan-query: http.title:"PhpCollab" + vendor: phpcollab tags: panel,phpcollab,login http: diff --git a/http/exposed-panels/phpldapadmin-panel.yaml b/http/exposed-panels/phpldapadmin-panel.yaml index 209abf647c..06aefcc8ee 100644 --- a/http/exposed-panels/phpldapadmin-panel.yaml +++ b/http/exposed-panels/phpldapadmin-panel.yaml @@ -5,9 +5,9 @@ info: author: ritikchaddha,DhiyaneshDk severity: info metadata: - verified: true max-request: 3 shodan-query: title:"phpLDAPadmin" + verified: true tags: php,phpldapadmin,panel,detect http: diff --git a/http/exposed-panels/phpminiadmin-panel.yaml b/http/exposed-panels/phpminiadmin-panel.yaml index d43473a017..de8aa32c11 100644 --- a/http/exposed-panels/phpminiadmin-panel.yaml +++ b/http/exposed-panels/phpminiadmin-panel.yaml @@ -12,9 +12,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.html:"phpMiniAdmin" + verified: true tags: panel,phpminiadmin http: diff --git a/http/exposed-panels/phpmyadmin-panel.yaml b/http/exposed-panels/phpmyadmin-panel.yaml index 79782a6043..3240566360 100644 --- a/http/exposed-panels/phpmyadmin-panel.yaml +++ b/http/exposed-panels/phpmyadmin-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:* metadata: max-request: 13 - vendor: phpmyadmin product: phpmyadmin shodan-query: http.title:phpMyAdmin + vendor: phpmyadmin tags: panel,phpmyadmin http: diff --git a/http/exposed-panels/phppgadmin-panel.yaml b/http/exposed-panels/phppgadmin-panel.yaml index 87ad69d640..1c830ef551 100644 --- a/http/exposed-panels/phppgadmin-panel.yaml +++ b/http/exposed-panels/phppgadmin-panel.yaml @@ -13,11 +13,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:phppgadmin_project:phppgadmin:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: phppgadmin_project product: phppgadmin shodan-query: http.title:phpPgAdmin + vendor: phppgadmin_project + verified: true tags: panel,phppgadmin,phppgadmin_project http: diff --git a/http/exposed-panels/pichome-panel.yaml b/http/exposed-panels/pichome-panel.yaml index 14846c0a7c..27079c524a 100644 --- a/http/exposed-panels/pichome-panel.yaml +++ b/http/exposed-panels/pichome-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: http.favicon.hash:933976300 + verified: true tags: pichome,panel http: diff --git a/http/exposed-panels/piwigo-panel.yaml b/http/exposed-panels/piwigo-panel.yaml index d249c55fb9..7f850c402c 100644 --- a/http/exposed-panels/piwigo-panel.yaml +++ b/http/exposed-panels/piwigo-panel.yaml @@ -10,13 +10,13 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:piwigo:piwigo:*:*:*:*:*:*:*:* metadata: - verified: true - max-request: 2 - vendor: piwigo - product: piwigo - shodan-query: http.favicon.hash:540706145 fofa-query: title="piwigo" google-query: Powered by Piwigo + max-request: 2 + product: piwigo + shodan-query: http.favicon.hash:540706145 + vendor: piwigo + verified: true tags: panel,piwigo,detect http: diff --git a/http/exposed-panels/planet-estream-panel.yaml b/http/exposed-panels/planet-estream-panel.yaml index d7be54fd46..8d347f0d44 100644 --- a/http/exposed-panels/planet-estream-panel.yaml +++ b/http/exposed-panels/planet-estream-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:planetestream:planet_estream:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: planetestream product: planet_estream shodan-query: title:"Login - Planet eStream" + vendor: planetestream + verified: true tags: panel,planet,estream,planetestream http: diff --git a/http/exposed-panels/plausible-panel.yaml b/http/exposed-panels/plausible-panel.yaml index 435291d7a4..274c5c3b99 100644 --- a/http/exposed-panels/plausible-panel.yaml +++ b/http/exposed-panels/plausible-panel.yaml @@ -10,9 +10,9 @@ info: - https://plausible.io/ - https://github.com/plausible/analytics metadata: - verified: true max-request: 1 shodan-query: html:"Plausible" + verified: true tags: panel,plausible,detect http: diff --git a/http/exposed-panels/plesk-obsidian-login.yaml b/http/exposed-panels/plesk-obsidian-login.yaml index 0ceba6c6fe..ad638f0726 100644 --- a/http/exposed-panels/plesk-obsidian-login.yaml +++ b/http/exposed-panels/plesk-obsidian-login.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:plesk:obsidian:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: plesk product: obsidian shodan-query: http.html:"Plesk Obsidian" + vendor: plesk + verified: true tags: panel,plesk,login,edb http: diff --git a/http/exposed-panels/plesk-onyx-login.yaml b/http/exposed-panels/plesk-onyx-login.yaml index 9e1d6dfc6a..6cb3338a39 100644 --- a/http/exposed-panels/plesk-onyx-login.yaml +++ b/http/exposed-panels/plesk-onyx-login.yaml @@ -13,12 +13,12 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:plesk:onyx:*:*:*:*:*:*:*:* metadata: - verified: true + google-query: inurl:login_up.php "Plesk Onyx" max-request: 1 - vendor: plesk product: onyx shodan-query: http.html:"Plesk Onyx" http.html:"plesk-build" - google-query: inurl:login_up.php "Plesk Onyx" + vendor: plesk + verified: true tags: panel,plesk,login,edb http: diff --git a/http/exposed-panels/polycom-admin-detect.yaml b/http/exposed-panels/polycom-admin-detect.yaml index a4b238ae62..8031b324f9 100644 --- a/http/exposed-panels/polycom-admin-detect.yaml +++ b/http/exposed-panels/polycom-admin-detect.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:h:polycom:vvx:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: polycom product: vvx + vendor: polycom tags: panel,polycom http: diff --git a/http/exposed-panels/portainer-panel.yaml b/http/exposed-panels/portainer-panel.yaml index 1fc423e309..fbcd2cb197 100644 --- a/http/exposed-panels/portainer-panel.yaml +++ b/http/exposed-panels/portainer-panel.yaml @@ -9,11 +9,11 @@ info: classification: cpe: cpe:2.3:a:portainer:portainer:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: portainer product: portainer shodan-query: title:"Portainer" + vendor: portainer + verified: true tags: panel,portainer,detect http: diff --git a/http/exposed-panels/posteio-admin-panel.yaml b/http/exposed-panels/posteio-admin-panel.yaml index 8459343b6f..ecb59d395e 100644 --- a/http/exposed-panels/posteio-admin-panel.yaml +++ b/http/exposed-panels/posteio-admin-panel.yaml @@ -6,9 +6,9 @@ info: severity: info description: Poste.io login panel was detected. metadata: - verified: true max-request: 1 shodan-query: title:"Administration login" html:"posteSatis" + verified: true tags: panel,exposure,composer,satis http: diff --git a/http/exposed-panels/sauter-moduwebvision-panel.yaml b/http/exposed-panels/sauter-moduwebvision-panel.yaml index ff02040597..6b59e0bceb 100644 --- a/http/exposed-panels/sauter-moduwebvision-panel.yaml +++ b/http/exposed-panels/sauter-moduwebvision-panel.yaml @@ -11,11 +11,11 @@ info: classification: cpe: cpe:2.3:o:sauter:moduweb_vision:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: sauter product: moduweb_vision shodan-query: http.favicon.hash:-1663319756 + vendor: sauter + verified: true tags: panel,moduweb,sauter,login http: diff --git a/http/exposed-panels/scribble-diffusion-panel.yaml b/http/exposed-panels/scribble-diffusion-panel.yaml index 5b855d2234..cd82d5f1be 100644 --- a/http/exposed-panels/scribble-diffusion-panel.yaml +++ b/http/exposed-panels/scribble-diffusion-panel.yaml @@ -10,9 +10,9 @@ info: - https://scribblediffusion.com/ - https://github.com/replicate/scribble-diffusion metadata: - verified: true max-request: 1 shodan-query: title:"Scribble Diffusion" + verified: true tags: panel,scribble,detect http: diff --git a/http/exposed-panels/scriptcase/scriptcase-panel.yaml b/http/exposed-panels/scriptcase/scriptcase-panel.yaml index deb66881f1..e0bee62fed 100644 --- a/http/exposed-panels/scriptcase/scriptcase-panel.yaml +++ b/http/exposed-panels/scriptcase/scriptcase-panel.yaml @@ -8,9 +8,9 @@ info: - https://www.scriptcase.com.br - https://www.scriptcase.net metadata: - verified: true max-request: 2 shodan-query: title:"ScriptCase" + verified: true tags: panel,scriptcase http: diff --git a/http/exposed-panels/scriptcase/scriptcase-prod-login.yaml b/http/exposed-panels/scriptcase/scriptcase-prod-login.yaml index 9f93bb0cec..409fdb226b 100644 --- a/http/exposed-panels/scriptcase/scriptcase-prod-login.yaml +++ b/http/exposed-panels/scriptcase/scriptcase-prod-login.yaml @@ -8,9 +8,9 @@ info: - https://www.scriptcase.com.br - https://www.scriptcase.net metadata: - verified: true max-request: 2 shodan-query: title:"ScriptCase" + verified: true tags: panel,scriptcase http: diff --git a/http/exposed-panels/seafile-panel.yaml b/http/exposed-panels/seafile-panel.yaml index 321a66ca92..5dacf3c210 100644 --- a/http/exposed-panels/seafile-panel.yaml +++ b/http/exposed-panels/seafile-panel.yaml @@ -13,11 +13,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:seafile:seafile:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: seafile product: seafile shodan-query: http.favicon.hash:1552322396 + vendor: seafile + verified: true tags: sefile,panel,login,seafile http: diff --git a/http/exposed-panels/seagate-nas-login.yaml b/http/exposed-panels/seagate-nas-login.yaml index b7dde1fcc3..de1d440413 100644 --- a/http/exposed-panels/seagate-nas-login.yaml +++ b/http/exposed-panels/seagate-nas-login.yaml @@ -9,11 +9,11 @@ info: classification: cpe: cpe:2.3:o:seagate:nas_os:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: seagate product: nas_os shodan-query: title:"Seagate NAS - SEAGATE" + vendor: seagate + verified: true tags: panel,seagate,login http: diff --git a/http/exposed-panels/securepoint-utm.yaml b/http/exposed-panels/securepoint-utm.yaml index 3dade8ffe1..8449277ba4 100644 --- a/http/exposed-panels/securepoint-utm.yaml +++ b/http/exposed-panels/securepoint-utm.yaml @@ -9,8 +9,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - max-request: 1 fofa-query: app="Securepoint-UTM-v11-Admin-Interface-11.8.8.8" + max-request: 1 tags: securepoint,panel http: diff --git a/http/exposed-panels/security-onion-panel.yaml b/http/exposed-panels/security-onion-panel.yaml index 54e5366ecd..3c2307944c 100644 --- a/http/exposed-panels/security-onion-panel.yaml +++ b/http/exposed-panels/security-onion-panel.yaml @@ -12,11 +12,11 @@ info: classification: cpe: cpe:2.3:a:securityonionsolutions:security_onion:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: securityonionsolutions product: security_onion shodan-query: title:"Security Onion" + vendor: securityonionsolutions + verified: true tags: panel,security,onion,detect,securityonionsolutions http: diff --git a/http/exposed-panels/seeddms-panel.yaml b/http/exposed-panels/seeddms-panel.yaml index 7dc3e151bd..ed9b4cdd1b 100644 --- a/http/exposed-panels/seeddms-panel.yaml +++ b/http/exposed-panels/seeddms-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:seeddms:seeddms:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: seeddms product: seeddms shodan-query: http.title:"SeedDMS" + vendor: seeddms tags: panel,seeddms,login http: diff --git a/http/exposed-panels/selfcheck-panel.yaml b/http/exposed-panels/selfcheck-panel.yaml index 902c04320f..25f0b92ed4 100644 --- a/http/exposed-panels/selfcheck-panel.yaml +++ b/http/exposed-panels/selfcheck-panel.yaml @@ -7,9 +7,9 @@ info: reference: - https://www.facebook.com/photo/?fbid=607747024729154&set=a.467014098802448 metadata: - verified: true max-request: 1 shodan-query: title:"SelfCheck System Manager" + verified: true tags: panel,login,selfcheck,systemmanager http: diff --git a/http/exposed-panels/sensu-panel.yaml b/http/exposed-panels/sensu-panel.yaml index e788b6b0ce..07406e17af 100644 --- a/http/exposed-panels/sensu-panel.yaml +++ b/http/exposed-panels/sensu-panel.yaml @@ -10,9 +10,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.favicon.hash:-749942143 + verified: true tags: panel,sensu,sumo,detect http: diff --git a/http/exposed-panels/sentinelone-console.yaml b/http/exposed-panels/sentinelone-console.yaml index a42e103b45..04f8804a28 100644 --- a/http/exposed-panels/sentinelone-console.yaml +++ b/http/exposed-panels/sentinelone-console.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"SentinelOne - Management Console" + verified: true tags: panel,sentinelone http: diff --git a/http/exposed-panels/sentry-panel.yaml b/http/exposed-panels/sentry-panel.yaml index a15854f675..3f83839c75 100644 --- a/http/exposed-panels/sentry-panel.yaml +++ b/http/exposed-panels/sentry-panel.yaml @@ -11,11 +11,11 @@ info: classification: cpe: cpe:2.3:a:sentry:sentry:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: sentry product: sentry shodan-query: http.title:"Login | Sentry" + vendor: sentry + verified: true tags: panel,sentry,login http: diff --git a/http/exposed-panels/servicedesk-login-panel.yaml b/http/exposed-panels/servicedesk-login-panel.yaml index d6796e8f20..950e2fcd96 100644 --- a/http/exposed-panels/servicedesk-login-panel.yaml +++ b/http/exposed-panels/servicedesk-login-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: atlassian product: confluence_data_center shodan-query: http.component:"Atlassian Confluence" + vendor: atlassian tags: servicedesk,confluence,jira,panel,login,atlassian http: diff --git a/http/exposed-panels/servicenow-panel.yaml b/http/exposed-panels/servicenow-panel.yaml index e3f855ac77..d47d46b38e 100644 --- a/http/exposed-panels/servicenow-panel.yaml +++ b/http/exposed-panels/servicenow-panel.yaml @@ -11,11 +11,11 @@ info: classification: cpe: cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: servicenow product: servicenow shodan-query: http.favicon.hash:1701804003 + vendor: servicenow + verified: true tags: panel,servicenow,login,detect http: diff --git a/http/exposed-panels/sevone-nms-network-manager.yaml b/http/exposed-panels/sevone-nms-network-manager.yaml index 250adc55de..4f4e788d9b 100644 --- a/http/exposed-panels/sevone-nms-network-manager.yaml +++ b/http/exposed-panels/sevone-nms-network-manager.yaml @@ -5,9 +5,9 @@ info: author: pussycat0x severity: info metadata: - verified: true max-request: 1 shodan-query: http.title:"SevOne NMS - Network Manager" + verified: true tags: sevone,manager,login,panel http: diff --git a/http/exposed-panels/shardingsphere-panel.yaml b/http/exposed-panels/shardingsphere-panel.yaml index e7ee1bbf32..47f423d646 100644 --- a/http/exposed-panels/shardingsphere-panel.yaml +++ b/http/exposed-panels/shardingsphere-panel.yaml @@ -9,11 +9,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:apache:shardingsphere_elasticjob-ui:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: apache product: shardingsphere_elasticjob-ui shodan-query: http.favicon.hash:816588900 + vendor: apache + verified: true tags: panel,shardingsphere,login,apache http: diff --git a/http/exposed-panels/sharefile-panel.yaml b/http/exposed-panels/sharefile-panel.yaml index 68e383da4a..65374a329a 100644 --- a/http/exposed-panels/sharefile-panel.yaml +++ b/http/exposed-panels/sharefile-panel.yaml @@ -11,11 +11,11 @@ info: classification: cpe: cpe:2.3:a:citrix:sharefile:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: citrix product: sharefile shodan-query: title:"ShareFile Login" + vendor: citrix + verified: true tags: sharefile,login,panel,detect,citrix http: diff --git a/http/exposed-panels/shell-box.yaml b/http/exposed-panels/shell-box.yaml index 7e74b4815f..68e0119148 100644 --- a/http/exposed-panels/shell-box.yaml +++ b/http/exposed-panels/shell-box.yaml @@ -12,11 +12,11 @@ info: classification: cpe: cpe:2.3:a:shellinabox_project:shellinabox:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: shellinabox_project product: shellinabox shodan-query: http.favicon.hash:-629968763 + vendor: shellinabox_project + verified: true tags: shell,emulator,detect,panel,login,shellinabox_project http: diff --git a/http/exposed-panels/sidekiq-dashboard.yaml b/http/exposed-panels/sidekiq-dashboard.yaml index 5c0325a7e1..2aab862f59 100644 --- a/http/exposed-panels/sidekiq-dashboard.yaml +++ b/http/exposed-panels/sidekiq-dashboard.yaml @@ -16,8 +16,8 @@ info: cpe: cpe:2.3:a:contribsys:sidekiq:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: contribsys product: sidekiq + vendor: contribsys tags: unauth,panel,sidekiq,contribsys http: diff --git a/http/exposed-panels/signet-explorer-dashboard.yaml b/http/exposed-panels/signet-explorer-dashboard.yaml index 49dabc216e..a50f9799e2 100644 --- a/http/exposed-panels/signet-explorer-dashboard.yaml +++ b/http/exposed-panels/signet-explorer-dashboard.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: html:"mempool-space" || title:"Signet Explorer" + verified: true tags: panel,signet,bitcoin,dashboard http: diff --git a/http/exposed-panels/sitefinity-login.yaml b/http/exposed-panels/sitefinity-login.yaml index f09fa6fbf7..524d45556c 100644 --- a/http/exposed-panels/sitefinity-login.yaml +++ b/http/exposed-panels/sitefinity-login.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:progress:sitefinity_cms:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: progress product: sitefinity_cms + vendor: progress tags: sitefinity,edb,panel,progress http: diff --git a/http/exposed-panels/siteomat-login.yaml b/http/exposed-panels/siteomat-login.yaml index 5cf5f92aed..956438c33a 100644 --- a/http/exposed-panels/siteomat-login.yaml +++ b/http/exposed-panels/siteomat-login.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:orpak:siteomat:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: orpak product: siteomat + vendor: orpak tags: siteomat,login,edb,panel,orpak http: diff --git a/http/exposed-panels/skeepers-panel.yaml b/http/exposed-panels/skeepers-panel.yaml index dd9524e70c..4a162a2d4e 100644 --- a/http/exposed-panels/skeepers-panel.yaml +++ b/http/exposed-panels/skeepers-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://skeepers.io metadata: - verified: true max-request: 2 shodan-query: http.title:"Skeepers" + verified: true tags: panel,skeepers,login,detect http: diff --git a/http/exposed-panels/skycaiji-admin-panel.yaml b/http/exposed-panels/skycaiji-admin-panel.yaml index a961dd6520..7f14f6e474 100644 --- a/http/exposed-panels/skycaiji-admin-panel.yaml +++ b/http/exposed-panels/skycaiji-admin-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:skycaiji:skycaiji:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: skycaiji product: skycaiji + vendor: skycaiji tags: panel,tech,skycaiji http: diff --git a/http/exposed-panels/smartping-dashboard.yaml b/http/exposed-panels/smartping-dashboard.yaml index e9c8ade363..a92522e173 100644 --- a/http/exposed-panels/smartping-dashboard.yaml +++ b/http/exposed-panels/smartping-dashboard.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"SmartPing Dashboard" + verified: true tags: panel,misconfig,unauth,smartping http: diff --git a/http/exposed-panels/snapcomms-panel.yaml b/http/exposed-panels/snapcomms-panel.yaml index a782ad2091..0ddab742e0 100644 --- a/http/exposed-panels/snapcomms-panel.yaml +++ b/http/exposed-panels/snapcomms-panel.yaml @@ -9,8 +9,8 @@ info: reference: - https://www.snapcomms.com/ metadata: - verified: true max-request: 1 + verified: true tags: panel,snapcomms,login,detect http: diff --git a/http/exposed-panels/softether-vpn-panel.yaml b/http/exposed-panels/softether-vpn-panel.yaml index 5df5fdf7d4..3581b61723 100644 --- a/http/exposed-panels/softether-vpn-panel.yaml +++ b/http/exposed-panels/softether-vpn-panel.yaml @@ -7,9 +7,9 @@ info: description: | SoftEther VPN panel was detected. metadata: - verified: true max-request: 1 shodan-query: http.title:"SoftEther VPN Server" + verified: true tags: panel,vpn,softether http: diff --git a/http/exposed-panels/solarview-compact-panel.yaml b/http/exposed-panels/solarview-compact-panel.yaml index 58af3fd9c1..324622097d 100644 --- a/http/exposed-panels/solarview-compact-panel.yaml +++ b/http/exposed-panels/solarview-compact-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:o:contec:solarview_compact_firmware:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: contec product: solarview_compact_firmware shodan-query: http.html:"SolarView Compact" + vendor: contec + verified: true tags: panel,solarview,iot,contec http: diff --git a/http/exposed-panels/solarwinds-arm-panel.yaml b/http/exposed-panels/solarwinds-arm-panel.yaml index 4e93dc7153..d93c0d7d4c 100644 --- a/http/exposed-panels/solarwinds-arm-panel.yaml +++ b/http/exposed-panels/solarwinds-arm-panel.yaml @@ -13,12 +13,12 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:solarwinds:access_rights_manager:*:*:*:*:*:*:*:* metadata: - verified: true + censys-query: services.http.response.html_title="Solarwinds Access Rights Manager" max-request: 1 - vendor: solarwinds product: access_rights_manager shodan-query: http.favicon.hash:-1416464161 - censys-query: services.http.response.html_title="Solarwinds Access Rights Manager" + vendor: solarwinds + verified: true tags: panel,solarwinds http: diff --git a/http/exposed-panels/solarwinds-orion.yaml b/http/exposed-panels/solarwinds-orion.yaml index 5a64bded24..ec03dd23eb 100644 --- a/http/exposed-panels/solarwinds-orion.yaml +++ b/http/exposed-panels/solarwinds-orion.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: solarwinds product: orion_platform + vendor: solarwinds tags: panel,solarwinds http: diff --git a/http/exposed-panels/solarwinds-servuftp-detect.yaml b/http/exposed-panels/solarwinds-servuftp-detect.yaml index e29350df0d..683c2f1593 100644 --- a/http/exposed-panels/solarwinds-servuftp-detect.yaml +++ b/http/exposed-panels/solarwinds-servuftp-detect.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: solarwinds product: serv-u + vendor: solarwinds tags: solarwinds,panel http: diff --git a/http/exposed-panels/solr-panel-exposure.yaml b/http/exposed-panels/solr-panel-exposure.yaml index a06a845d05..c060702704 100644 --- a/http/exposed-panels/solr-panel-exposure.yaml +++ b/http/exposed-panels/solr-panel-exposure.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: apache product: solr shodan-query: http.title:"Solr Admin" + vendor: apache + verified: true tags: panel,solr,apache,admin http: diff --git a/http/exposed-panels/somansa-dlp-detect.yaml b/http/exposed-panels/somansa-dlp-detect.yaml index f5a04e3233..21a32ddeec 100644 --- a/http/exposed-panels/somansa-dlp-detect.yaml +++ b/http/exposed-panels/somansa-dlp-detect.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: http.html:"DLP system" + verified: true tags: panel,somansa,dlp http: diff --git a/http/exposed-panels/sonarqube-login.yaml b/http/exposed-panels/sonarqube-login.yaml index 6d53c49294..c337aada02 100644 --- a/http/exposed-panels/sonarqube-login.yaml +++ b/http/exposed-panels/sonarqube-login.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:sonarsource:sonarqube:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: sonarsource product: sonarqube + vendor: sonarsource tags: panel,sonarqube,sonarsource http: diff --git a/http/exposed-panels/sonic-wall-application.yaml b/http/exposed-panels/sonic-wall-application.yaml index f3522bd670..02f6633269 100644 --- a/http/exposed-panels/sonic-wall-application.yaml +++ b/http/exposed-panels/sonic-wall-application.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:o:sonicwall:sma1000_firmware:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: sonicwall product: sma1000_firmware shodan-query: title:"Appliance Management Console Login" + vendor: sonicwall + verified: true tags: panel,sonicwall,login http: diff --git a/http/exposed-panels/sonic-wall-login.yaml b/http/exposed-panels/sonic-wall-login.yaml index f3694c1385..861eaba5b2 100644 --- a/http/exposed-panels/sonic-wall-login.yaml +++ b/http/exposed-panels/sonic-wall-login.yaml @@ -8,11 +8,11 @@ info: classification: cpe: cpe:2.3:h:sonicwall:tz_350:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: sonicwall product: tz_350 shodan-query: title:"SonicWall Network Security Login" + vendor: sonicwall + verified: true tags: panel,sonicwall,login http: diff --git a/http/exposed-panels/sonicwall-analyzer-login.yaml b/http/exposed-panels/sonicwall-analyzer-login.yaml index 169baa319c..d01072ea61 100644 --- a/http/exposed-panels/sonicwall-analyzer-login.yaml +++ b/http/exposed-panels/sonicwall-analyzer-login.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:sonicwall:analyzer:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: sonicwall product: analyzer shodan-query: title:"SonicWall Analyzer Login" + vendor: sonicwall + verified: true tags: panel,sonicwall http: diff --git a/http/exposed-panels/sonicwall-management-panel.yaml b/http/exposed-panels/sonicwall-management-panel.yaml index 51eceb106c..8ba44b9b16 100644 --- a/http/exposed-panels/sonicwall-management-panel.yaml +++ b/http/exposed-panels/sonicwall-management-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: sonicwall product: global_management_system + vendor: sonicwall tags: panel,sonicwall http: diff --git a/http/exposed-panels/sonicwall-sslvpn-panel.yaml b/http/exposed-panels/sonicwall-sslvpn-panel.yaml index c0427d9d1c..7ed9675df7 100644 --- a/http/exposed-panels/sonicwall-sslvpn-panel.yaml +++ b/http/exposed-panels/sonicwall-sslvpn-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: sonicwall product: sonicos + vendor: sonicwall tags: panel,sonicwall http: diff --git a/http/exposed-panels/sophos-fw-version-detect.yaml b/http/exposed-panels/sophos-fw-version-detect.yaml index d613def039..387fcaa646 100644 --- a/http/exposed-panels/sophos-fw-version-detect.yaml +++ b/http/exposed-panels/sophos-fw-version-detect.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:o:sophos:sfos:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: sophos product: sfos shodan-query: title:"Sophos" + vendor: sophos + verified: true tags: panel,sophos http: diff --git a/http/exposed-panels/sophos-mobile-panel.yaml b/http/exposed-panels/sophos-mobile-panel.yaml index e65b909a58..e791de2d9b 100644 --- a/http/exposed-panels/sophos-mobile-panel.yaml +++ b/http/exposed-panels/sophos-mobile-panel.yaml @@ -14,9 +14,9 @@ info: cpe: cpe:2.3:a:sophos:mobile:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: sophos product: mobile shodan-query: http.title:"Sophos Mobile" + vendor: sophos tags: panel,sophos http: diff --git a/http/exposed-panels/sophos-web-appliance.yaml b/http/exposed-panels/sophos-web-appliance.yaml index 0d4e4cd9ae..30b0317fa4 100644 --- a/http/exposed-panels/sophos-web-appliance.yaml +++ b/http/exposed-panels/sophos-web-appliance.yaml @@ -9,11 +9,11 @@ info: classification: cpe: cpe:2.3:a:sophos:web_appliance:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: sophos product: web_appliance shodan-query: http.favicon.hash:-893681401 + vendor: sophos + verified: true tags: panel,login,sophos http: diff --git a/http/exposed-panels/spacelogic-cbus-panel.yaml b/http/exposed-panels/spacelogic-cbus-panel.yaml index 6f31ac54a5..722c0231f9 100644 --- a/http/exposed-panels/spacelogic-cbus-panel.yaml +++ b/http/exposed-panels/spacelogic-cbus-panel.yaml @@ -5,11 +5,11 @@ info: author: ritikchaddha severity: info metadata: - verified: true max-request: 1 - vendor: schneider-electric product: spacelogic_c-bus_home_controller_firmware shodan-query: html:"SpaceLogic C-Bus" + vendor: schneider-electric + verified: true tags: panel,spacelogic,login,schneider-electric http: diff --git a/http/exposed-panels/spark-panel.yaml b/http/exposed-panels/spark-panel.yaml index 74471def73..2339b87459 100644 --- a/http/exposed-panels/spark-panel.yaml +++ b/http/exposed-panels/spark-panel.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:apache:spark:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: apache product: spark shodan-query: html:"/apps/IMT/Html/" + vendor: apache + verified: true tags: panel,spark,apache http: diff --git a/http/exposed-panels/speedtest-panel.yaml b/http/exposed-panels/speedtest-panel.yaml index 0cfcd76e16..15fe5b0c12 100644 --- a/http/exposed-panels/speedtest-panel.yaml +++ b/http/exposed-panels/speedtest-panel.yaml @@ -10,9 +10,9 @@ info: - https://github.com/alexjustesen/speedtest-tracker - https://docs.speedtest-tracker.dev/ metadata: - verified: true max-request: 1 shodan-query: title:"Speedtest Tracker" + verified: true tags: speedtest,tracker,panel,login http: diff --git a/http/exposed-panels/sphider-login.yaml b/http/exposed-panels/sphider-login.yaml index c4c3714f5e..b12e3e5db9 100644 --- a/http/exposed-panels/sphider-login.yaml +++ b/http/exposed-panels/sphider-login.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:sphider:sphider:*:*:*:*:*:*:*:* metadata: max-request: 3 - vendor: sphider product: sphider + vendor: sphider tags: edb,panel,sphider http: diff --git a/http/exposed-panels/sphinxonline-panel.yaml b/http/exposed-panels/sphinxonline-panel.yaml index 8120fec5cb..9bfe55ec32 100644 --- a/http/exposed-panels/sphinxonline-panel.yaml +++ b/http/exposed-panels/sphinxonline-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.lesphinx-developpement.fr/ metadata: - verified: true max-request: 1 shodan-query: http.title:"Connection - SphinxOnline" + verified: true tags: panel,sphinxonline,login,detect http: diff --git a/http/exposed-panels/splunk-enterprise-panel.yaml b/http/exposed-panels/splunk-enterprise-panel.yaml index 9c098f3604..1f07ac2f36 100644 --- a/http/exposed-panels/splunk-enterprise-panel.yaml +++ b/http/exposed-panels/splunk-enterprise-panel.yaml @@ -13,9 +13,9 @@ info: cpe: cpe:2.3:a:splunk:splunk:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: splunk product: splunk shodan-query: http.title:"Login - Splunk" + vendor: splunk tags: panel,splunk http: diff --git a/http/exposed-panels/spotweb-login-panel.yaml b/http/exposed-panels/spotweb-login-panel.yaml index 3da95a08c6..630dbbd99a 100644 --- a/http/exposed-panels/spotweb-login-panel.yaml +++ b/http/exposed-panels/spotweb-login-panel.yaml @@ -7,11 +7,11 @@ info: classification: cpe: cpe:2.3:a:spotweb_project:spotweb:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: spotweb_project product: spotweb shodan-query: title:"SpotWeb - overview" + vendor: spotweb_project + verified: true tags: panel,spotweb,detect,spotweb_project http: diff --git a/http/exposed-panels/sql-monitor.yaml b/http/exposed-panels/sql-monitor.yaml index 5777d0f883..17c58d8f2f 100644 --- a/http/exposed-panels/sql-monitor.yaml +++ b/http/exposed-panels/sql-monitor.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:red-gate:sql_monitor:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: red-gate product: sql_monitor shodan-query: html:"SQL Monitor" + vendor: red-gate tags: panel,red-gate http: diff --git a/http/exposed-panels/sqlbuddy-panel.yaml b/http/exposed-panels/sqlbuddy-panel.yaml index 30fef03917..cf88d39dc1 100644 --- a/http/exposed-panels/sqlbuddy-panel.yaml +++ b/http/exposed-panels/sqlbuddy-panel.yaml @@ -12,9 +12,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: http.title:"SQL Buddy" + verified: true tags: panel,sqlbuddy http: diff --git a/http/exposed-panels/squirrelmail-login.yaml b/http/exposed-panels/squirrelmail-login.yaml index 1d63075354..c5a9fe4846 100644 --- a/http/exposed-panels/squirrelmail-login.yaml +++ b/http/exposed-panels/squirrelmail-login.yaml @@ -13,9 +13,9 @@ info: cpe: cpe:2.3:a:squirrelmail:squirrelmail:*:*:*:*:*:*:*:* metadata: max-request: 4 - vendor: squirrelmail product: squirrelmail shodan-query: title:"SquirrelMail" + vendor: squirrelmail tags: squirrelmail,edb,panel http: diff --git a/http/exposed-panels/sqwebmail-login-panel.yaml b/http/exposed-panels/sqwebmail-login-panel.yaml index 77351e4588..fbe48f7624 100644 --- a/http/exposed-panels/sqwebmail-login-panel.yaml +++ b/http/exposed-panels/sqwebmail-login-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: title:"SqWebMail" + verified: true tags: webmail,sqwebmail,panel http: diff --git a/http/exposed-panels/star-network-utility.yaml b/http/exposed-panels/star-network-utility.yaml index 735c7481df..b43d275925 100644 --- a/http/exposed-panels/star-network-utility.yaml +++ b/http/exposed-panels/star-network-utility.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.html:"Network Utility" + verified: true tags: panel,utility http: diff --git a/http/exposed-panels/steve-login-panel.yaml b/http/exposed-panels/steve-login-panel.yaml index 6e289da95c..f2f1ddaf4e 100644 --- a/http/exposed-panels/steve-login-panel.yaml +++ b/http/exposed-panels/steve-login-panel.yaml @@ -12,10 +12,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true + google-query: intitle:"SteVe - Steckdosenverwaltung" max-request: 2 shodan-query: http.title:"SteVe - Steckdosenverwaltung" - google-query: intitle:"SteVe - Steckdosenverwaltung" + verified: true tags: panel,steve http: diff --git a/http/exposed-panels/storybook-panel.yaml b/http/exposed-panels/storybook-panel.yaml index b0ec104a9b..384ae280c0 100644 --- a/http/exposed-panels/storybook-panel.yaml +++ b/http/exposed-panels/storybook-panel.yaml @@ -12,9 +12,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: http.title:"storybook" + verified: true tags: panel,storybook,workshop http: diff --git a/http/exposed-panels/strapi-documentation.yaml b/http/exposed-panels/strapi-documentation.yaml index 4a301b23d5..16974f8318 100644 --- a/http/exposed-panels/strapi-documentation.yaml +++ b/http/exposed-panels/strapi-documentation.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:strapi:strapi:*:*:*:*:node.js:*:*:* metadata: max-request: 2 - vendor: strapi product: strapi + vendor: strapi tags: strapi,panel http: diff --git a/http/exposed-panels/strapi-panel.yaml b/http/exposed-panels/strapi-panel.yaml index 4f2de2c47b..7cba97e754 100644 --- a/http/exposed-panels/strapi-panel.yaml +++ b/http/exposed-panels/strapi-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:strapi:strapi:*:*:*:*:node.js:*:*:* metadata: max-request: 1 - vendor: strapi product: strapi + vendor: strapi tags: panel,strapi,login http: diff --git a/http/exposed-panels/structurizr-panel.yaml b/http/exposed-panels/structurizr-panel.yaml index 1ea16ede06..0d44a0daef 100644 --- a/http/exposed-panels/structurizr-panel.yaml +++ b/http/exposed-panels/structurizr-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:structurizr:on-premises_installation:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: structurizr product: on-premises_installation shodan-query: http.favicon.hash:1199592666 + vendor: structurizr + verified: true tags: panel,structurizr,detect http: diff --git a/http/exposed-panels/subrion-login.yaml b/http/exposed-panels/subrion-login.yaml index 130d7c4c22..cbc5166ec1 100644 --- a/http/exposed-panels/subrion-login.yaml +++ b/http/exposed-panels/subrion-login.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:intelliants:subrion:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: intelliants product: subrion + vendor: intelliants tags: panel,subrion,intelliants http: diff --git a/http/exposed-panels/sugarcrm-panel.yaml b/http/exposed-panels/sugarcrm-panel.yaml index 7f0ac24e78..e8919880e9 100644 --- a/http/exposed-panels/sugarcrm-panel.yaml +++ b/http/exposed-panels/sugarcrm-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:sugarcrm:sugarcrm:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: sugarcrm product: sugarcrm shodan-query: http.title:sugarcrm + vendor: sugarcrm tags: sugarcrm,panel http: diff --git a/http/exposed-panels/sunbird-dcim-panel.yaml b/http/exposed-panels/sunbird-dcim-panel.yaml index 730a986c66..d6fd78b532 100644 --- a/http/exposed-panels/sunbird-dcim-panel.yaml +++ b/http/exposed-panels/sunbird-dcim-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: http.favicon.hash:781922099 + verified: true tags: sunbird,panel,login http: diff --git a/http/exposed-panels/sungrow-logger1000-detect.yaml b/http/exposed-panels/sungrow-logger1000-detect.yaml index 0bb9f309d9..016b7bf0ae 100644 --- a/http/exposed-panels/sungrow-logger1000-detect.yaml +++ b/http/exposed-panels/sungrow-logger1000-detect.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:logger html:"htmlWebpackPlugin.options.title" + verified: true tags: panel,logger1000,sungrow http: diff --git a/http/exposed-panels/superadmin-ui-panel.yaml b/http/exposed-panels/superadmin-ui-panel.yaml index 56481722ac..c272a394dc 100644 --- a/http/exposed-panels/superadmin-ui-panel.yaml +++ b/http/exposed-panels/superadmin-ui-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Superadmin UI - 4myhealth" + verified: true tags: panel,superadmin http: diff --git a/http/exposed-panels/supermicro-bmc-panel.yaml b/http/exposed-panels/supermicro-bmc-panel.yaml index 9acc6912ca..d0a29f610c 100644 --- a/http/exposed-panels/supermicro-bmc-panel.yaml +++ b/http/exposed-panels/supermicro-bmc-panel.yaml @@ -13,9 +13,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + google-query: intitle:"Supermicro BMC Login" max-request: 1 shodan-query: http.title:"Supermicro BMC Login" - google-query: intitle:"Supermicro BMC Login" tags: panel,supermicro,bmc http: diff --git a/http/exposed-panels/superset-login.yaml b/http/exposed-panels/superset-login.yaml index dedaf8a3e2..e7f9d0dcd6 100644 --- a/http/exposed-panels/superset-login.yaml +++ b/http/exposed-panels/superset-login.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: apache product: superset shodan-query: http.favicon.hash:1582430156 + vendor: apache + verified: true tags: panel,superset,apache http: diff --git a/http/exposed-panels/syfadis-xperience-panel.yaml b/http/exposed-panels/syfadis-xperience-panel.yaml index e27135cd65..73548e6a05 100644 --- a/http/exposed-panels/syfadis-xperience-panel.yaml +++ b/http/exposed-panels/syfadis-xperience-panel.yaml @@ -9,8 +9,8 @@ info: reference: - https://syfadis.fr/xperience metadata: - verified: true max-request: 1 + verified: true fofa-query: title="Syfadis Xperience" tags: panel,syfadis,login,detect diff --git a/http/exposed-panels/symantec/symantec-dlp-login.yaml b/http/exposed-panels/symantec/symantec-dlp-login.yaml index 3c031226c6..5e776a1ed4 100644 --- a/http/exposed-panels/symantec/symantec-dlp-login.yaml +++ b/http/exposed-panels/symantec/symantec-dlp-login.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:symantec:data_loss_prevention:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: symantec product: data_loss_prevention shodan-query: http.title:"Symantec Data Loss Prevention" + vendor: symantec tags: symantec,panel,login http: diff --git a/http/exposed-panels/symantec/symantec-epm-login.yaml b/http/exposed-panels/symantec/symantec-epm-login.yaml index e2c3651eaa..2ed08495fb 100644 --- a/http/exposed-panels/symantec/symantec-epm-login.yaml +++ b/http/exposed-panels/symantec/symantec-epm-login.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:symantec:endpoint_protection_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: symantec product: endpoint_protection_manager shodan-query: http.title:"Symantec Endpoint Protection Manager" + vendor: symantec tags: symantec,panel,login http: diff --git a/http/exposed-panels/symantec/symantec-iam-console.yaml b/http/exposed-panels/symantec/symantec-iam-console.yaml index d0cb476885..7822e0add0 100644 --- a/http/exposed-panels/symantec/symantec-iam-console.yaml +++ b/http/exposed-panels/symantec/symantec-iam-console.yaml @@ -12,8 +12,8 @@ info: cpe: cpe:2.3:a:broadcom:symantec_identity_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: broadcom product: symantec_identity_manager + vendor: broadcom tags: symantec,panel,login,broadcom http: diff --git a/http/exposed-panels/symantec/symantec-phishing-panel.yaml b/http/exposed-panels/symantec/symantec-phishing-panel.yaml index bffeceec99..e44ddbe9e8 100644 --- a/http/exposed-panels/symantec/symantec-phishing-panel.yaml +++ b/http/exposed-panels/symantec/symantec-phishing-panel.yaml @@ -8,8 +8,8 @@ info: reference: - https://www.broadcom.com/products/cybersecurity/email/phishing-readiness metadata: - verified: true max-request: 1 + verified: true tags: symantec,panel,login self-contained: true diff --git a/http/exposed-panels/synapse-mobility-panel.yaml b/http/exposed-panels/synapse-mobility-panel.yaml index 384c0716d7..7ce79d6d9c 100644 --- a/http/exposed-panels/synapse-mobility-panel.yaml +++ b/http/exposed-panels/synapse-mobility-panel.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + google-query: intitle:"Synapse Mobility Login" max-request: 1 shodan-query: http.title:"Synapse Mobility Login" - google-query: intitle:"Synapse Mobility Login" tags: panel,synapse http: diff --git a/http/exposed-panels/syncserver-panel.yaml b/http/exposed-panels/syncserver-panel.yaml index e00739a15d..9fc266e421 100644 --- a/http/exposed-panels/syncserver-panel.yaml +++ b/http/exposed-panels/syncserver-panel.yaml @@ -7,11 +7,11 @@ info: classification: cpe: cpe:2.3:o:microchip:syncserver_s650_firmware:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: microchip product: syncserver_s650_firmware shodan-query: html:"Symmetricom SyncServer" + vendor: microchip + verified: true tags: panel,login,syncserver,symmetricom,detect,microchip http: diff --git a/http/exposed-panels/syncthru-web-service.yaml b/http/exposed-panels/syncthru-web-service.yaml index 5b3165ffbe..8382af16ef 100644 --- a/http/exposed-panels/syncthru-web-service.yaml +++ b/http/exposed-panels/syncthru-web-service.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:samsung:syncthru_web_service:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: samsung product: syncthru_web_service shodan-query: title:"SyncThru Web Service" + vendor: samsung + verified: true tags: edb,panel,syncthru,printer,samsung http: diff --git a/http/exposed-panels/synopsys-coverity-panel.yaml b/http/exposed-panels/synopsys-coverity-panel.yaml index d9bb29f460..331d4f798c 100644 --- a/http/exposed-panels/synopsys-coverity-panel.yaml +++ b/http/exposed-panels/synopsys-coverity-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.synopsys.com/software-integrity/security-testing/static-analysis-sast.html metadata: - verified: true max-request: 1 shodan-query: http.title:"Coverity" + verified: true tags: panel,coverity,synopsys http: diff --git a/http/exposed-panels/sysaid-panel.yaml b/http/exposed-panels/sysaid-panel.yaml index 634404ef85..45ad7655f5 100644 --- a/http/exposed-panels/sysaid-panel.yaml +++ b/http/exposed-panels/sysaid-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:sysaid:sysaid:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: sysaid product: sysaid + vendor: sysaid tags: panel,sysaid,helpdesk http: diff --git a/http/exposed-panels/tableau-panel.yaml b/http/exposed-panels/tableau-panel.yaml index 73eca8c3a3..fa81861354 100644 --- a/http/exposed-panels/tableau-panel.yaml +++ b/http/exposed-panels/tableau-panel.yaml @@ -9,8 +9,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - max-request: 1 fofa-query: app="Tableau-Python-Server" + max-request: 1 tags: tableau,panel,python http: diff --git a/http/exposed-panels/tableau-service-manager.yaml b/http/exposed-panels/tableau-service-manager.yaml index 36cbb9fc6d..7eb5e798e8 100644 --- a/http/exposed-panels/tableau-service-manager.yaml +++ b/http/exposed-panels/tableau-service-manager.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:tableausoftware:tableau_server:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: tableausoftware product: tableau_server shodan-query: title:"Login - Tableau Services Manager" + vendor: tableausoftware + verified: true tags: panel,tableau,tableausoftware http: diff --git a/http/exposed-panels/tailon-panel.yaml b/http/exposed-panels/tailon-panel.yaml index fd8c25ed44..b3af4de5be 100644 --- a/http/exposed-panels/tailon-panel.yaml +++ b/http/exposed-panels/tailon-panel.yaml @@ -7,9 +7,9 @@ info: reference: - https://github.com/gvalkov/tailon metadata: - verified: true max-request: 1 shodan-query: title:"tailon" + verified: true tags: panel,tailon,detect http: diff --git a/http/exposed-panels/tautulli-panel.yaml b/http/exposed-panels/tautulli-panel.yaml index 972210995c..e4675fdf12 100644 --- a/http/exposed-panels/tautulli-panel.yaml +++ b/http/exposed-panels/tautulli-panel.yaml @@ -12,11 +12,11 @@ info: classification: cpe: cpe:2.3:a:tautulli:tautulli:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: tautulli product: tautulli shodan-query: title:"TAUTULLI" + vendor: tautulli + verified: true tags: panel,tautulli,detect http: diff --git a/http/exposed-panels/teamcity-login-panel.yaml b/http/exposed-panels/teamcity-login-panel.yaml index d67e243945..44727bf827 100644 --- a/http/exposed-panels/teamcity-login-panel.yaml +++ b/http/exposed-panels/teamcity-login-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: jetbrains product: teamcity shodan-query: http.component:"TeamCity" + vendor: jetbrains + verified: true tags: panel,teamcity,jetbrains,detect http: diff --git a/http/exposed-panels/teampass-panel.yaml b/http/exposed-panels/teampass-panel.yaml index 8869b73c29..1a252bd95c 100644 --- a/http/exposed-panels/teampass-panel.yaml +++ b/http/exposed-panels/teampass-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:teampass:teampass:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: teampass product: teampass shodan-query: http.html:"teampass" + vendor: teampass + verified: true tags: panel,teampass http: diff --git a/http/exposed-panels/tekton-dashboard.yaml b/http/exposed-panels/tekton-dashboard.yaml index b7b4c178ec..680c76f60e 100644 --- a/http/exposed-panels/tekton-dashboard.yaml +++ b/http/exposed-panels/tekton-dashboard.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Tekton" + verified: true tags: panel,tekton,exposure http: diff --git a/http/exposed-panels/telerik-server-login.yaml b/http/exposed-panels/telerik-server-login.yaml index 8bb8ba7907..7c9413b9e6 100644 --- a/http/exposed-panels/telerik-server-login.yaml +++ b/http/exposed-panels/telerik-server-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.html:"Telerik Report Server" + verified: true tags: telerik,panel http: diff --git a/http/exposed-panels/telesquare/tlr-2005ksh-login.yaml b/http/exposed-panels/telesquare/tlr-2005ksh-login.yaml index d2e6a2b9d3..e95227938e 100644 --- a/http/exposed-panels/telesquare/tlr-2005ksh-login.yaml +++ b/http/exposed-panels/telesquare/tlr-2005ksh-login.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:o:telesquare:tlr-2005ksh_firmware:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: telesquare product: tlr-2005ksh_firmware shodan-query: http.html:"TLR-2005KSH" + vendor: telesquare + verified: true tags: panel,router,telesquare http: diff --git a/http/exposed-panels/teltonika-login.yaml b/http/exposed-panels/teltonika-login.yaml index 6726e04a7c..8915768bb9 100644 --- a/http/exposed-panels/teltonika-login.yaml +++ b/http/exposed-panels/teltonika-login.yaml @@ -12,8 +12,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - max-request: 1 google-query: intitle:"Teltonika -Web UI" | intitle:"Teltonika-RUT -Web UI" inurl:"/cgi-bin/luci" + max-request: 1 tags: panel,teltonika,edb http: diff --git a/http/exposed-panels/tembosocial-panel.yaml b/http/exposed-panels/tembosocial-panel.yaml index 305d96579b..b955157ccf 100644 --- a/http/exposed-panels/tembosocial-panel.yaml +++ b/http/exposed-panels/tembosocial-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"TemboSocial Administration" + verified: true tags: panel,tembosocial http: diff --git a/http/exposed-panels/temenos-t24-login.yaml b/http/exposed-panels/temenos-t24-login.yaml index 905f82b44d..3c17e17f50 100644 --- a/http/exposed-panels/temenos-t24-login.yaml +++ b/http/exposed-panels/temenos-t24-login.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"t24 sign in" + verified: true tags: panel,exposure,temenos http: diff --git a/http/exposed-panels/tenda-11n-wireless-router-login.yaml b/http/exposed-panels/tenda-11n-wireless-router-login.yaml index 46cabbe02b..d895127329 100644 --- a/http/exposed-panels/tenda-11n-wireless-router-login.yaml +++ b/http/exposed-panels/tenda-11n-wireless-router-login.yaml @@ -12,9 +12,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-668 metadata: + google-query: intitle:"Tenda 11N Wireless Router Login Screen" max-request: 1 shodan-query: http.title:"Tenda 11N Wireless Router Login Screen" - google-query: intitle:"Tenda 11N Wireless Router Login Screen" tags: panel,tenda http: diff --git a/http/exposed-panels/tenda-web-master.yaml b/http/exposed-panels/tenda-web-master.yaml index 625c826a59..42ecfaeb71 100644 --- a/http/exposed-panels/tenda-web-master.yaml +++ b/http/exposed-panels/tenda-web-master.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Tenda Web Master" + verified: true tags: panel,tenda,router http: diff --git a/http/exposed-panels/teradek-panel.yaml b/http/exposed-panels/teradek-panel.yaml index 401127fe24..59bea7e246 100644 --- a/http/exposed-panels/teradek-panel.yaml +++ b/http/exposed-panels/teradek-panel.yaml @@ -7,9 +7,9 @@ info: reference: - https://www.facebook.com/photo/?fbid=612496907587499&set=a.467014098802448 metadata: - verified: true max-request: 1 shodan-query: title:"Teradek Cube Administrative Console" + verified: true tags: panel,login,teradek http: diff --git a/http/exposed-panels/teradici-pcoip-panel.yaml b/http/exposed-panels/teradici-pcoip-panel.yaml index 8ac72f1488..80579ba619 100644 --- a/http/exposed-panels/teradici-pcoip-panel.yaml +++ b/http/exposed-panels/teradici-pcoip-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:teradici:pcoip_client:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: teradici product: pcoip_client + vendor: teradici tags: panel,teradici,pcoip http: diff --git a/http/exposed-panels/terraform-enterprise-panel.yaml b/http/exposed-panels/terraform-enterprise-panel.yaml index 6071cd8325..13b861163b 100644 --- a/http/exposed-panels/terraform-enterprise-panel.yaml +++ b/http/exposed-panels/terraform-enterprise-panel.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:hashicorp:terraform:*:*:*:*:-:*:*:* metadata: + google-query: intitle:"Terraform Enterprise" max-request: 1 - vendor: hashicorp product: terraform shodan-query: title:"Terraform Enterprise" - google-query: intitle:"Terraform Enterprise" + vendor: hashicorp tags: panel,terraform,hashicorp http: diff --git a/http/exposed-panels/thinfinity-virtualui-panel.yaml b/http/exposed-panels/thinfinity-virtualui-panel.yaml index 25304bcb87..f1de282af3 100644 --- a/http/exposed-panels/thinfinity-virtualui-panel.yaml +++ b/http/exposed-panels/thinfinity-virtualui-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:cybelesoft:thinfinity_virtualui:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: cybelesoft product: thinfinity_virtualui shodan-query: http.title:"Thinfinity VirtualUI" + vendor: cybelesoft tags: panel,thinfinity,virtualui,cybelesoft http: diff --git a/http/exposed-panels/thruk-login.yaml b/http/exposed-panels/thruk-login.yaml index 033038b285..8d1e82a9e6 100644 --- a/http/exposed-panels/thruk-login.yaml +++ b/http/exposed-panels/thruk-login.yaml @@ -10,10 +10,10 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:thruk:thruk:*:*:*:*:*:*:*:* metadata: - max-request: 1 - vendor: thruk - product: thruk fofa-query: title=="Thruk Monitoring Webinterface" + max-request: 1 + product: thruk + vendor: thruk tags: thruk,panel http: diff --git a/http/exposed-panels/tigase-xmpp-server.yaml b/http/exposed-panels/tigase-xmpp-server.yaml index 31a75a8139..505fcfd416 100644 --- a/http/exposed-panels/tigase-xmpp-server.yaml +++ b/http/exposed-panels/tigase-xmpp-server.yaml @@ -7,9 +7,9 @@ info: reference: - https://www.facebook.com/photo/?fbid=617926933711163&set=a.467014098802448 metadata: - verified: true max-request: 1 shodan-query: title:"Tigase XMPP Server" + verified: true tags: tigase,xmpp,server,panel,exposure http: diff --git a/http/exposed-panels/tikiwiki-cms.yaml b/http/exposed-panels/tikiwiki-cms.yaml index 5a34a54fa9..13eedadfc6 100644 --- a/http/exposed-panels/tikiwiki-cms.yaml +++ b/http/exposed-panels/tikiwiki-cms.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:tiki:tikiwiki_cms\/groupware:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: tiki product: tikiwiki_cms\/groupware + vendor: tiki tags: panel,tikiwiki,tiki http: diff --git a/http/exposed-panels/tiny-file-manager.yaml b/http/exposed-panels/tiny-file-manager.yaml index b13e2134ff..cfcfdb2657 100644 --- a/http/exposed-panels/tiny-file-manager.yaml +++ b/http/exposed-panels/tiny-file-manager.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Tiny File Manager" + verified: true zoomeye-query: app:"Tiny File Manager" tags: panel,filemanager,login,detect diff --git a/http/exposed-panels/tomcat/tomcat-exposed-docs.yaml b/http/exposed-panels/tomcat/tomcat-exposed-docs.yaml index 40abcd450a..d25af98bf6 100644 --- a/http/exposed-panels/tomcat/tomcat-exposed-docs.yaml +++ b/http/exposed-panels/tomcat/tomcat-exposed-docs.yaml @@ -8,9 +8,9 @@ info: cpe: cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: apache product: tomcat shodan-query: title:"Apache Tomcat" + vendor: apache tags: version,tomcat,docs,panel,apache http: diff --git a/http/exposed-panels/tooljet-panel.yaml b/http/exposed-panels/tooljet-panel.yaml index fe014b06f3..2a6cb9cf4e 100644 --- a/http/exposed-panels/tooljet-panel.yaml +++ b/http/exposed-panels/tooljet-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: title:"ToolJet - Dashboard" + verified: true tags: panel,tooljet http: diff --git a/http/exposed-panels/total-web-solutions-panel.yaml b/http/exposed-panels/total-web-solutions-panel.yaml index 393436e1ba..f8c260812e 100644 --- a/http/exposed-panels/total-web-solutions-panel.yaml +++ b/http/exposed-panels/total-web-solutions-panel.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true - max-request: 1 google-query: intitle:"Total Web Solutions" + "Meter Name" + max-request: 1 + verified: true tags: panel,edb http: diff --git a/http/exposed-panels/totemomail-panel.yaml b/http/exposed-panels/totemomail-panel.yaml index 5f7a232ff8..d673843c0c 100644 --- a/http/exposed-panels/totemomail-panel.yaml +++ b/http/exposed-panels/totemomail-panel.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:totemo:totemomail:*:*:*:*:*:*:*:* metadata: - verified: true - max-request: 2 - vendor: totemo - product: totemomail google-query: intext:"totemomail" inurl:responsiveUI + max-request: 2 + product: totemomail + vendor: totemo + verified: true tags: totemomail,panel,totemo http: diff --git a/http/exposed-panels/tracer-sc-login.yaml b/http/exposed-panels/tracer-sc-login.yaml index 2e6dd23eb3..47875d98b1 100644 --- a/http/exposed-panels/tracer-sc-login.yaml +++ b/http/exposed-panels/tracer-sc-login.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:h:trane:tracer_sc:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: trane product: tracer_sc + vendor: trane tags: tracer,trane,iot,panel,login http: diff --git a/http/exposed-panels/traefik-dashboard.yaml b/http/exposed-panels/traefik-dashboard.yaml index aae75e7c59..3d62bfb352 100644 --- a/http/exposed-panels/traefik-dashboard.yaml +++ b/http/exposed-panels/traefik-dashboard.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: traefik product: traefik shodan-query: http.title:"traefik" + vendor: traefik + verified: true tags: panel,traefik http: diff --git a/http/exposed-panels/trendnet/trendnet-tew827dru-login.yaml b/http/exposed-panels/trendnet/trendnet-tew827dru-login.yaml index e76d6e4df9..b6bbb15c16 100644 --- a/http/exposed-panels/trendnet/trendnet-tew827dru-login.yaml +++ b/http/exposed-panels/trendnet/trendnet-tew827dru-login.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:o:trendnet:tew-827dru_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: trendnet product: tew-827dru_firmware shodan-query: http.html:"TEW-827DRU" + vendor: trendnet tags: panel,router,trendnet http: diff --git a/http/exposed-panels/truenas-scale-panel.yaml b/http/exposed-panels/truenas-scale-panel.yaml index dc905aa1f5..5c1cd79e52 100644 --- a/http/exposed-panels/truenas-scale-panel.yaml +++ b/http/exposed-panels/truenas-scale-panel.yaml @@ -11,11 +11,11 @@ info: classification: cpe: cpe:2.3:h:ixsystems:truenas:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: ixsystems product: truenas shodan-query: html:"TrueNAS" + vendor: ixsystems + verified: true tags: login,panel,truenas,ixsystems http: diff --git a/http/exposed-panels/tufin-securetrack-login.yaml b/http/exposed-panels/tufin-securetrack-login.yaml index 720ded74e4..115bb433e3 100644 --- a/http/exposed-panels/tufin-securetrack-login.yaml +++ b/http/exposed-panels/tufin-securetrack-login.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:tufin:securetrack:*:*:*:*:*:*:*:* metadata: + google-query: intitle:"SecureTrack - Tufin Technologies" max-request: 1 - vendor: tufin product: securetrack shodan-query: http.title:"SecureTrack - Tufin Technologies" - google-query: intitle:"SecureTrack - Tufin Technologies" + vendor: tufin tags: panel,tufin http: diff --git a/http/exposed-panels/tup-openframe.yaml b/http/exposed-panels/tup-openframe.yaml index 25cdb143b4..7330750ff1 100644 --- a/http/exposed-panels/tup-openframe.yaml +++ b/http/exposed-panels/tup-openframe.yaml @@ -7,9 +7,9 @@ info: reference: - https://www.facebook.com/photo/?fbid=642772827893240&set=a.467014098802448 metadata: - verified: true max-request: 1 shodan-query: http.favicon.hash:824580113 + verified: true tags: exposure,login,tup,openframe,panel http: diff --git a/http/exposed-panels/turnkey-openvpn.yaml b/http/exposed-panels/turnkey-openvpn.yaml index ba2f70bafa..7941d801ea 100644 --- a/http/exposed-panels/turnkey-openvpn.yaml +++ b/http/exposed-panels/turnkey-openvpn.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"TurnKey OpenVPN" + verified: true tags: panel,openvpn,turnkey,webshell,vpn http: diff --git a/http/exposed-panels/typo3-login.yaml b/http/exposed-panels/typo3-login.yaml index 6ecc8698cc..e15c90b43c 100644 --- a/http/exposed-panels/typo3-login.yaml +++ b/http/exposed-panels/typo3-login.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: typo3 product: typo3 + vendor: typo3 tags: panel,typo3 http: diff --git a/http/exposed-panels/umbraco-login.yaml b/http/exposed-panels/umbraco-login.yaml index 3c6bd1e345..037fce3221 100644 --- a/http/exposed-panels/umbraco-login.yaml +++ b/http/exposed-panels/umbraco-login.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:umbraco:umbraco_cms:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: umbraco product: umbraco_cms shodan-query: http.title:"Umbraco" + vendor: umbraco + verified: true tags: panel,umbraco,detect http: diff --git a/http/exposed-panels/unauth-xproxy-dashboard.yaml b/http/exposed-panels/unauth-xproxy-dashboard.yaml index 864c2b5ac1..8660d2645e 100644 --- a/http/exposed-panels/unauth-xproxy-dashboard.yaml +++ b/http/exposed-panels/unauth-xproxy-dashboard.yaml @@ -9,8 +9,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - max-request: 1 fofa-query: X-Proxy Dashboard + max-request: 1 tags: xproxy,panel http: diff --git a/http/exposed-panels/unauth/tautulli-unauth.yaml b/http/exposed-panels/unauth/tautulli-unauth.yaml index 7c7432b9ec..2bc6ad3aa1 100644 --- a/http/exposed-panels/unauth/tautulli-unauth.yaml +++ b/http/exposed-panels/unauth/tautulli-unauth.yaml @@ -7,11 +7,11 @@ info: classification: cpe: cpe:2.3:a:tautulli:tautulli:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: tautulli product: tautulli shodan-query: title:"Tautulli - Home" + vendor: tautulli + verified: true tags: panel,misconfig,tautulli,unauth,exposure http: diff --git a/http/exposed-panels/unibox-panel.yaml b/http/exposed-panels/unibox-panel.yaml index 6dcfc42d98..28b87df8d2 100644 --- a/http/exposed-panels/unibox-panel.yaml +++ b/http/exposed-panels/unibox-panel.yaml @@ -6,9 +6,9 @@ info: severity: info description: Unibox Administrator panel was detected. metadata: - verified: true max-request: 1 shodan-query: http.favicon.hash:176427349 + verified: true tags: panel,unibox,login http: diff --git a/http/exposed-panels/untangle-admin-login.yaml b/http/exposed-panels/untangle-admin-login.yaml index 8aafe1973e..5adb744943 100644 --- a/http/exposed-panels/untangle-admin-login.yaml +++ b/http/exposed-panels/untangle-admin-login.yaml @@ -13,11 +13,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:untangle:ng_firewall:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: untangle product: ng_firewall shodan-query: title:"Untangle Administrator Login" + vendor: untangle + verified: true tags: panel,untangle,admin,login http: diff --git a/http/exposed-panels/uptime-kuma-panel.yaml b/http/exposed-panels/uptime-kuma-panel.yaml index a1f85444df..2dd78c7795 100644 --- a/http/exposed-panels/uptime-kuma-panel.yaml +++ b/http/exposed-panels/uptime-kuma-panel.yaml @@ -10,9 +10,9 @@ info: - https://github.com/louislam/uptime-kuma - https://uptime.kuma.pet/docs/ metadata: - verified: true max-request: 1 shodan-query: title:"Uptime Kuma" + verified: true tags: uptime,kuma,panel,login http: diff --git a/http/exposed-panels/v2924-admin-panel.yaml b/http/exposed-panels/v2924-admin-panel.yaml index a83409ca37..23573436a5 100644 --- a/http/exposed-panels/v2924-admin-panel.yaml +++ b/http/exposed-panels/v2924-admin-panel.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"V2924" + verified: true tags: panel,v2924 http: diff --git a/http/exposed-panels/vault-panel.yaml b/http/exposed-panels/vault-panel.yaml index 16d771a5c7..4d8a4a720a 100644 --- a/http/exposed-panels/vault-panel.yaml +++ b/http/exposed-panels/vault-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:hashicorp:vault:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: hashicorp product: vault shodan-query: http.favicon.hash:-919788577 + vendor: hashicorp + verified: true tags: panel,vault,detect,hashicorp http: diff --git a/http/exposed-panels/veeam-backup-gcp.yaml b/http/exposed-panels/veeam-backup-gcp.yaml index ed8181530b..ecbe9297f7 100644 --- a/http/exposed-panels/veeam-backup-gcp.yaml +++ b/http/exposed-panels/veeam-backup-gcp.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Veeam Backup for GCP" + verified: true tags: panel,google,cloud http: diff --git a/http/exposed-panels/veeam-panel.yaml b/http/exposed-panels/veeam-panel.yaml index d67c679e9b..2be348916d 100644 --- a/http/exposed-panels/veeam-panel.yaml +++ b/http/exposed-panels/veeam-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:veeam:one_reporter:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: veeam product: one_reporter shodan-query: http.favicon.hash:-633512412 + vendor: veeam + verified: true tags: panel,veeam http: diff --git a/http/exposed-panels/veriz0wn-osint.yaml b/http/exposed-panels/veriz0wn-osint.yaml index fd7add9056..c2c97ed9c6 100644 --- a/http/exposed-panels/veriz0wn-osint.yaml +++ b/http/exposed-panels/veriz0wn-osint.yaml @@ -5,9 +5,9 @@ info: author: pussycat0x severity: info metadata: - verified: true max-request: 1 shodan-query: title:"Veriz0wn" + verified: true tags: veriz0wn,panel http: diff --git a/http/exposed-panels/verizon-router-panel.yaml b/http/exposed-panels/verizon-router-panel.yaml index e0765fcc8a..2ffeeb60b4 100644 --- a/http/exposed-panels/verizon-router-panel.yaml +++ b/http/exposed-panels/verizon-router-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"Verizon Router" + verified: true tags: panel,verizon,router http: diff --git a/http/exposed-panels/versa/versa-director-login.yaml b/http/exposed-panels/versa/versa-director-login.yaml index b716d40fa7..989694d0c6 100644 --- a/http/exposed-panels/versa/versa-director-login.yaml +++ b/http/exposed-panels/versa/versa-director-login.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"VERSA DIRECTOR Login" + verified: true tags: panel,versa,director http: diff --git a/http/exposed-panels/versa/versa-flexvnf-panel.yaml b/http/exposed-panels/versa/versa-flexvnf-panel.yaml index 2b44843199..a95bc6df9d 100644 --- a/http/exposed-panels/versa/versa-flexvnf-panel.yaml +++ b/http/exposed-panels/versa/versa-flexvnf-panel.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"Flex VNF Web-UI" + verified: true tags: panel,versa,flexvnf http: diff --git a/http/exposed-panels/vertex-tax-panel.yaml b/http/exposed-panels/vertex-tax-panel.yaml index e91b894b22..eea0f2e2f1 100644 --- a/http/exposed-panels/vertex-tax-panel.yaml +++ b/http/exposed-panels/vertex-tax-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.html:"Vertex Tax Installer" + verified: true tags: panel,vertex http: diff --git a/http/exposed-panels/vinchin-panel.yaml b/http/exposed-panels/vinchin-panel.yaml index a091bb3702..d5795960f6 100644 --- a/http/exposed-panels/vinchin-panel.yaml +++ b/http/exposed-panels/vinchin-panel.yaml @@ -8,9 +8,9 @@ info: classification: cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: html:"VinChin" + verified: true tags: panel,vinchin,login http: diff --git a/http/exposed-panels/virtua-software-panel.yaml b/http/exposed-panels/virtua-software-panel.yaml index 1705a3b52a..d0dccf0088 100644 --- a/http/exposed-panels/virtua-software-panel.yaml +++ b/http/exposed-panels/virtua-software-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:virtuasoftware:cobranca:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: virtuasoftware product: cobranca shodan-query: http.favicon.hash:876876147 + vendor: virtuasoftware + verified: true tags: panel,virtua,virtuasoftware http: diff --git a/http/exposed-panels/vistaweb-panel.yaml b/http/exposed-panels/vistaweb-panel.yaml index 690b2c7d70..65da46c490 100644 --- a/http/exposed-panels/vistaweb-panel.yaml +++ b/http/exposed-panels/vistaweb-panel.yaml @@ -9,8 +9,8 @@ info: reference: - https://resa.aero/solutions-operations-facturation/vista-web/ metadata: - verified: true max-request: 1 + verified: true tags: panel,vistaweb,login http: diff --git a/http/exposed-panels/vmware-carbon-black-edr.yaml b/http/exposed-panels/vmware-carbon-black-edr.yaml index fbb41ec828..e20de1d02c 100644 --- a/http/exposed-panels/vmware-carbon-black-edr.yaml +++ b/http/exposed-panels/vmware-carbon-black-edr.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"VMware Carbon Black EDR" + verified: true tags: panel,vmware http: diff --git a/http/exposed-panels/vmware-cloud-availability.yaml b/http/exposed-panels/vmware-cloud-availability.yaml index 115145e512..353f696c58 100644 --- a/http/exposed-panels/vmware-cloud-availability.yaml +++ b/http/exposed-panels/vmware-cloud-availability.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"VMware Cloud Director Availability" + verified: true tags: panel,vmware http: diff --git a/http/exposed-panels/vmware-cloud-director.yaml b/http/exposed-panels/vmware-cloud-director.yaml index 8c7d18bd93..1380db447f 100644 --- a/http/exposed-panels/vmware-cloud-director.yaml +++ b/http/exposed-panels/vmware-cloud-director.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:vmware:cloud_director:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: vmware product: cloud_director shodan-query: title:"Welcome to VMware Cloud Director" + vendor: vmware + verified: true tags: panel,vmware http: diff --git a/http/exposed-panels/vmware-ftp-server.yaml b/http/exposed-panels/vmware-ftp-server.yaml index b3f7a7ec66..05864f2e07 100644 --- a/http/exposed-panels/vmware-ftp-server.yaml +++ b/http/exposed-panels/vmware-ftp-server.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"VMWARE FTP SERVER" + verified: true tags: panel,vmware,ftp http: diff --git a/http/exposed-panels/vmware-hcx-login.yaml b/http/exposed-panels/vmware-hcx-login.yaml index cf2b2eaa84..a9389f2959 100644 --- a/http/exposed-panels/vmware-hcx-login.yaml +++ b/http/exposed-panels/vmware-hcx-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"VMware HCX" + verified: true tags: panel,vmware http: diff --git a/http/exposed-panels/vmware-horizon-daas.yaml b/http/exposed-panels/vmware-horizon-daas.yaml index b9d07168e2..86a67e6f07 100644 --- a/http/exposed-panels/vmware-horizon-daas.yaml +++ b/http/exposed-panels/vmware-horizon-daas.yaml @@ -7,11 +7,11 @@ info: classification: cpe: cpe:2.3:a:vmware:horizon_daas:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: vmware product: horizon_daas shodan-query: title:"Horizon DaaS" + vendor: vmware + verified: true tags: panel,vmware http: diff --git a/http/exposed-panels/vmware-horizon-panel.yaml b/http/exposed-panels/vmware-horizon-panel.yaml index 0c80378c36..43517b6cfc 100644 --- a/http/exposed-panels/vmware-horizon-panel.yaml +++ b/http/exposed-panels/vmware-horizon-panel.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:vmware:horizon:*:*:*:*:macos:*:*:* metadata: max-request: 2 - vendor: vmware product: horizon + vendor: vmware tags: horizon,vmware,edb,panel http: diff --git a/http/exposed-panels/vmware-nsx-login.yaml b/http/exposed-panels/vmware-nsx-login.yaml index 0ee1e6ed9e..064c28594d 100644 --- a/http/exposed-panels/vmware-nsx-login.yaml +++ b/http/exposed-panels/vmware-nsx-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: html:"vmw_nsx_logo-black-triangle-500w.png" + verified: true tags: panel,vmware http: diff --git a/http/exposed-panels/vmware-vcenter-converter-standalone.yaml b/http/exposed-panels/vmware-vcenter-converter-standalone.yaml index 3499166e8e..0827631225 100644 --- a/http/exposed-panels/vmware-vcenter-converter-standalone.yaml +++ b/http/exposed-panels/vmware-vcenter-converter-standalone.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:vmware:vcenter_converter_standalone:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: vmware product: vcenter_converter_standalone shodan-query: title:"VMware vCenter Converter Standalone" + vendor: vmware + verified: true tags: panel,vmware,vcenter http: diff --git a/http/exposed-panels/vmware-vcloud-director.yaml b/http/exposed-panels/vmware-vcloud-director.yaml index a9320e2511..364fb6d974 100644 --- a/http/exposed-panels/vmware-vcloud-director.yaml +++ b/http/exposed-panels/vmware-vcloud-director.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:vmware:vcloud_director:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: vmware product: vcloud_director shodan-query: title:"VMware vCloud Director" + vendor: vmware + verified: true tags: panel,vmware,vcloud http: diff --git a/http/exposed-panels/vodafone-voxui-panel.yaml b/http/exposed-panels/vodafone-voxui-panel.yaml index 3728e9b836..2f354b7a3d 100644 --- a/http/exposed-panels/vodafone-voxui-panel.yaml +++ b/http/exposed-panels/vodafone-voxui-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Vodafone Vox UI" + verified: true tags: panel,vodafone http: diff --git a/http/exposed-panels/voipmonitor-panel.yaml b/http/exposed-panels/voipmonitor-panel.yaml index 848816d5ff..7fb69c1226 100644 --- a/http/exposed-panels/voipmonitor-panel.yaml +++ b/http/exposed-panels/voipmonitor-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:voipmonitor:voipmonitor:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: voipmonitor product: voipmonitor shodan-query: http.title:"VoIPmonitor" + vendor: voipmonitor tags: panel,voipmonitor,login http: diff --git a/http/exposed-panels/vrealize-loginsight-panel.yaml b/http/exposed-panels/vrealize-loginsight-panel.yaml index 6e0e6a0a64..ae74bdb53b 100644 --- a/http/exposed-panels/vrealize-loginsight-panel.yaml +++ b/http/exposed-panels/vrealize-loginsight-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:vmware:vrealize_log_insight:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: vmware product: vrealize_log_insight shodan-query: title:"vRealize Log insight" + vendor: vmware + verified: true tags: panel,vmware,vrealize http: diff --git a/http/exposed-panels/vue-pacs-panel.yaml b/http/exposed-panels/vue-pacs-panel.yaml index 78fb7e1dfa..c98e7e98cb 100644 --- a/http/exposed-panels/vue-pacs-panel.yaml +++ b/http/exposed-panels/vue-pacs-panel.yaml @@ -11,11 +11,11 @@ info: classification: cpe: cpe:2.3:a:philips:vue_pacs:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: philips product: vue_pacs shodan-query: http.title:"Vue PACS" + vendor: philips + verified: true tags: vue,pacs,panel,login,philips http: diff --git a/http/exposed-panels/wagtail-cms-detect.yaml b/http/exposed-panels/wagtail-cms-detect.yaml index 9478d4258c..f32b6c0a09 100644 --- a/http/exposed-panels/wagtail-cms-detect.yaml +++ b/http/exposed-panels/wagtail-cms-detect.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:torchbox:wagtail:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: torchbox product: wagtail shodan-query: title:"Wagtail - Sign in" + vendor: torchbox + verified: true tags: panel,wagtail,torchbox http: diff --git a/http/exposed-panels/wampserver-homepage.yaml b/http/exposed-panels/wampserver-homepage.yaml index 3be3a4dd14..c1bbcb0af7 100644 --- a/http/exposed-panels/wampserver-homepage.yaml +++ b/http/exposed-panels/wampserver-homepage.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"WAMPSERVER Homepage" + verified: true tags: panel,wampserver http: diff --git a/http/exposed-panels/watcher-panel.yaml b/http/exposed-panels/watcher-panel.yaml index 53c5f0de21..d5085c80e8 100644 --- a/http/exposed-panels/watcher-panel.yaml +++ b/http/exposed-panels/watcher-panel.yaml @@ -5,9 +5,9 @@ info: author: DhiyaneshDK severity: info metadata: - verified: true max-request: 1 shodan-query: html:"/vsaas/v2/static/" + verified: true tags: panel,watcher,login http: diff --git a/http/exposed-panels/watchguard-panel.yaml b/http/exposed-panels/watchguard-panel.yaml index 3f03d257fb..6f1524d200 100644 --- a/http/exposed-panels/watchguard-panel.yaml +++ b/http/exposed-panels/watchguard-panel.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:h:watchguard:firebox_t15:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: watchguard product: firebox_t15 + vendor: watchguard tags: watchguard,edb,panel http: diff --git a/http/exposed-panels/watershed-panel.yaml b/http/exposed-panels/watershed-panel.yaml index e8fcfb0f09..3fcac1718e 100644 --- a/http/exposed-panels/watershed-panel.yaml +++ b/http/exposed-panels/watershed-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"Watershed LRS" + verified: true tags: panel,watershed http: diff --git a/http/exposed-panels/wazuh-panel.yaml b/http/exposed-panels/wazuh-panel.yaml index ca997cde54..59e6fa9e21 100644 --- a/http/exposed-panels/wazuh-panel.yaml +++ b/http/exposed-panels/wazuh-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:wazuh:wazuh:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: wazuh product: wazuh shodan-query: http.title:"Wazuh" + vendor: wazuh tags: panel,wazuh,login http: diff --git a/http/exposed-panels/wd-mycloud-panel.yaml b/http/exposed-panels/wd-mycloud-panel.yaml index 67a48d0222..bb1df5c02f 100644 --- a/http/exposed-panels/wd-mycloud-panel.yaml +++ b/http/exposed-panels/wd-mycloud-panel.yaml @@ -9,11 +9,11 @@ info: classification: cpe: cpe:2.3:a:western_digital:mycloud_nas:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: western_digital product: mycloud_nas shodan-query: http.favicon.hash:-1074357885 + vendor: western_digital + verified: true tags: panel,login,mycloud,wd,detect,western_digital http: diff --git a/http/exposed-panels/web-file-manager.yaml b/http/exposed-panels/web-file-manager.yaml index 5cf66d7dfa..4a401c104e 100644 --- a/http/exposed-panels/web-file-manager.yaml +++ b/http/exposed-panels/web-file-manager.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Web File Manager" + verified: true tags: panel,filemanager http: diff --git a/http/exposed-panels/web-viewer-panel.yaml b/http/exposed-panels/web-viewer-panel.yaml index 81a67a9afa..969ddba294 100644 --- a/http/exposed-panels/web-viewer-panel.yaml +++ b/http/exposed-panels/web-viewer-panel.yaml @@ -7,11 +7,11 @@ info: classification: cpe: cpe:2.3:h:samsung:dvr:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: samsung product: dvr shodan-query: title:"Web Viewer for Samsung DVR" + vendor: samsung + verified: true tags: panel,web-viewer,detect,samsung http: diff --git a/http/exposed-panels/webcomco-panel.yaml b/http/exposed-panels/webcomco-panel.yaml index 053dd03adc..ee48997e5f 100644 --- a/http/exposed-panels/webcomco-panel.yaml +++ b/http/exposed-panels/webcomco-panel.yaml @@ -7,9 +7,9 @@ info: reference: - https://www.facebook.com/photo/?fbid=626548889515634&set=a.467014098802448 metadata: - verified: true max-request: 1 shodan-query: title:"WebcomCo" + verified: true tags: panel,webcomco,login http: diff --git a/http/exposed-panels/webeditors-check-detect.yaml b/http/exposed-panels/webeditors-check-detect.yaml index 967cf71344..3d3fe5e3cd 100644 --- a/http/exposed-panels/webeditors-check-detect.yaml +++ b/http/exposed-panels/webeditors-check-detect.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:ckeditor:ckeditor:*:*:*:*:drupal:*:*:* metadata: max-request: 17 - vendor: ckeditor product: ckeditor + vendor: ckeditor tags: panel,webeditors,ckeditor http: diff --git a/http/exposed-panels/weblogic-login.yaml b/http/exposed-panels/weblogic-login.yaml index 3c7655bbd8..2b8df9e0ec 100644 --- a/http/exposed-panels/weblogic-login.yaml +++ b/http/exposed-panels/weblogic-login.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:oracle:weblogic_server:*:*:*:*:-:*:*:* metadata: max-request: 1 - vendor: oracle product: weblogic_server shodan-query: product:"Oracle Weblogic" + vendor: oracle tags: panel,oracle,weblogic,login http: diff --git a/http/exposed-panels/weblogic-uddiexplorer.yaml b/http/exposed-panels/weblogic-uddiexplorer.yaml index e4f9f12296..aff2439bc0 100644 --- a/http/exposed-panels/weblogic-uddiexplorer.yaml +++ b/http/exposed-panels/weblogic-uddiexplorer.yaml @@ -14,8 +14,8 @@ info: cpe: cpe:2.3:a:oracle:weblogic_server:*:*:*:*:-:*:*:* metadata: max-request: 1 - vendor: oracle product: weblogic_server + vendor: oracle tags: panel,oracle,weblogic,tenable http: diff --git a/http/exposed-panels/webmin-panel.yaml b/http/exposed-panels/webmin-panel.yaml index 6404245dd7..404fc08ef9 100644 --- a/http/exposed-panels/webmin-panel.yaml +++ b/http/exposed-panels/webmin-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:webmin:webmin:*:*:*:*:*:*:*:* metadata: max-request: 2 - vendor: webmin product: webmin + vendor: webmin tags: panel,webmin http: diff --git a/http/exposed-panels/webmodule-ee-panel.yaml b/http/exposed-panels/webmodule-ee-panel.yaml index 80448adae9..0ac4f553f3 100644 --- a/http/exposed-panels/webmodule-ee-panel.yaml +++ b/http/exposed-panels/webmodule-ee-panel.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + google-query: intitle:"Webmodule" inurl:"/webmodule-ee/login.seam" "Version" max-request: 1 shodan-query: title:"Webmodule" - google-query: intitle:"Webmodule" inurl:"/webmodule-ee/login.seam" "Version" tags: edb,panel,webmodule-ee,login http: diff --git a/http/exposed-panels/webroot-login.yaml b/http/exposed-panels/webroot-login.yaml index da2df0bf92..0ed2988957 100644 --- a/http/exposed-panels/webroot-login.yaml +++ b/http/exposed-panels/webroot-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"Webroot - Login" + verified: true tags: panel,webroot http: diff --git a/http/exposed-panels/webshell4-login-panel.yaml b/http/exposed-panels/webshell4-login-panel.yaml index 78049c2ea0..4bf6ba2908 100644 --- a/http/exposed-panels/webshell4-login-panel.yaml +++ b/http/exposed-panels/webshell4-login-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.html:"webshell4" + verified: true tags: webshell4,panel http: diff --git a/http/exposed-panels/webtitan-cloud-panel.yaml b/http/exposed-panels/webtitan-cloud-panel.yaml index 4249452bac..877a0cb34d 100644 --- a/http/exposed-panels/webtitan-cloud-panel.yaml +++ b/http/exposed-panels/webtitan-cloud-panel.yaml @@ -9,12 +9,12 @@ info: classification: cpe: cpe:2.3:a:titanhq:webtitan:*:*:*:*:*:*:*:* metadata: - verified: true + fofa-query: title="WebTitan" max-request: 1 - vendor: titanhq product: webtitan shodan-query: http.favicon.hash:1090061843 - fofa-query: title="WebTitan" + vendor: titanhq + verified: true tags: panel,webtitan,cloud,detect,titanhq http: diff --git a/http/exposed-panels/webtransfer-client-panel.yaml b/http/exposed-panels/webtransfer-client-panel.yaml index c834e71edc..a7451ec0cd 100644 --- a/http/exposed-panels/webtransfer-client-panel.yaml +++ b/http/exposed-panels/webtransfer-client-panel.yaml @@ -8,9 +8,9 @@ info: reference: - https://www.progress.com/ftp-server/web-transfer metadata: - verified: true max-request: 1 shodan-query: http.title:"Web Transfer Client" + verified: true tags: panel,webtransferclient,login,detect http: diff --git a/http/exposed-panels/webuzo-admin-panel.yaml b/http/exposed-panels/webuzo-admin-panel.yaml index 5bc8aaa88a..9d8cc06823 100644 --- a/http/exposed-panels/webuzo-admin-panel.yaml +++ b/http/exposed-panels/webuzo-admin-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:softaculous:webuzo:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: softaculous product: webuzo shodan-query: http.title:"Webuzo - Admin Panel" + vendor: softaculous + verified: true tags: panel,webuzo,admin,softaculous http: diff --git a/http/exposed-panels/weiphp-panel.yaml b/http/exposed-panels/weiphp-panel.yaml index ad088f78ae..ec961a18bd 100644 --- a/http/exposed-panels/weiphp-panel.yaml +++ b/http/exposed-panels/weiphp-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:weiphp:weiphp:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: weiphp product: weiphp shodan-query: http.html:"weiphp" + vendor: weiphp + verified: true tags: panel,weiphp http: diff --git a/http/exposed-panels/whm-login-detect.yaml b/http/exposed-panels/whm-login-detect.yaml index 36cf21f6c8..60fe019818 100644 --- a/http/exposed-panels/whm-login-detect.yaml +++ b/http/exposed-panels/whm-login-detect.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: cpanel product: whm + vendor: cpanel tags: edb,whm,panel,login,cpanel http: diff --git a/http/exposed-panels/wiren-board-webui.yaml b/http/exposed-panels/wiren-board-webui.yaml index caf4edf84a..cc38517952 100644 --- a/http/exposed-panels/wiren-board-webui.yaml +++ b/http/exposed-panels/wiren-board-webui.yaml @@ -10,9 +10,9 @@ info: cvss-score: 6.5 cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.title:"Wiren Board Web UI" + verified: true tags: panel,exposure,wiren http: diff --git a/http/exposed-panels/wmw-enterprise-panel.yaml b/http/exposed-panels/wmw-enterprise-panel.yaml index cc87cd1503..1557b670d8 100644 --- a/http/exposed-panels/wmw-enterprise-panel.yaml +++ b/http/exposed-panels/wmw-enterprise-panel.yaml @@ -12,8 +12,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 + verified: true tags: panel,wmw,detect http: diff --git a/http/exposed-panels/wordpress-login.yaml b/http/exposed-panels/wordpress-login.yaml index e657e2ac04..2c28cd0e62 100644 --- a/http/exposed-panels/wordpress-login.yaml +++ b/http/exposed-panels/wordpress-login.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: wordpress product: wordpress + vendor: wordpress tags: panel,wordpress http: diff --git a/http/exposed-panels/workspace-one-uem.yaml b/http/exposed-panels/workspace-one-uem.yaml index 8d65672d3a..3939879875 100644 --- a/http/exposed-panels/workspace-one-uem.yaml +++ b/http/exposed-panels/workspace-one-uem.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:vmware:workspace_one_uem:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: vmware product: workspace_one_uem shodan-query: http.html:"Airwatch" + vendor: vmware + verified: true tags: panel,workspaceone,vmware http: diff --git a/http/exposed-panels/wowza-streaming-engine.yaml b/http/exposed-panels/wowza-streaming-engine.yaml index e475a8056e..52f781e362 100644 --- a/http/exposed-panels/wowza-streaming-engine.yaml +++ b/http/exposed-panels/wowza-streaming-engine.yaml @@ -9,9 +9,9 @@ info: cpe: cpe:2.3:a:wowza:streaming_engine:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: wowza product: streaming_engine shodan-query: http.title:"Manager" product:"Wowza Streaming Engine" + vendor: wowza tags: panel,wowza http: diff --git a/http/exposed-panels/ws_ftp-server-web-transfer.yaml b/http/exposed-panels/ws_ftp-server-web-transfer.yaml index ca0e8de538..40b5c97e73 100644 --- a/http/exposed-panels/ws_ftp-server-web-transfer.yaml +++ b/http/exposed-panels/ws_ftp-server-web-transfer.yaml @@ -9,12 +9,12 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true + censys-query: services.http.request.uri="*/ThinClient/WTM/public/index.html" max-request: 1 - vendor: progress product: ws_ftp shodan-query: http.title:"WS_FTP Server Web Transfer" - censys-query: services.http.request.uri="*/ThinClient/WTM/public/index.html" + vendor: progress + verified: true tags: panel,ws_ftp,progress http: diff --git a/http/exposed-panels/wso2-management-console.yaml b/http/exposed-panels/wso2-management-console.yaml index 0732c6af0f..e77bcd1e5b 100644 --- a/http/exposed-panels/wso2-management-console.yaml +++ b/http/exposed-panels/wso2-management-console.yaml @@ -13,9 +13,9 @@ info: cpe: cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: wso2 product: api_manager shodan-query: http.favicon.hash:1398055326 + vendor: wso2 tags: panel,wso2,edb http: diff --git a/http/exposed-panels/xeams-admin-console.yaml b/http/exposed-panels/xeams-admin-console.yaml index ca2cff4aac..9eb12620ce 100644 --- a/http/exposed-panels/xeams-admin-console.yaml +++ b/http/exposed-panels/xeams-admin-console.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:synametrics:xeams:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: synametrics product: xeams shodan-query: http.title:"Xeams Admin" + vendor: synametrics + verified: true tags: panel,xeams,admin,console,synametrics http: diff --git a/http/exposed-panels/xenmobile-login.yaml b/http/exposed-panels/xenmobile-login.yaml index ba1f7e9040..40b99313ad 100644 --- a/http/exposed-panels/xenmobile-login.yaml +++ b/http/exposed-panels/xenmobile-login.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:citrix:xenmobile_device_manager_mdm:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: citrix product: xenmobile_device_manager_mdm + vendor: citrix tags: panel,edb,citrix http: diff --git a/http/exposed-panels/xfinity-panel.yaml b/http/exposed-panels/xfinity-panel.yaml index 0cf468a3b0..1b8089c067 100644 --- a/http/exposed-panels/xfinity-panel.yaml +++ b/http/exposed-panels/xfinity-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"xfinity" + verified: true tags: panel,xfinity http: diff --git a/http/exposed-panels/xibocms-login.yaml b/http/exposed-panels/xibocms-login.yaml index d0e53a3e14..2635eb7a35 100644 --- a/http/exposed-panels/xibocms-login.yaml +++ b/http/exposed-panels/xibocms-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.html:"/xibosignage/xibo-cms" + verified: true tags: panel,xibocms http: diff --git a/http/exposed-panels/xnat-login.yaml b/http/exposed-panels/xnat-login.yaml index 527c60565b..17c4e7f9f7 100644 --- a/http/exposed-panels/xnat-login.yaml +++ b/http/exposed-panels/xnat-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: title:"xnat" + verified: true tags: xnat,panel http: diff --git a/http/exposed-panels/xoops/xoops-installation-wizard.yaml b/http/exposed-panels/xoops/xoops-installation-wizard.yaml index 1bc014c471..ec0466e638 100644 --- a/http/exposed-panels/xoops/xoops-installation-wizard.yaml +++ b/http/exposed-panels/xoops/xoops-installation-wizard.yaml @@ -9,8 +9,8 @@ info: cpe: cpe:2.3:a:xoops:xoops:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: xoops product: xoops + vendor: xoops tags: panel,xoops http: diff --git a/http/exposed-panels/xvr-login.yaml b/http/exposed-panels/xvr-login.yaml index 59ad7a6279..cf2b55e239 100644 --- a/http/exposed-panels/xvr-login.yaml +++ b/http/exposed-panels/xvr-login.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:h:dahuasecurity:xvr5xxx:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: dahuasecurity product: xvr5xxx shodan-query: http.title:"XVR LOGIN" + vendor: dahuasecurity tags: panel,xvr,dahuasecurity http: diff --git a/http/exposed-panels/xweb500-panel.yaml b/http/exposed-panels/xweb500-panel.yaml index f52a33d8ca..55454875b4 100644 --- a/http/exposed-panels/xweb500-panel.yaml +++ b/http/exposed-panels/xweb500-panel.yaml @@ -9,8 +9,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - max-request: 1 google-query: inurl:"xweb500.cgi" + max-request: 1 tags: panel,xweb500 http: diff --git a/http/exposed-panels/xxljob-panel.yaml b/http/exposed-panels/xxljob-panel.yaml index 58ac56b0e0..b201c80c37 100644 --- a/http/exposed-panels/xxljob-panel.yaml +++ b/http/exposed-panels/xxljob-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:xuxueli:xxl-job:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: xuxueli product: xxl-job shodan-query: http.favicon.hash:1691956220 + vendor: xuxueli + verified: true tags: panel,xxljob,login,xuxueli http: diff --git a/http/exposed-panels/yarn-manager-exposure.yaml b/http/exposed-panels/yarn-manager-exposure.yaml index 7ca14b6484..3925658336 100644 --- a/http/exposed-panels/yarn-manager-exposure.yaml +++ b/http/exposed-panels/yarn-manager-exposure.yaml @@ -9,8 +9,8 @@ info: cpe: cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: apache product: hadoop + vendor: apache tags: panel,apache,yarn,exposure http: diff --git a/http/exposed-panels/yellowfin-panel.yaml b/http/exposed-panels/yellowfin-panel.yaml index cfc3f6b027..59f7f84e59 100644 --- a/http/exposed-panels/yellowfin-panel.yaml +++ b/http/exposed-panels/yellowfin-panel.yaml @@ -5,9 +5,9 @@ info: author: DhiyaneshDK severity: info metadata: - verified: true max-request: 1 shodan-query: title:"Yellowfin Information Collaboration" + verified: true tags: yellowfin,panel,login http: diff --git a/http/exposed-panels/yzmcms-panel.yaml b/http/exposed-panels/yzmcms-panel.yaml index ecf645c966..f3a0b41d66 100644 --- a/http/exposed-panels/yzmcms-panel.yaml +++ b/http/exposed-panels/yzmcms-panel.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:yzmcms:yzmcms:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: yzmcms product: yzmcms shodan-query: http.title:"YzmCMS" + vendor: yzmcms tags: panel,yzmcms,login http: diff --git a/http/exposed-panels/zabbix-server-login.yaml b/http/exposed-panels/zabbix-server-login.yaml index 8a6aca8cbe..763599a3c7 100644 --- a/http/exposed-panels/zabbix-server-login.yaml +++ b/http/exposed-panels/zabbix-server-login.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: zabbix product: zabbix shodan-query: http.title:"zabbix-server" + vendor: zabbix tags: panel,zabbix http: diff --git a/http/exposed-panels/zblog-exposed-admin-panel.yaml b/http/exposed-panels/zblog-exposed-admin-panel.yaml index 8f0d15b943..3fe134b539 100644 --- a/http/exposed-panels/zblog-exposed-admin-panel.yaml +++ b/http/exposed-panels/zblog-exposed-admin-panel.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:zblogcn:zblogphp:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: zblogcn product: zblogphp shodan-query: http.title:zblog + vendor: zblogcn + verified: true tags: zblog,panel,zblogcn http: diff --git a/http/exposed-panels/zenario-login-panel.yaml b/http/exposed-panels/zenario-login-panel.yaml index 8ea675cd3b..44740e72f4 100644 --- a/http/exposed-panels/zenario-login-panel.yaml +++ b/http/exposed-panels/zenario-login-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:tribalsystems:zenario:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: tribalsystems product: zenario + vendor: tribalsystems tags: panel,zenario,tribalsystems http: diff --git a/http/exposed-panels/zentao-detect.yaml b/http/exposed-panels/zentao-detect.yaml index e2367be84e..b69cf973f9 100644 --- a/http/exposed-panels/zentao-detect.yaml +++ b/http/exposed-panels/zentao-detect.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:easycorp:zentao:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: easycorp product: zentao + vendor: easycorp tags: panel,easycorp http: diff --git a/http/exposed-panels/zeroshell-login.yaml b/http/exposed-panels/zeroshell-login.yaml index a508c1d8d4..98e2c299bb 100644 --- a/http/exposed-panels/zeroshell-login.yaml +++ b/http/exposed-panels/zeroshell-login.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:o:zeroshell:zeroshell:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: zeroshell product: zeroshell shodan-query: http.title:"ZeroShell" + vendor: zeroshell tags: panel,zeroshell http: diff --git a/http/exposed-panels/zimbra-web-client.yaml b/http/exposed-panels/zimbra-web-client.yaml index bb00ef2bd6..58c5a6e154 100644 --- a/http/exposed-panels/zimbra-web-client.yaml +++ b/http/exposed-panels/zimbra-web-client.yaml @@ -13,11 +13,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: synacor product: zimbra_collaboration_suite shodan-query: http.title:"Zimbra Web Client Sign In" + vendor: synacor + verified: true tags: edb,panel,zimbra,synacor http: diff --git a/http/exposed-panels/zimbra-web-login.yaml b/http/exposed-panels/zimbra-web-login.yaml index a46f97c7cb..3f839da8a8 100644 --- a/http/exposed-panels/zimbra-web-login.yaml +++ b/http/exposed-panels/zimbra-web-login.yaml @@ -13,11 +13,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: synacor product: zimbra_collaboration_suite shodan-query: http.title:"Zimbra Collaboration Suite" + vendor: synacor + verified: true tags: panel,zimbra,synacor http: diff --git a/http/exposed-panels/zipkin-exposure.yaml b/http/exposed-panels/zipkin-exposure.yaml index 975161d013..133d64a47f 100644 --- a/http/exposed-panels/zipkin-exposure.yaml +++ b/http/exposed-panels/zipkin-exposure.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 2 shodan-query: html:"webpackJsonpzipkin-lens" + verified: true tags: panel,zipkin http: diff --git a/http/exposed-panels/zoho/manageengine-adaudit.yaml b/http/exposed-panels/zoho/manageengine-adaudit.yaml index 5b749b43c2..aac6d3f365 100644 --- a/http/exposed-panels/zoho/manageengine-adaudit.yaml +++ b/http/exposed-panels/zoho/manageengine-adaudit.yaml @@ -14,11 +14,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:zohocorp:manageengine_adaudit_plus:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: zohocorp product: manageengine_adaudit_plus shodan-query: http.title:"ADAudit Plus" || http.title:"ManageEngine - ADManager Plus" + vendor: zohocorp + verified: true tags: panel,zoho,manageengine,zohocorp http: diff --git a/http/exposed-panels/zoho/manageengine-adselfservice.yaml b/http/exposed-panels/zoho/manageengine-adselfservice.yaml index a973f6d68b..c124acd633 100644 --- a/http/exposed-panels/zoho/manageengine-adselfservice.yaml +++ b/http/exposed-panels/zoho/manageengine-adselfservice.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: zohocorp product: manageengine_adselfservice_plus shodan-query: http.title:"ADSelfService Plus" + vendor: zohocorp + verified: true tags: panel,zoho,manageengine,zohocorp http: diff --git a/http/exposed-panels/zoho/manageengine-analytics.yaml b/http/exposed-panels/zoho/manageengine-analytics.yaml index 5ce4ed2628..243c09b5d0 100644 --- a/http/exposed-panels/zoho/manageengine-analytics.yaml +++ b/http/exposed-panels/zoho/manageengine-analytics.yaml @@ -10,10 +10,10 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:zohocorp:manageengine_analytics_plus:*:*:*:*:*:*:*:* metadata: - max-request: 1 - vendor: zohocorp - product: manageengine_analytics_plus fofa-query: app="ZOHO-流量管理" + max-request: 1 + product: manageengine_analytics_plus + vendor: zohocorp tags: panel,zoho,manageengine,zohocorp http: diff --git a/http/exposed-panels/zoho/manageengine-apex-helpdesk.yaml b/http/exposed-panels/zoho/manageengine-apex-helpdesk.yaml index 42018f86b3..f7f37638fb 100644 --- a/http/exposed-panels/zoho/manageengine-apex-helpdesk.yaml +++ b/http/exposed-panels/zoho/manageengine-apex-helpdesk.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:zohocorp:manageengine_analytics_plus:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: zohocorp product: manageengine_analytics_plus shodan-query: http.title:"APEX IT Help Desk" + vendor: zohocorp tags: panel,zoho,manageengine,zohocorp http: diff --git a/http/exposed-panels/zoho/manageengine-applications-manager.yaml b/http/exposed-panels/zoho/manageengine-applications-manager.yaml index 2e2cb5326e..a1228a5e92 100644 --- a/http/exposed-panels/zoho/manageengine-applications-manager.yaml +++ b/http/exposed-panels/zoho/manageengine-applications-manager.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:zohocorp:manageengine_applications_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: zohocorp product: manageengine_applications_manager + vendor: zohocorp tags: panel,zoho,manageengine,zohocorp http: diff --git a/http/exposed-panels/zoho/manageengine-assetexplorer.yaml b/http/exposed-panels/zoho/manageengine-assetexplorer.yaml index ae161d0cac..7f67a3c494 100644 --- a/http/exposed-panels/zoho/manageengine-assetexplorer.yaml +++ b/http/exposed-panels/zoho/manageengine-assetexplorer.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:zohocorp:manageengine_assetexplorer:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: zohocorp product: manageengine_assetexplorer shodan-query: http.title:"ManageEngine AssetExplorer" + vendor: zohocorp tags: panel,zoho,manageengine,zohocorp http: diff --git a/http/exposed-panels/zoho/manageengine-desktop.yaml b/http/exposed-panels/zoho/manageengine-desktop.yaml index 453e587d40..604f338f4f 100644 --- a/http/exposed-panels/zoho/manageengine-desktop.yaml +++ b/http/exposed-panels/zoho/manageengine-desktop.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:zohocorp:manageengine_desktop_central:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: zohocorp product: manageengine_desktop_central shodan-query: http.title:"ManageEngine Desktop Central 10" + vendor: zohocorp tags: panel,zoho,manageengine,zohocorp http: diff --git a/http/exposed-panels/zoho/manageengine-network-config.yaml b/http/exposed-panels/zoho/manageengine-network-config.yaml index a5cd7779a7..da719f577c 100644 --- a/http/exposed-panels/zoho/manageengine-network-config.yaml +++ b/http/exposed-panels/zoho/manageengine-network-config.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:zohocorp:manageengine_network_configuration_manager:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: zohocorp product: manageengine_network_configuration_manager shodan-query: http.title:"Network Configuration Manager" + vendor: zohocorp + verified: true tags: panel,zoho,manageengine,zohocorp http: diff --git a/http/exposed-panels/zoho/manageengine-opmanager.yaml b/http/exposed-panels/zoho/manageengine-opmanager.yaml index c2b19850bd..cc8ccf461f 100644 --- a/http/exposed-panels/zoho/manageengine-opmanager.yaml +++ b/http/exposed-panels/zoho/manageengine-opmanager.yaml @@ -13,9 +13,9 @@ info: cpe: cpe:2.3:a:zohocorp:manageengine_opmanager:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: zohocorp product: manageengine_opmanager shodan-query: http.title:"OpManager Plus" + vendor: zohocorp tags: panel,zoho,manageengine,zohocorp http: diff --git a/http/exposed-panels/zoho/manageengine-servicedesk.yaml b/http/exposed-panels/zoho/manageengine-servicedesk.yaml index a61795e389..9d0cc51280 100644 --- a/http/exposed-panels/zoho/manageengine-servicedesk.yaml +++ b/http/exposed-panels/zoho/manageengine-servicedesk.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: zohocorp product: manageengine_servicedesk_plus shodan-query: http.title:"ManageEngine ServiceDesk Plus" + vendor: zohocorp tags: panel,zoho,manageengine,zohocorp http: diff --git a/http/exposed-panels/zoho/manageengine-supportcenter.yaml b/http/exposed-panels/zoho/manageengine-supportcenter.yaml index af329bbd71..6e98304342 100644 --- a/http/exposed-panels/zoho/manageengine-supportcenter.yaml +++ b/http/exposed-panels/zoho/manageengine-supportcenter.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: zohocorp product: manageengine_supportcenter_plus shodan-query: http.title:"ManageEngine SupportCenter Plus" + vendor: zohocorp tags: panel,zoho,manageengine,zohocorp http: diff --git a/http/exposed-panels/zoneminder-login.yaml b/http/exposed-panels/zoneminder-login.yaml index 2baa65aab8..0bfaba5d20 100644 --- a/http/exposed-panels/zoneminder-login.yaml +++ b/http/exposed-panels/zoneminder-login.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: zoneminder product: zoneminder + vendor: zoneminder tags: panel,zoneminder http: diff --git a/http/exposed-panels/zte-panel.yaml b/http/exposed-panels/zte-panel.yaml index cf694cf1e1..5826ede43b 100644 --- a/http/exposed-panels/zte-panel.yaml +++ b/http/exposed-panels/zte-panel.yaml @@ -12,9 +12,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.html:"ZTE Corporation" + verified: true tags: panel,zte http: diff --git a/http/exposed-panels/zyxel-router-panel.yaml b/http/exposed-panels/zyxel-router-panel.yaml index 2d756a6aaa..71d7f19ef8 100644 --- a/http/exposed-panels/zyxel-router-panel.yaml +++ b/http/exposed-panels/zyxel-router-panel.yaml @@ -10,11 +10,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:h:zyxel:nr5101:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 2 - vendor: zyxel product: nr5101 shodan-query: title:"Web-Based Configurator" html:"zyxel" + vendor: zyxel + verified: true tags: panel,zyxel,router,iot http: diff --git a/http/exposed-panels/zyxel/zyxel-firewall-panel.yaml b/http/exposed-panels/zyxel/zyxel-firewall-panel.yaml index de2fd1c4a4..fe856ff034 100644 --- a/http/exposed-panels/zyxel/zyxel-firewall-panel.yaml +++ b/http/exposed-panels/zyxel/zyxel-firewall-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: http.favicon.hash:-440644339 + verified: true tags: panel,xyxel,firewall http: diff --git a/http/exposed-panels/zyxel/zyxel-vmg1312b10d-login.yaml b/http/exposed-panels/zyxel/zyxel-vmg1312b10d-login.yaml index d20626e98a..3b2885a1d8 100644 --- a/http/exposed-panels/zyxel/zyxel-vmg1312b10d-login.yaml +++ b/http/exposed-panels/zyxel/zyxel-vmg1312b10d-login.yaml @@ -7,11 +7,11 @@ info: classification: cpe: cpe:2.3:o:zyxel:vmg1312-b10d_firmware:*:*:*:*:*:*:*:* metadata: - verified: true max-request: 1 - vendor: zyxel product: vmg1312-b10d_firmware shodan-query: http.html:"VMG1312-B10D" + vendor: zyxel + verified: true tags: tech,zyxel,modem,router,panel http: diff --git a/http/exposed-panels/zyxel/zyxel-vsg1432b101-login.yaml b/http/exposed-panels/zyxel/zyxel-vsg1432b101-login.yaml index 9414b917bb..28b8bff696 100644 --- a/http/exposed-panels/zyxel/zyxel-vsg1432b101-login.yaml +++ b/http/exposed-panels/zyxel/zyxel-vsg1432b101-login.yaml @@ -5,9 +5,9 @@ info: author: princechaddha severity: info metadata: - verified: true max-request: 1 shodan-query: http.html:"VSG1432-B101" + verified: true tags: tech,zyxel,modem,router,panel http: diff --git a/http/exposures/configs/deployment-ini.yaml b/http/exposures/configs/deployment-ini.yaml index b40793b0e4..cc1a13a1b5 100644 --- a/http/exposures/configs/deployment-ini.yaml +++ b/http/exposures/configs/deployment-ini.yaml @@ -7,14 +7,13 @@ info: description: | Config file for "FTP deployment" utility usually contains server's FTP credentials in plain text. remediation: | - Delete the config file from server & add it to `ignore` section of the deployment file. Or block access to the file using `.htaccess` on the server. + Delete the config file from server & add it to `ignore` section of the deployment file. Or block access to the file using `.htaccess` on the server. reference: - https://github.com/dg/ftp-deployment metadata: - max-request: 12 vendor: dg - product: "ftp-deployment" - tags: config,exposure,dg + product: ftp-deployment + tags: config,exposure http: - method: GET diff --git a/http/exposures/files/generic-db.yaml b/http/exposures/files/generic-db.yaml index b1e884bb52..5d26689d69 100644 --- a/http/exposures/files/generic-db.yaml +++ b/http/exposures/files/generic-db.yaml @@ -43,7 +43,7 @@ info: cvss-score: 7.5 metadata: max-request: 89 - tags: files,database,exposure,sqlite,sqlite3,fuzz,sqli + tags: files,database,exposure,sqlite,sqlite3,fuzz http: - method: GET diff --git a/http/fuzzing/cache-poisoning-fuzz.yaml b/http/fuzzing/cache-poisoning-fuzz.yaml index 29b11d3125..df817453b6 100644 --- a/http/fuzzing/cache-poisoning-fuzz.yaml +++ b/http/fuzzing/cache-poisoning-fuzz.yaml @@ -9,7 +9,7 @@ info: - https://portswigger.net/web-security/web-cache-poisoning metadata: max-request: 5834 - tags: fuzz,cache,fuzzing + tags: fuzz,cache http: - raw: diff --git a/http/fuzzing/header-command-injection.yaml b/http/fuzzing/header-command-injection.yaml index 2ad0574ec8..076ec7b5ac 100644 --- a/http/fuzzing/header-command-injection.yaml +++ b/http/fuzzing/header-command-injection.yaml @@ -11,7 +11,7 @@ info: cwe-id: CWE-77 metadata: max-request: 7650 - tags: fuzz,rce,fuzzing + tags: fuzz,rce http: - raw: diff --git a/http/fuzzing/iis-shortname.yaml b/http/fuzzing/iis-shortname.yaml index 24c8ea6aa5..743eaa51ed 100644 --- a/http/fuzzing/iis-shortname.yaml +++ b/http/fuzzing/iis-shortname.yaml @@ -15,7 +15,7 @@ info: cwe-id: CWE-200 metadata: max-request: 4 - tags: iis,edb,fuzzing + tags: iis,edb http: - raw: diff --git a/http/fuzzing/linux-lfi-fuzzing.yaml b/http/fuzzing/linux-lfi-fuzzing.yaml index 94b59ef383..42ed0a2bea 100644 --- a/http/fuzzing/linux-lfi-fuzzing.yaml +++ b/http/fuzzing/linux-lfi-fuzzing.yaml @@ -11,7 +11,7 @@ info: cwe-id: CWE-200 metadata: max-request: 22 - tags: linux,lfi,fuzz,fuzzing + tags: linux,lfi,fuzz http: - method: GET diff --git a/http/fuzzing/mdb-database-file.yaml b/http/fuzzing/mdb-database-file.yaml index f28b352d06..9b67344fe9 100644 --- a/http/fuzzing/mdb-database-file.yaml +++ b/http/fuzzing/mdb-database-file.yaml @@ -13,7 +13,7 @@ info: cwe-id: CWE-200 metadata: max-request: 341 - tags: fuzz,mdb,asp,fuzzing + tags: fuzz,mdb,asp http: - raw: diff --git a/http/fuzzing/prestashop-module-fuzz.yaml b/http/fuzzing/prestashop-module-fuzz.yaml index b969caead9..4ebddab046 100644 --- a/http/fuzzing/prestashop-module-fuzz.yaml +++ b/http/fuzzing/prestashop-module-fuzz.yaml @@ -6,7 +6,7 @@ info: severity: info metadata: max-request: 639 - tags: fuzz,prestashop,fuzzing + tags: fuzz,prestashop http: - raw: diff --git a/http/fuzzing/ssrf-via-proxy.yaml b/http/fuzzing/ssrf-via-proxy.yaml index 2dae31844e..f3f8054d16 100644 --- a/http/fuzzing/ssrf-via-proxy.yaml +++ b/http/fuzzing/ssrf-via-proxy.yaml @@ -10,7 +10,7 @@ info: - https://twitter.com/ImoJOnDz/status/1649089777629827072 metadata: max-request: 9 - tags: ssrf,proxy,oast,fuzz,fuzzing + tags: ssrf,proxy,oast,fuzz http: - payloads: diff --git a/http/fuzzing/valid-gmail-check.yaml b/http/fuzzing/valid-gmail-check.yaml index 9b68aeae8c..3aa02ea47d 100644 --- a/http/fuzzing/valid-gmail-check.yaml +++ b/http/fuzzing/valid-gmail-check.yaml @@ -8,7 +8,7 @@ info: - https://github.com/dievus/geeMailUserFinder metadata: max-request: 1 - tags: gmail,fuzzing + tags: gmail self-contained: true diff --git a/http/fuzzing/waf-fuzz.yaml b/http/fuzzing/waf-fuzz.yaml index a4d1de95d3..e819d0a080 100644 --- a/http/fuzzing/waf-fuzz.yaml +++ b/http/fuzzing/waf-fuzz.yaml @@ -11,7 +11,7 @@ info: cwe-id: CWE-200 metadata: max-request: 58 - tags: waf,fuzz,fuzzing + tags: waf,fuzz http: - raw: diff --git a/http/fuzzing/wordpress-plugins-detect.yaml b/http/fuzzing/wordpress-plugins-detect.yaml index a9d52b75f8..6298ed031b 100644 --- a/http/fuzzing/wordpress-plugins-detect.yaml +++ b/http/fuzzing/wordpress-plugins-detect.yaml @@ -6,7 +6,7 @@ info: severity: info metadata: max-request: 100563 - tags: fuzz,wordpress,fuzzing + tags: fuzz,wordpress http: - raw: diff --git a/http/fuzzing/wordpress-themes-detect.yaml b/http/fuzzing/wordpress-themes-detect.yaml index 666c9921eb..77ae1d67a0 100644 --- a/http/fuzzing/wordpress-themes-detect.yaml +++ b/http/fuzzing/wordpress-themes-detect.yaml @@ -6,7 +6,7 @@ info: severity: info metadata: max-request: 24434 - tags: fuzz,wordpress,fuzzing + tags: fuzz,wordpress http: - raw: diff --git a/http/fuzzing/wordpress-weak-credentials.yaml b/http/fuzzing/wordpress-weak-credentials.yaml index 8d81dfaae1..88409cbd3c 100644 --- a/http/fuzzing/wordpress-weak-credentials.yaml +++ b/http/fuzzing/wordpress-weak-credentials.yaml @@ -14,7 +14,7 @@ info: cwe-id: CWE-1391 metadata: max-request: 276 - tags: wordpress,default-login,fuzz,fuzzing + tags: wordpress,default-login,fuzz http: - raw: diff --git a/http/fuzzing/xff-403-bypass.yaml b/http/fuzzing/xff-403-bypass.yaml index c98f3bd644..9742340fe6 100644 --- a/http/fuzzing/xff-403-bypass.yaml +++ b/http/fuzzing/xff-403-bypass.yaml @@ -7,7 +7,7 @@ info: description: Template to detect 403 forbidden endpoint bypass behind Nginx/Apache proxy & load balancers, based on X-Forwarded-For header. metadata: max-request: 3 - tags: fuzz,fuzzing + tags: fuzz http: - raw: diff --git a/http/miscellaneous/balada-injector-malware.yaml b/http/miscellaneous/balada-injector-malware.yaml index ba19eb97f1..43ee22e663 100644 --- a/http/miscellaneous/balada-injector-malware.yaml +++ b/http/miscellaneous/balada-injector-malware.yaml @@ -10,7 +10,7 @@ info: - https://blog.sucuri.net/2024/01/thousands-of-sites-with-popup-builder-compromised-by-balada-injector.html metadata: max-request: 1 - tags: malware,balada,misc,miscellaneous + tags: malware,balada,misc http: - method: GET diff --git a/http/miscellaneous/defacement-detect.yaml b/http/miscellaneous/defacement-detect.yaml index 21e86e8742..6d5b6f29c0 100644 --- a/http/miscellaneous/defacement-detect.yaml +++ b/http/miscellaneous/defacement-detect.yaml @@ -16,7 +16,7 @@ info: metadata: verified: true max-request: 85 - tags: misc,defacement,spam,hacktivism,fuzz,miscellaneous + tags: misc,defacement,spam,hacktivism,fuzz http: - method: GET diff --git a/http/miscellaneous/form-detection.yaml b/http/miscellaneous/form-detection.yaml index ef7b6883c5..4c4b623cc2 100644 --- a/http/miscellaneous/form-detection.yaml +++ b/http/miscellaneous/form-detection.yaml @@ -8,9 +8,7 @@ info: A template to detect HTML Forms in page response. reference: - https://github.com/dirtycoder0124/formcrawler - metadata: - max-request: 1 - tags: form,misc,miscellaneous + tags: form,misc http: - method: GET diff --git a/http/miscellaneous/microsoft-azure-error.yaml b/http/miscellaneous/microsoft-azure-error.yaml index 69532bad79..6bf4c412b4 100644 --- a/http/miscellaneous/microsoft-azure-error.yaml +++ b/http/miscellaneous/microsoft-azure-error.yaml @@ -7,7 +7,7 @@ info: metadata: max-request: 1 shodan-query: title:"Microsoft Azure Web App - Error 404" - tags: error,azure,microsoft,misc,takeover,miscellaneous + tags: error,azure,microsoft,misc,takeover http: - method: GET diff --git a/http/misconfiguration/aws/cdn-cache-poisoning.yaml b/http/misconfiguration/aws/cdn-cache-poisoning.yaml index fb46c4fa0c..667d221e50 100644 --- a/http/misconfiguration/aws/cdn-cache-poisoning.yaml +++ b/http/misconfiguration/aws/cdn-cache-poisoning.yaml @@ -12,7 +12,7 @@ info: verified: true max-request: 2 shodan-query: X-Amz-Server-Side-Encryption - tags: cache,aws,poisoning,cdn,misconfig + tags: cache,aws,poisoning,cdn variables: string: "{{to_lower(rand_base(8))}}={{to_lower(rand_base(8))}}" diff --git a/http/misconfiguration/doris-dashboard.yaml b/http/misconfiguration/doris-dashboard.yaml index 825e6f44ac..ad10be723e 100644 --- a/http/misconfiguration/doris-dashboard.yaml +++ b/http/misconfiguration/doris-dashboard.yaml @@ -9,7 +9,7 @@ info: verified: true max-request: 1 shodan-query: http.favicon.hash:24048806 - tags: doris,exposure,unauth,logs,misconfig + tags: doris,exposure,unauth,logs http: - method: GET diff --git a/http/misconfiguration/h2o/h2o-arbitary-file-read.yaml b/http/misconfiguration/h2o/h2o-arbitary-file-read.yaml index 92d13c0fe3..3335edb0c3 100644 --- a/http/misconfiguration/h2o/h2o-arbitary-file-read.yaml +++ b/http/misconfiguration/h2o/h2o-arbitary-file-read.yaml @@ -14,7 +14,7 @@ info: verified: true max-request: 1 shodan-query: title:"H2O Flow" - tags: h2o-3,h2o,info-leak,lfi,misconfig + tags: h2o-3,h2o,info-leak,lfi http: - raw: diff --git a/http/misconfiguration/https-to-http-redirect.yaml b/http/misconfiguration/https-to-http-redirect.yaml index 85221af6df..b32e2d48b7 100644 --- a/http/misconfiguration/https-to-http-redirect.yaml +++ b/http/misconfiguration/https-to-http-redirect.yaml @@ -7,8 +7,8 @@ info: description: | Detects whether there is a redirect from https:// to http:// metadata: - verified: true max-request: 1 + verified: true tags: misconfig,http,https http: diff --git a/http/misconfiguration/node-express-dev-env.yaml b/http/misconfiguration/node-express-dev-env.yaml index e5c79d4ac6..580dc440b4 100644 --- a/http/misconfiguration/node-express-dev-env.yaml +++ b/http/misconfiguration/node-express-dev-env.yaml @@ -10,10 +10,11 @@ info: - https://www.invicti.com/web-vulnerability-scanner/vulnerabilities/express-development-mode-is-enabled/ - https://www.synopsys.com/blogs/software-security/nodejs-mean-stack-vulnerabilities.html metadata: - verified: true max-request: 2 + verified: true shodan-query: "X-Powered-By: Express" tags: nodejs,express,misconfig,devops,cicd,trace + flow: http(1) && http(2) http: diff --git a/http/misconfiguration/php/php-composer-binary.yaml b/http/misconfiguration/php/php-composer-binary.yaml index f6467767c7..53ff3e953d 100644 --- a/http/misconfiguration/php/php-composer-binary.yaml +++ b/http/misconfiguration/php/php-composer-binary.yaml @@ -11,7 +11,7 @@ info: metadata: verified: true max-request: 1 - tags: php,composer,exposure,misconfig + tags: php,composer,exposure http: - method: GET diff --git a/http/osint/user-enumeration/piratebay.yaml b/http/osint/user-enumeration/piratebay.yaml index f9eff9ee7f..b30047584c 100644 --- a/http/osint/user-enumeration/piratebay.yaml +++ b/http/osint/user-enumeration/piratebay.yaml @@ -11,7 +11,7 @@ info: metadata: verified: true max-request: 1 - tags: osint,osint-p2p,piratebay,headless + tags: osint,osint-p2p,piratebay self-contained: true diff --git a/http/takeovers/worksites-takeover.yaml b/http/takeovers/worksites-takeover.yaml index 8affdd7150..2b067146e8 100644 --- a/http/takeovers/worksites-takeover.yaml +++ b/http/takeovers/worksites-takeover.yaml @@ -10,7 +10,7 @@ info: metadata: verified: true max-request: 2 - tags: takeover,dns + tags: takeover dns: - name: "{{FQDN}}" diff --git a/http/technologies/apache/tomcat-detect.yaml b/http/technologies/apache/tomcat-detect.yaml index c13053052c..c1d58959c9 100644 --- a/http/technologies/apache/tomcat-detect.yaml +++ b/http/technologies/apache/tomcat-detect.yaml @@ -4,7 +4,8 @@ info: name: Tomcat Detection author: philippedelteil,dhiyaneshDk,AdamCrosser severity: info - description: If an Tomcat instance is deployed on the target URL, when we send a request for a non existent resource we receive a Tomcat error page with version. + description: If an Tomcat instance is deployed on the target URL, when we send a + request for a non existent resource we receive a Tomcat error page with version. classification: cpe: cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* metadata: diff --git a/http/technologies/arcgis-rest-api.yaml b/http/technologies/arcgis-rest-api.yaml index d946ef6c7f..826ea043f3 100644 --- a/http/technologies/arcgis-rest-api.yaml +++ b/http/technologies/arcgis-rest-api.yaml @@ -14,7 +14,7 @@ info: max-request: 1 vendor: esri product: arcgis_engine - tags: api,arcgis,cms,tech,esri + tags: api,arcgis,cms,tech http: - method: GET diff --git a/http/technologies/arcgis-tokens.yaml b/http/technologies/arcgis-tokens.yaml index 527a21cfd3..4f0e54c77a 100644 --- a/http/technologies/arcgis-tokens.yaml +++ b/http/technologies/arcgis-tokens.yaml @@ -15,7 +15,7 @@ info: vendor: esri product: arcgis_server shodan-query: title:"ArcGIS" - tags: tech,arcgis,tokens,detect,esri + tags: tech,arcgis,tokens,detect http: - method: GET diff --git a/http/technologies/celebrus-detect.yaml b/http/technologies/celebrus-detect.yaml index ebf2295bc9..2b06b610ab 100644 --- a/http/technologies/celebrus-detect.yaml +++ b/http/technologies/celebrus-detect.yaml @@ -1,19 +1,19 @@ id: celebrus-detect -info: - name: Celebrus - Detect - author: righettod - severity: info - description: | - Celebrus was detected. - reference: - - https://investors.celebrus.com/ - metadata: - verified: true - max-request: 1 - shodan-query: http.title:"Celebrus" - tags: tech,celebrus,detect - +info: + name: Celebrus - Detect + author: righettod + severity: info + description: | + Celebrus was detected. + reference: + - https://investors.celebrus.com/ + metadata: + max-request: 1 + verified: true + shodan-query: http.title:"Celebrus" + tags: tech,celebrus,detect + http: - method: GET path: diff --git a/http/technologies/privatebin-detect.yaml b/http/technologies/privatebin-detect.yaml index 298fd9b837..cd31f07925 100644 --- a/http/technologies/privatebin-detect.yaml +++ b/http/technologies/privatebin-detect.yaml @@ -1,19 +1,19 @@ id: privatebin-detect -info: - name: PrivateBin - Detect - author: righettod - severity: info - description: | - PrivateBin was detected. - reference: - - https://privatebin.info/ - metadata: - verified: true - max-request: 1 - shodan-query: title:"PrivateBin" - tags: tech,privatebin,detect - +info: + name: PrivateBin - Detect + author: righettod + severity: info + description: | + PrivateBin was detected. + reference: + - https://privatebin.info/ + metadata: + max-request: 1 + verified: true + shodan-query: title:"PrivateBin" + tags: tech,privatebin,detect + http: - method: GET path: diff --git a/http/technologies/simplesamlphp-detect.yaml b/http/technologies/simplesamlphp-detect.yaml index 04fc3f0799..a9bfcaffe4 100644 --- a/http/technologies/simplesamlphp-detect.yaml +++ b/http/technologies/simplesamlphp-detect.yaml @@ -9,9 +9,9 @@ info: reference: - https://simplesamlphp.org/ metadata: + max-request: 1 verified: true - max-request: 2 - shodan-query: "http.title:\"SimpleSAMLphp installation page\"" + shodan-query: http.title:"SimpleSAMLphp installation page" tags: tech,simplesamlphp,detect http: diff --git a/http/technologies/yourls-detect.yaml b/http/technologies/yourls-detect.yaml index 4412d10ba7..4704c9f7c3 100644 --- a/http/technologies/yourls-detect.yaml +++ b/http/technologies/yourls-detect.yaml @@ -9,8 +9,8 @@ info: reference: - https://github.com/YOURLS/YOURLS metadata: - verified: true max-request: 1 + verified: true shodan-query: title:"Your Own URL Shortener" fofa-query: title="Your Own URL Shortener" tags: tech,yourls diff --git a/http/token-spray/api-mailchimp.yaml b/http/token-spray/api-mailchimp.yaml index b7fdf5206c..e4b8320148 100644 --- a/http/token-spray/api-mailchimp.yaml +++ b/http/token-spray/api-mailchimp.yaml @@ -8,7 +8,7 @@ info: - https://mailchimp.com/developer/transactional/docs/smtp-integration/#credentials-and-configuration metadata: max-request: 1 - tags: token-spray,mailchimp,tcp + tags: token-spray,mailchimp self-contained: true tcp: diff --git a/http/token-spray/api-sendgrid.yaml b/http/token-spray/api-sendgrid.yaml index 640c4c64ac..3bf3692649 100644 --- a/http/token-spray/api-sendgrid.yaml +++ b/http/token-spray/api-sendgrid.yaml @@ -8,7 +8,7 @@ info: - https://docs.sendgrid.com/for-developers/sending-email/getting-started-smtp metadata: max-request: 1 - tags: token-spray,sendgrid,tcp + tags: token-spray,sendgrid self-contained: true tcp: diff --git a/http/token-spray/api-travisci.yaml b/http/token-spray/api-travisci.yaml index d0a7a4cace..1a66071c7a 100644 --- a/http/token-spray/api-travisci.yaml +++ b/http/token-spray/api-travisci.yaml @@ -6,9 +6,9 @@ info: severity: info reference: - https://developer.travis-ci.com/ + tags: token-spray,travis metadata: max-request: 1 - tags: token-spray,travis self-contained: true http: diff --git a/http/vulnerabilities/ecstatic/node-ecstatic-listing.yaml b/http/vulnerabilities/ecstatic/node-ecstatic-listing.yaml index bdb1cfdc0d..35aec42c58 100644 --- a/http/vulnerabilities/ecstatic/node-ecstatic-listing.yaml +++ b/http/vulnerabilities/ecstatic/node-ecstatic-listing.yaml @@ -9,8 +9,8 @@ info: - https://tripla.dk/2020/03/26/multiple-vulnerabilities-in-nodejs-ecstatic-http-server-http-party/ metadata: verified: true - max-request: 1 shodan-query: 'server: "ecstatic"' + max-request: 1 tags: node,js,listing,ecstatic http: diff --git a/http/vulnerabilities/huatian/huatian-oa-sqli.yaml b/http/vulnerabilities/huatian/huatian-oa-sqli.yaml index 39f8e0c6ae..37bed4c845 100644 --- a/http/vulnerabilities/huatian/huatian-oa-sqli.yaml +++ b/http/vulnerabilities/huatian/huatian-oa-sqli.yaml @@ -10,8 +10,7 @@ info: - https://blog.csdn.net/qq_41617034/article/details/124305120 metadata: verified: true - max-request: 1 - fofa-query: "app=\"华天动力-OA8000\"" + fofa-query: app="华天动力-OA8000" tags: huatian,oa,sqli http: diff --git a/http/vulnerabilities/jenkins/unauthenticated-jenkins.yaml b/http/vulnerabilities/jenkins/unauthenticated-jenkins.yaml index ac6e36c98f..cc1c3cfc4c 100644 --- a/http/vulnerabilities/jenkins/unauthenticated-jenkins.yaml +++ b/http/vulnerabilities/jenkins/unauthenticated-jenkins.yaml @@ -6,7 +6,7 @@ info: severity: high description: Jenkins Dashboard is exposed to external users. metadata: - max-request: 2 + max-request: 1 tags: jenkins http: diff --git a/http/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml b/http/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml index e4ee7e788f..d96109c385 100644 --- a/http/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml +++ b/http/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml @@ -10,7 +10,7 @@ info: cvss-score: 5.4 cwe-id: CWE-80 metadata: - max-request: 2 + max-request: 1 tags: wordpress,wp-plugin,xss,wordfence flow: http(1) && http(2) diff --git a/http/vulnerabilities/wordpress/wordpress-zebra-form-xss.yaml b/http/vulnerabilities/wordpress/wordpress-zebra-form-xss.yaml index 0e2e13a451..0775781c9c 100644 --- a/http/vulnerabilities/wordpress/wordpress-zebra-form-xss.yaml +++ b/http/vulnerabilities/wordpress/wordpress-zebra-form-xss.yaml @@ -14,7 +14,7 @@ info: cvss-score: 5.4 cwe-id: CWE-80 metadata: - max-request: 2 + max-request: 1 tags: wordpress,xss,wp,wpscan,intrusive flow: http(1) && http(2) diff --git a/http/vulnerabilities/wordpress/wp-ambience-xss.yaml b/http/vulnerabilities/wordpress/wp-ambience-xss.yaml index e7b5b216ab..0a87565389 100644 --- a/http/vulnerabilities/wordpress/wp-ambience-xss.yaml +++ b/http/vulnerabilities/wordpress/wp-ambience-xss.yaml @@ -14,7 +14,7 @@ info: cvss-score: 5.4 cwe-id: CWE-80 metadata: - max-request: 2 + max-request: 1 tags: wp-plugin,wp,edb,wpscan,wordpress,xss flow: http(1) && http(2) diff --git a/http/vulnerabilities/wordpress/wp-custom-tables-xss.yaml b/http/vulnerabilities/wordpress/wp-custom-tables-xss.yaml index 6fa48097da..92b5714c5b 100644 --- a/http/vulnerabilities/wordpress/wp-custom-tables-xss.yaml +++ b/http/vulnerabilities/wordpress/wp-custom-tables-xss.yaml @@ -13,7 +13,7 @@ info: cvss-score: 7.2 cwe-id: CWE-79 metadata: - max-request: 2 + max-request: 1 tags: wpscan,wordpress,xss,wp-plugin flow: http(1) && http(2) diff --git a/http/vulnerabilities/wordpress/wp-finder-xss.yaml b/http/vulnerabilities/wordpress/wp-finder-xss.yaml index 322ce7a569..c234442498 100644 --- a/http/vulnerabilities/wordpress/wp-finder-xss.yaml +++ b/http/vulnerabilities/wordpress/wp-finder-xss.yaml @@ -12,7 +12,7 @@ info: cvss-score: 7.2 cwe-id: CWE-79 metadata: - max-request: 2 + max-request: 1 tags: xss,wp-plugin,packetstorm,wordpress flow: http(1) && http(2) diff --git a/http/vulnerabilities/wordpress/wp-flagem-xss.yaml b/http/vulnerabilities/wordpress/wp-flagem-xss.yaml index 00c20bfa3d..8674f3db13 100644 --- a/http/vulnerabilities/wordpress/wp-flagem-xss.yaml +++ b/http/vulnerabilities/wordpress/wp-flagem-xss.yaml @@ -13,7 +13,7 @@ info: cvss-score: 7.2 cwe-id: CWE-79 metadata: - max-request: 2 + max-request: 1 tags: wordpress,xss,wp-plugin,edb flow: http(1) && http(2) diff --git a/http/vulnerabilities/wordpress/wp-knews-xss.yaml b/http/vulnerabilities/wordpress/wp-knews-xss.yaml index 62b6671448..8e71f846a2 100644 --- a/http/vulnerabilities/wordpress/wp-knews-xss.yaml +++ b/http/vulnerabilities/wordpress/wp-knews-xss.yaml @@ -13,7 +13,7 @@ info: cvss-score: 7.2 cwe-id: CWE-79 metadata: - max-request: 2 + max-request: 1 tags: wordpress,xss,wp-plugin flow: http(1) && http(2) diff --git a/http/vulnerabilities/wordpress/wp-nextgen-xss.yaml b/http/vulnerabilities/wordpress/wp-nextgen-xss.yaml index bddb84aacb..458876ca6b 100644 --- a/http/vulnerabilities/wordpress/wp-nextgen-xss.yaml +++ b/http/vulnerabilities/wordpress/wp-nextgen-xss.yaml @@ -13,7 +13,7 @@ info: cvss-score: 7.2 cwe-id: CWE-79 metadata: - max-request: 2 + max-request: 1 tags: wp-plugin,edb,wordpress,xss flow: http(1) && http(2) diff --git a/http/vulnerabilities/wordpress/wp-phpfreechat-xss.yaml b/http/vulnerabilities/wordpress/wp-phpfreechat-xss.yaml index 3d8caaaea1..da31152e66 100644 --- a/http/vulnerabilities/wordpress/wp-phpfreechat-xss.yaml +++ b/http/vulnerabilities/wordpress/wp-phpfreechat-xss.yaml @@ -13,7 +13,7 @@ info: cvss-score: 7.2 cwe-id: CWE-79 metadata: - max-request: 2 + max-request: 1 tags: xss,wp-plugin,edb,wordpress flow: http(1) && http(2) diff --git a/http/vulnerabilities/wordpress/wp-securimage-xss.yaml b/http/vulnerabilities/wordpress/wp-securimage-xss.yaml index 76aae56907..07d7a66adf 100644 --- a/http/vulnerabilities/wordpress/wp-securimage-xss.yaml +++ b/http/vulnerabilities/wordpress/wp-securimage-xss.yaml @@ -13,7 +13,7 @@ info: cvss-score: 7.2 cwe-id: CWE-79 metadata: - max-request: 2 + max-request: 1 tags: edb,wordpress,xss,wp-plugin flow: http(1) && http(2) diff --git a/http/vulnerabilities/wordpress/wp-slideshow-xss.yaml b/http/vulnerabilities/wordpress/wp-slideshow-xss.yaml index a65d1374c7..01a3211a3b 100644 --- a/http/vulnerabilities/wordpress/wp-slideshow-xss.yaml +++ b/http/vulnerabilities/wordpress/wp-slideshow-xss.yaml @@ -12,7 +12,7 @@ info: cvss-score: 7.2 cwe-id: CWE-79 metadata: - max-request: 2 + max-request: 1 tags: wordpress,xss,wp-plugin,edb flow: http(1) && http(2) diff --git a/http/vulnerabilities/wordpress/wp-under-construction-ssrf.yaml b/http/vulnerabilities/wordpress/wp-under-construction-ssrf.yaml index 475cac7c9f..e671fc582f 100644 --- a/http/vulnerabilities/wordpress/wp-under-construction-ssrf.yaml +++ b/http/vulnerabilities/wordpress/wp-under-construction-ssrf.yaml @@ -11,7 +11,7 @@ info: - https://packetstormsecurity.com/files/161576/ metadata: verified: true - max-request: 2 + max-request: 1 tags: ssrf,wp,wp-plugin,wordpress,unauth,wpscan,packetstorm flow: http(1) && http(2) diff --git a/javascript/cves/2012/CVE-2012-2122.yaml b/javascript/cves/2012/CVE-2012-2122.yaml index 0aeec203ad..f303e06e97 100644 --- a/javascript/cves/2012/CVE-2012-2122.yaml +++ b/javascript/cves/2012/CVE-2012-2122.yaml @@ -22,11 +22,11 @@ info: cpe: cpe:2.3:a:oracle:mysql:5.1.51:*:*:*:*:*:*:* metadata: verified: true - max-request: 1 vendor: oracle product: mysql - shodan-query: "product:\"MySQL\"" - tags: cve,cve2012,js,enum,network,mssql,fuzz,oracle + shodan-query: product:"MySQL" + tags: cve,cve2012,js,enum,network,mssql,fuzz + javascript: - code: | const mysql = require('nuclei/mysql'); diff --git a/javascript/cves/2016/CVE-2016-8706.yaml b/javascript/cves/2016/CVE-2016-8706.yaml index 1641cc26a7..0730a6857e 100644 --- a/javascript/cves/2016/CVE-2016-8706.yaml +++ b/javascript/cves/2016/CVE-2016-8706.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2016-8706 cwe-id: CWE-190 epss-score: 0.89998 - epss-percentile: 0.98733 + epss-percentile: 0.98714 cpe: cpe:2.3:a:memcached:memcached:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/javascript/cves/2019/CVE-2019-9193.yaml b/javascript/cves/2019/CVE-2019-9193.yaml index 1151cddc0f..7d32efc03f 100644 --- a/javascript/cves/2019/CVE-2019-9193.yaml +++ b/javascript/cves/2019/CVE-2019-9193.yaml @@ -9,10 +9,10 @@ info: reference: - https://github.com/vulhub/vulhub/tree/master/postgres/CVE-2019-9193 metadata: + shodan-query: product:"PostgreSQL" verified: true - max-request: 1 - shodan-query: "product:\"PostgreSQL\"" tags: cve,cve2018,js,network,postgresql,intrusive + javascript: - code: | const postgres = require('nuclei/postgres'); diff --git a/javascript/cves/2020/CVE-2020-7247.yaml b/javascript/cves/2020/CVE-2020-7247.yaml index 6a090b2ed2..0ee8c36b70 100644 --- a/javascript/cves/2020/CVE-2020-7247.yaml +++ b/javascript/cves/2020/CVE-2020-7247.yaml @@ -24,10 +24,11 @@ info: epss-percentile: 0.9998 cpe: cpe:2.3:a:openbsd:opensmtpd:6.6:*:*:*:*:*:*:* metadata: - max-request: 1 + max-request: 2 vendor: openbsd product: opensmtpd - tags: packetstorm,cve,cve2020,js,smtp,opensmtpd,network,rce,oast,kev,openbsd + tags: packetstorm,cve,cve2020,js,smtp,opensmtpd,network,rce,oast,kev + javascript: - code: | const smtp = require('nuclei/smtp'); diff --git a/javascript/cves/2023/CVE-2023-34039.yaml b/javascript/cves/2023/CVE-2023-34039.yaml index 09269f096a..c83d8c7995 100644 --- a/javascript/cves/2023/CVE-2023-34039.yaml +++ b/javascript/cves/2023/CVE-2023-34039.yaml @@ -22,14 +22,14 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34039 cwe-id: CWE-327 - epss-score: 0.90713 - epss-percentile: 0.98782 + epss-score: 0.9013 + epss-percentile: 0.98721 cpe: cpe:2.3:a:vmware:aria_operations_for_networks:*:*:*:*:*:*:*:* metadata: verified: true vendor: vmware product: aria_operations_for_networks - tags: js,packetstorm,cve,vmware,aria,rce,fuzz,vrealize,cve2023 + tags: js,packetstorm,cve,cve2019,vmware,aria,rce,fuzz,vrealize variables: keysDir: "helpers/payloads/cve-2023-34039-keys" # load all private keys from this directory diff --git a/javascript/cves/2024/CVE-2024-23897.yaml b/javascript/cves/2024/CVE-2024-23897.yaml index 1967803a25..1ce87d12b2 100644 --- a/javascript/cves/2024/CVE-2024-23897.yaml +++ b/javascript/cves/2024/CVE-2024-23897.yaml @@ -25,7 +25,7 @@ info: vendor: jenkins product: jenkins shodan-query: "product:\"Jenkins\"" - tags: cve,lfi,rce,jenkins,cve2024,js + tags: cve,cve2024,lfi,rce,jenkins variables: payload: "{{hex_decode('0000000e00000c636f6e6e6563742d6e6f64650000000e00000c402f6574632f706173737764000000070200055554462d3800000007010005656e5f41450000000003')}}" diff --git a/javascript/enumeration/minecraft-enum.yaml b/javascript/enumeration/minecraft-enum.yaml index 9c4a95f90b..0ef5ff5f1d 100644 --- a/javascript/enumeration/minecraft-enum.yaml +++ b/javascript/enumeration/minecraft-enum.yaml @@ -9,10 +9,11 @@ info: reference: - https://github.com/sjhilt/Nmap-NSEs/blob/master/minecraft-info.nse metadata: - verified: true max-request: 1 shodan-query: product:"Minecraft" + verified: true tags: js,network,minecraft,enum + javascript: - code: | let data = "fe01" diff --git a/javascript/enumeration/mysql/mysql-default-login.yaml b/javascript/enumeration/mysql/mysql-default-login.yaml index 7a48346b80..687207551e 100644 --- a/javascript/enumeration/mysql/mysql-default-login.yaml +++ b/javascript/enumeration/mysql/mysql-default-login.yaml @@ -10,7 +10,7 @@ info: verified: true max-request: 21 shodan-query: "port:3306" - tags: js,mysql,default-login,network,fuzz,enum + tags: js,mysql,default-login,network,fuzz javascript: - pre-condition: | diff --git a/javascript/enumeration/mysql/mysql-info.yaml b/javascript/enumeration/mysql/mysql-info.yaml index 9cb991cce2..3d3c169f02 100644 --- a/javascript/enumeration/mysql/mysql-info.yaml +++ b/javascript/enumeration/mysql/mysql-info.yaml @@ -11,7 +11,7 @@ info: metadata: max-request: 1 shodan-query: "port:3306" - tags: js,mssql,network,enum + tags: js,mssql,network javascript: - code: | var m = require("nuclei/mysql"); diff --git a/javascript/enumeration/pgsql/pgsql-default-db.yaml b/javascript/enumeration/pgsql/pgsql-default-db.yaml index adb38586a0..70df51efb9 100644 --- a/javascript/enumeration/pgsql/pgsql-default-db.yaml +++ b/javascript/enumeration/pgsql/pgsql-default-db.yaml @@ -9,10 +9,10 @@ info: reference: - https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/SQL%20Injection/PostgreSQL%20Injection.md#postgresql-database-name metadata: + shodan-query: product:"PostgreSQL" verified: true - max-request: 40 - shodan-query: "product:\"PostgreSQL\"" - tags: js,network,postgresql,authenticated,enum + tags: js,network,postgresql,authenticated + javascript: - code: | const postgres = require('nuclei/postgres'); diff --git a/javascript/enumeration/pgsql/pgsql-file-read.yaml b/javascript/enumeration/pgsql/pgsql-file-read.yaml index a246f509fd..b16c5978f5 100644 --- a/javascript/enumeration/pgsql/pgsql-file-read.yaml +++ b/javascript/enumeration/pgsql/pgsql-file-read.yaml @@ -9,10 +9,10 @@ info: reference: - https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/SQL%20Injection/PostgreSQL%20Injection.md#postgresql-file-read metadata: + shodan-query: product:"PostgreSQL" verified: true - max-request: 8 - shodan-query: "product:\"PostgreSQL\"" - tags: js,network,postgresql,authenticated,enum + tags: js,network,postgresql,authenticated + javascript: - code: | const postgres = require('nuclei/postgres'); diff --git a/javascript/enumeration/pgsql/pgsql-list-database.yaml b/javascript/enumeration/pgsql/pgsql-list-database.yaml index d204509f5f..128fff50b8 100644 --- a/javascript/enumeration/pgsql/pgsql-list-database.yaml +++ b/javascript/enumeration/pgsql/pgsql-list-database.yaml @@ -10,10 +10,10 @@ info: - https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/SQL%20Injection/PostgreSQL%20Injection.md#postgresql-list-password-hashes - https://launchbylunch.com/posts/2024/Jan/16/postgres-password-encryption/#postgresql-password-encryption-scram-sha-256 metadata: + shodan-query: product:"PostgreSQL" verified: true - max-request: 8 - shodan-query: "product:\"PostgreSQL\"" - tags: js,network,postgresql,authenticated,enum + tags: js,network,postgresql,authenticated + javascript: - code: | const postgres = require('nuclei/postgres'); diff --git a/javascript/enumeration/pgsql/pgsql-list-password-hashes.yaml b/javascript/enumeration/pgsql/pgsql-list-password-hashes.yaml index 808434e037..75fd260bba 100644 --- a/javascript/enumeration/pgsql/pgsql-list-password-hashes.yaml +++ b/javascript/enumeration/pgsql/pgsql-list-password-hashes.yaml @@ -11,10 +11,10 @@ info: - https://launchbylunch.com/posts/2024/Jan/16/postgres-password-encryption/#postgresql-password-encryption-scram-sha-256 - https://github.com/rapid7/metasploit-framework/blob/master/documentation/modules/auxiliary/scanner/postgres/postgres_hashdump.md metadata: + shodan-query: product:"PostgreSQL" verified: true - max-request: 8 - shodan-query: "product:\"PostgreSQL\"" - tags: js,network,postgresql,authenticated,enum + tags: js,network,postgresql,authenticated + javascript: - code: | const postgres = require('nuclei/postgres'); diff --git a/javascript/enumeration/pgsql/pgsql-list-users.yaml b/javascript/enumeration/pgsql/pgsql-list-users.yaml index ed6f321d8a..176dfd9d72 100644 --- a/javascript/enumeration/pgsql/pgsql-list-users.yaml +++ b/javascript/enumeration/pgsql/pgsql-list-users.yaml @@ -9,10 +9,10 @@ info: reference: - https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/SQL%20Injection/PostgreSQL%20Injection.md#postgresql-list-users metadata: + shodan-query: product:"PostgreSQL" verified: true - max-request: 8 - shodan-query: "product:\"PostgreSQL\"" tags: js,network,postgresql,enum,authenticated + javascript: - code: | const postgres = require('nuclei/postgres'); diff --git a/javascript/enumeration/pgsql/pgsql-version-detect.yaml b/javascript/enumeration/pgsql/pgsql-version-detect.yaml index 08714c8d32..cbbbdccf98 100644 --- a/javascript/enumeration/pgsql/pgsql-version-detect.yaml +++ b/javascript/enumeration/pgsql/pgsql-version-detect.yaml @@ -9,10 +9,10 @@ info: reference: - https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/SQL%20Injection/PostgreSQL%20Injection.md#postgresql-version metadata: + shodan-query: product:"PostgreSQL" verified: true - max-request: 8 - shodan-query: "product:\"PostgreSQL\"" tags: js,network,postgresql,enum,authenticated + javascript: - code: | const postgres = require('nuclei/postgres'); diff --git a/javascript/enumeration/pop3/pop3-capabilities-enum.yaml b/javascript/enumeration/pop3/pop3-capabilities-enum.yaml index 510a59f3be..e86f426477 100644 --- a/javascript/enumeration/pop3/pop3-capabilities-enum.yaml +++ b/javascript/enumeration/pop3/pop3-capabilities-enum.yaml @@ -9,10 +9,11 @@ info: reference: - https://nmap.org/nsedoc/scripts/pop3-capabilities.html metadata: - verified: true max-request: 1 shodan-query: "port:110" + verified: true tags: js,network,pop3,enum + javascript: - code: | let data = "CAPA\r\n" diff --git a/javascript/enumeration/redis/redis-info.yaml b/javascript/enumeration/redis/redis-info.yaml index 9493077f0d..fbd62fb967 100644 --- a/javascript/enumeration/redis/redis-info.yaml +++ b/javascript/enumeration/redis/redis-info.yaml @@ -11,7 +11,7 @@ info: metadata: max-request: 1 shodan-query: product:"redis" - tags: js,redis,network,enum + tags: js,redis,network javascript: - code: | diff --git a/javascript/enumeration/redis/redis-require-auth.yaml b/javascript/enumeration/redis/redis-require-auth.yaml index 33fa950a73..933d643384 100644 --- a/javascript/enumeration/redis/redis-require-auth.yaml +++ b/javascript/enumeration/redis/redis-require-auth.yaml @@ -11,7 +11,7 @@ info: metadata: max-request: 1 shodan-query: product:"redis" - tags: js,redis,network,enum + tags: js,redis,network javascript: - code: | diff --git a/javascript/misconfiguration/pgsql/pgsql-extensions-rce.yaml b/javascript/misconfiguration/pgsql/pgsql-extensions-rce.yaml index e68933dcb5..9f2deb4d9c 100644 --- a/javascript/misconfiguration/pgsql/pgsql-extensions-rce.yaml +++ b/javascript/misconfiguration/pgsql/pgsql-extensions-rce.yaml @@ -11,10 +11,10 @@ info: - https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/SQL%20Injection/PostgreSQL%20Injection.md#using-libcso6 - https://hacktricks.boitatech.com.br/pentesting-web/sql-injection/postgresql-injection/rce-with-postgresql-extensions metadata: + shodan-query: product:"PostgreSQL" verified: true - max-request: 1 - shodan-query: "product:\"PostgreSQL\"" tags: postgresql,js,network,rce + javascript: - code: | const postgres = require('nuclei/postgres'); diff --git a/javascript/misconfiguration/pgsql/postgresql-empty-password.yaml b/javascript/misconfiguration/pgsql/postgresql-empty-password.yaml index 81668ccb0f..069215a9f8 100644 --- a/javascript/misconfiguration/pgsql/postgresql-empty-password.yaml +++ b/javascript/misconfiguration/pgsql/postgresql-empty-password.yaml @@ -9,10 +9,10 @@ info: reference: - https://www.tenable.com/plugins/nessus/104031 metadata: + shodan-query: product:"PostgreSQL" verified: true - max-request: 1 - shodan-query: "product:\"PostgreSQL\"" tags: js,network,postgresql,authenticated + javascript: - code: | const postgres = require('nuclei/postgres'); diff --git a/javascript/udp/detection/tftp-detect.yaml b/javascript/udp/detection/tftp-detect.yaml index a67707ee43..4fa3ae1353 100644 --- a/javascript/udp/detection/tftp-detect.yaml +++ b/javascript/udp/detection/tftp-detect.yaml @@ -8,9 +8,9 @@ info: Detect TFTP Service. metadata: verified: true - max-request: 1 - shodan-query: "port:69" + shodan-query: port:69 tags: js,tftp,udp,network + javascript: - code: | let packet = bytes.NewBuffer(); diff --git a/network/backdoor/backdoored-zte.yaml b/network/backdoor/backdoored-zte.yaml index e9ce27c899..7515aa50d6 100644 --- a/network/backdoor/backdoored-zte.yaml +++ b/network/backdoor/backdoored-zte.yaml @@ -13,10 +13,11 @@ info: cvss-score: 10 cwe-id: CWE-912 metadata: - verified: true max-request: 1 shodan-query: http.html:"ZTE Corporation" - tags: edb,network,zte,telnet,backdoor,router,tcp + verified: true + tags: edb,network,zte,telnet,backdoor,router + tcp: - host: - "{{Hostname}}" diff --git a/network/c2/darkcomet-trojan.yaml b/network/c2/darkcomet-trojan.yaml index 47b869ad69..54644dbf4f 100644 --- a/network/c2/darkcomet-trojan.yaml +++ b/network/c2/darkcomet-trojan.yaml @@ -12,7 +12,7 @@ info: verified: true max-request: 1 shodan-query: product:'DarkComet Trojan' - tags: network,c2,ir,osint,cti,darkcomet,tcp + tags: network,c2,ir,osint,cti,darkcomet tcp: - inputs: diff --git a/network/c2/darktrack-rat-trojan.yaml b/network/c2/darktrack-rat-trojan.yaml index 99be59b8bb..58dcfa2785 100644 --- a/network/c2/darktrack-rat-trojan.yaml +++ b/network/c2/darktrack-rat-trojan.yaml @@ -12,7 +12,7 @@ info: verified: true max-request: 1 shodan-query: product:'DarkTrack RAT Trojan' - tags: network,c2,ir,osint,cti,darktrack,rat,tcp + tags: network,c2,ir,osint,cti,darktrack,rat tcp: - inputs: diff --git a/network/c2/orcus-rat-trojan.yaml b/network/c2/orcus-rat-trojan.yaml index 9c095a75ec..596f5cbb52 100644 --- a/network/c2/orcus-rat-trojan.yaml +++ b/network/c2/orcus-rat-trojan.yaml @@ -12,7 +12,7 @@ info: verified: true max-request: 1 shodan-query: product:'Orcus RAT Trojan' - tags: network,c2,ir,osint,cti,orcus,rat,tcp + tags: network,c2,ir,osint,cti,orcus,rat tcp: - inputs: diff --git a/network/c2/xtremerat-trojan.yaml b/network/c2/xtremerat-trojan.yaml index 31c3af3395..7a315de265 100644 --- a/network/c2/xtremerat-trojan.yaml +++ b/network/c2/xtremerat-trojan.yaml @@ -12,7 +12,7 @@ info: verified: true max-request: 1 shodan-query: product:'XtremeRAT Trojan' - tags: network,c2,ir,osint,cti,xtreamerat,tcp + tags: network,c2,ir,osint,cti,xtreamerat tcp: - inputs: diff --git a/network/cves/2001/CVE-2001-1473.yaml b/network/cves/2001/CVE-2001-1473.yaml index 6983a337ed..ecb7eb0621 100644 --- a/network/cves/2001/CVE-2001-1473.yaml +++ b/network/cves/2001/CVE-2001-1473.yaml @@ -5,24 +5,24 @@ info: author: iamthefrogy severity: high description: SSHv1 is deprecated and has known cryptographic issues. - remediation: Upgrade to SSH 2.4 or later. reference: - https://www.kb.cert.org/vuls/id/684820 - https://nvd.nist.gov/vuln/detail/CVE-2001-1473 - http://www.kb.cert.org/vuls/id/684820 - https://exchange.xforce.ibmcloud.com/vulnerabilities/6603 + remediation: Upgrade to SSH 2.4 or later. classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2001-1473 cwe-id: CWE-310 - epss-score: 0.00258 cpe: cpe:2.3:a:ssh:ssh:1.2.24:*:*:*:*:*:*:* + epss-score: 0.00258 metadata: max-request: 1 - vendor: ssh product: ssh - tags: network,cve2001,cve,ssh,openssh,tcp + vendor: ssh + tags: network,cve2001,cve,ssh,openssh tcp: - host: - "{{Hostname}}" diff --git a/network/cves/2011/CVE-2011-2523.yaml b/network/cves/2011/CVE-2011-2523.yaml index 3740fe3c55..2991dbe5a7 100644 --- a/network/cves/2011/CVE-2011-2523.yaml +++ b/network/cves/2011/CVE-2011-2523.yaml @@ -29,7 +29,7 @@ info: vendor: vsftpd_project product: vsftpd shodan-query: product:"vsftpd" - tags: packetstorm,cve2011,network,cve,vsftpd,ftp,backdoor,vsftpd_project,tcp + tags: cve2011,network,cve,vsftpd,ftp,backdoor,vsftpd_project variables: cmd: "cat /etc/passwd" # shows the the user and group names and numeric IDs tcp: diff --git a/network/cves/2015/CVE-2015-3306.yaml b/network/cves/2015/CVE-2015-3306.yaml index 9c5b81d994..76be3c6f5c 100644 --- a/network/cves/2015/CVE-2015-3306.yaml +++ b/network/cves/2015/CVE-2015-3306.yaml @@ -19,13 +19,13 @@ info: cvss-score: 10 cve-id: CVE-2015-3306 cwe-id: CWE-284 - epss-score: 0.97267 cpe: cpe:2.3:a:proftpd:proftpd:1.3.5:*:*:*:*:*:*:* + epss-score: 0.97267 metadata: max-request: 1 - vendor: proftpd product: proftpd - tags: cve2015,cve,network,ftp,rce,proftpd,edb,tcp + vendor: proftpd + tags: cve2015,cve,network,ftp,rce,proftpd,edb tcp: - host: - "{{Hostname}}" diff --git a/network/cves/2016/CVE-2016-2004.yaml b/network/cves/2016/CVE-2016-2004.yaml index 5813c46ebb..ea7e238e3a 100644 --- a/network/cves/2016/CVE-2016-2004.yaml +++ b/network/cves/2016/CVE-2016-2004.yaml @@ -27,7 +27,7 @@ info: max-request: 2 vendor: hp product: data_protector - tags: packetstorm,cve,cve2016,network,iot,hp,rce,edb,tcp + tags: packetstorm,cve,cve2016,network,iot,hp,rce,edb tcp: - host: - "{{Hostname}}" diff --git a/network/cves/2016/CVE-2016-3510.yaml b/network/cves/2016/CVE-2016-3510.yaml index 2ea297b1c0..64e8374d4e 100644 --- a/network/cves/2016/CVE-2016-3510.yaml +++ b/network/cves/2016/CVE-2016-3510.yaml @@ -19,15 +19,15 @@ info: cvss-score: 9.8 cve-id: CVE-2016-3510 cwe-id: CWE-119 - epss-score: 0.04407 - epss-percentile: 0.92227 + epss-score: 0.04254 + epss-percentile: 0.92018 cpe: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: oracle product: weblogic_server - tags: packetstorm,cve,cve2016,oracle,weblogic,t3,rce,oast,deserialization,network,tcp + tags: packetstorm,cve,cve2016,oracle,weblogic,t3,rce,oast,deserialization,network variables: start: "016501ffffffffffffffff000000710000ea6000000018432ec6a2a63985b5af7d63e64383f42a6d92c9e9af0f9472027973720078720178720278700000000c00000002000000000000000000000001007070707070700000000c00000002000000000000000000000001007006fe010000aced00057372001d7765626c6f6769632e726a766d2e436c6173735461626c65456e7472792f52658157f4f9ed0c000078707200247765626c6f6769632e636f6d6d6f6e2e696e7465726e616c2e5061636b616765496e666fe6f723e7b8ae1ec90200094900056d616a6f724900056d696e6f7249000b706174636855706461746549000c726f6c6c696e67506174636849000b736572766963655061636b5a000e74656d706f7261727950617463684c0009696d706c5469746c657400124c6a6176612f6c616e672f537472696e673b4c000a696d706c56656e646f7271007e00034c000b696d706c56657273696f6e71007e000378707702000078fe010000" end: "fe010000aced00057372001d7765626c6f6769632e726a766d2e436c6173735461626c65456e7472792f52658157f4f9ed0c000078707200217765626c6f6769632e636f6d6d6f6e2e696e7465726e616c2e50656572496e666f585474f39bc908f10200074900056d616a6f724900056d696e6f7249000b706174636855706461746549000c726f6c6c696e67506174636849000b736572766963655061636b5a000e74656d706f7261727950617463685b00087061636b616765737400275b4c7765626c6f6769632f636f6d6d6f6e2f696e7465726e616c2f5061636b616765496e666f3b787200247765626c6f6769632e636f6d6d6f6e2e696e7465726e616c2e56657273696f6e496e666f972245516452463e0200035b00087061636b6167657371007e00034c000e72656c6561736556657273696f6e7400124c6a6176612f6c616e672f537472696e673b5b001276657273696f6e496e666f417342797465737400025b42787200247765626c6f6769632e636f6d6d6f6e2e696e7465726e616c2e5061636b616765496e666fe6f723e7b8ae1ec90200094900056d616a6f724900056d696e6f7249000b706174636855706461746549000c726f6c6c696e67506174636849000b736572766963655061636b5a000e74656d706f7261727950617463684c0009696d706c5469746c6571007e00054c000a696d706c56656e646f7271007e00054c000b696d706c56657273696f6e71007e000578707702000078fe00fffe010000aced0005737200137765626c6f6769632e726a766d2e4a564d4944dc49c23ede121e2a0c00007870774621000000000000000000093132372e302e312e31000b75732d6c2d627265656e73a53caff10000000700001b59ffffffffffffffffffffffffffffffffffffffffffffffff0078fe010000aced0005737200137765626c6f6769632e726a766d2e4a564d4944dc49c23ede121e2a0c00007870771d018140128134bf427600093132372e302e312e31a53caff1000000000078" diff --git a/network/cves/2017/CVE-2017-3881.yaml b/network/cves/2017/CVE-2017-3881.yaml index 69abf7ba0f..cb805c9198 100644 --- a/network/cves/2017/CVE-2017-3881.yaml +++ b/network/cves/2017/CVE-2017-3881.yaml @@ -27,7 +27,7 @@ info: max-request: 2 vendor: cisco product: ios - tags: cve2017,network,cve,cisco,rce,kev,msf,tcp + tags: cve2017,network,cve,cisco,rce,kev,msf tcp: - host: - "{{Hostname}}" diff --git a/network/cves/2017/CVE-2017-5645.yaml b/network/cves/2017/CVE-2017-5645.yaml index 1d74565167..fa34d154c7 100644 --- a/network/cves/2017/CVE-2017-5645.yaml +++ b/network/cves/2017/CVE-2017-5645.yaml @@ -28,7 +28,7 @@ info: max-request: 2 vendor: apache product: log4j - tags: cve,cve2017,network,vulhub,apache,log4j,rce,deserialization,oast,tcp + tags: cve,cve2017,network,vulhub,apache,log4j,rce,deserialization,oast variables: end: "\r\n" tcp: diff --git a/network/cves/2018/CVE-2018-2628.yaml b/network/cves/2018/CVE-2018-2628.yaml index a72e359ba3..3f817a5326 100644 --- a/network/cves/2018/CVE-2018-2628.yaml +++ b/network/cves/2018/CVE-2018-2628.yaml @@ -20,14 +20,14 @@ info: cvss-score: 9.8 cve-id: CVE-2018-2628 cwe-id: CWE-502 - epss-score: 0.9751 - epss-percentile: 0.99982 + epss-score: 0.97523 + epss-percentile: 0.99988 cpe: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* metadata: max-request: 1 vendor: oracle product: weblogic_server - tags: network,cve2018,cve,oracle,weblogic,deserialization,kev,tcp + tags: network,cve2018,cve,oracle,weblogic,deserialization,kev tcp: - host: - "{{Hostname}}" diff --git a/network/cves/2018/CVE-2018-2893.yaml b/network/cves/2018/CVE-2018-2893.yaml index e1f8367939..65356e9fef 100644 --- a/network/cves/2018/CVE-2018-2893.yaml +++ b/network/cves/2018/CVE-2018-2893.yaml @@ -26,7 +26,7 @@ info: max-request: 2 vendor: oracle product: weblogic_server - tags: cve,cve2018,weblogic,network,deserialization,rce,oracle,tcp + tags: cve,cve2018,weblogic,network,deserialization,rce,oracle tcp: - inputs: - data: "t3 12.2.1 diff --git a/network/cves/2020/CVE-2020-11981.yaml b/network/cves/2020/CVE-2020-11981.yaml index 64e83c3a46..a71f9ce3bb 100644 --- a/network/cves/2020/CVE-2020-11981.yaml +++ b/network/cves/2020/CVE-2020-11981.yaml @@ -29,7 +29,7 @@ info: vendor: apache product: airflow shodan-query: product:"redis" - tags: cve,cve2020,network,redis,unauth,apache,airflow,vulhub,intrusive,tcp + tags: cve,cve2020,network,redis,unauth,apache,airflow,vulhub,intrusive variables: data: "*3\r diff --git a/network/cves/2020/CVE-2020-1938.yaml b/network/cves/2020/CVE-2020-1938.yaml index 6a0675e906..cf19b20244 100644 --- a/network/cves/2020/CVE-2020-1938.yaml +++ b/network/cves/2020/CVE-2020-1938.yaml @@ -27,7 +27,7 @@ info: vendor: apache product: geode shodan-query: title:"Apache Tomcat" - tags: cve,cve2020,kev,tenable,apache,lfi,network,tomcat,ajp,tcp + tags: cve,cve2020,kev,tenable,apache,lfi,network,tomcat,ajp tcp: - host: - "{{Hostname}}" diff --git a/network/cves/2021/CVE-2021-44521.yaml b/network/cves/2021/CVE-2021-44521.yaml index f9c631ff25..dfedb77d30 100644 --- a/network/cves/2021/CVE-2021-44521.yaml +++ b/network/cves/2021/CVE-2021-44521.yaml @@ -27,7 +27,7 @@ info: max-request: 2 vendor: apache product: cassandra - tags: cve,cve2021,network,rce,apache,cassandra,tcp + tags: cve,cve2021,network,rce,apache,cassandra tcp: - host: - "{{Hostname}}" diff --git a/network/cves/2022/CVE-2022-0543.yaml b/network/cves/2022/CVE-2022-0543.yaml index 3fd7457e1a..1b2082a1d0 100644 --- a/network/cves/2022/CVE-2022-0543.yaml +++ b/network/cves/2022/CVE-2022-0543.yaml @@ -22,16 +22,15 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 10 cve-id: CVE-2022-0543 - cwe-id: CWE-862 - epss-score: 0.97053 - epss-percentile: 0.99744 + epss-score: 0.97184 cpe: cpe:2.3:a:redis:redis:-:*:*:*:*:*:*:* metadata: - max-request: 2 vendor: redis + max-request: 2 product: redis shodan-query: redis_version - tags: cve,cve2022,network,redis,unauth,rce,kev,tcp + tags: cve,cve2022,network,redis,unauth,rce,kev + tcp: - host: - "{{Hostname}}" diff --git a/network/cves/2022/CVE-2022-24706.yaml b/network/cves/2022/CVE-2022-24706.yaml index 82ac3e07a1..0dc99a7dc2 100644 --- a/network/cves/2022/CVE-2022-24706.yaml +++ b/network/cves/2022/CVE-2022-24706.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-24706 cwe-id: CWE-1188 - epss-score: 0.97472 - epss-percentile: 0.99961 + epss-score: 0.9748 + epss-percentile: 0.99964 cpe: cpe:2.3:a:apache:couchdb:*:*:*:*:*:*:*:* metadata: verified: "true" @@ -30,7 +30,7 @@ info: vendor: apache product: couchdb shodan-query: product:"CouchDB" - tags: cve2022,network,cve,couch,rce,kev,couchdb,apache,tcp + tags: cve2022,network,cve,couch,rce,kev,couchdb,apache variables: name_msg: "00156e00050007499c4141414141414041414141414141" challenge_reply: "00157201020304" diff --git a/network/cves/2022/CVE-2022-31793.yaml b/network/cves/2022/CVE-2022-31793.yaml index 42baa69b63..0d5e0514ca 100644 --- a/network/cves/2022/CVE-2022-31793.yaml +++ b/network/cves/2022/CVE-2022-31793.yaml @@ -28,7 +28,7 @@ info: max-request: 1 vendor: inglorion product: muhttpd - tags: network,cve,cve2022,muhttpd,lfi,unauth,inglorion,tcp + tags: network,cve,cve2022,muhttpd,lfi,unauth,inglorion tcp: - host: - "{{Hostname}}" diff --git a/network/cves/2023/CVE-2023-33246.yaml b/network/cves/2023/CVE-2023-33246.yaml index 980f724e6a..9dcedde472 100644 --- a/network/cves/2023/CVE-2023-33246.yaml +++ b/network/cves/2023/CVE-2023-33246.yaml @@ -20,16 +20,16 @@ info: cvss-score: 9.8 cve-id: CVE-2023-33246 cwe-id: CWE-94 - epss-score: 0.95581 cpe: cpe:2.3:a:apache:rocketmq:*:*:*:*:*:*:*:* + epss-score: 0.95581 metadata: - verified: true + fofa-query: protocol="rocketmq" max-request: 1 - vendor: apache product: rocketmq shodan-query: title:"RocketMQ" - fofa-query: protocol="rocketmq" - tags: packetstorm,network,cve2023,cve,rocketmq,rce,oast,intrusive,apache,tcp + vendor: apache + verified: true + tags: network,cve2023,cve,rocketmq,rce,oast,intrusive,apache variables: part_a: '{{ hex_decode ("000000d2000000607b22636f6465223a32352c22666c6167223a302c226c616e6775616765223a224a415641222c226f7061717565223a302c2273657269616c697a655479706543757272656e74525043223a224a534f4e222c2276657273696f6e223a3339357d66696c7465725365727665724e756d733d310a726f636b65746d71486f6d653d2d632024407c7368202e206563686f206375726c20") }}' part_b: '{{ hex_decode("3b0a") }}' diff --git a/network/default-login/ftp-anonymous-login.yaml b/network/default-login/ftp-anonymous-login.yaml index ea3ab6d42b..25a8deb085 100644 --- a/network/default-login/ftp-anonymous-login.yaml +++ b/network/default-login/ftp-anonymous-login.yaml @@ -10,7 +10,7 @@ info: - https://tools.ietf.org/html/rfc2577 metadata: max-request: 1 - tags: network,ftp,default-login,tcp + tags: network,ftp,default-login tcp: - inputs: diff --git a/network/default-login/ftp-weak-credentials.yaml b/network/default-login/ftp-weak-credentials.yaml index da3048edb0..f28f01cf1f 100644 --- a/network/default-login/ftp-weak-credentials.yaml +++ b/network/default-login/ftp-weak-credentials.yaml @@ -12,7 +12,7 @@ info: cvss-score: 8.5 metadata: max-request: 1 - tags: network,ftp,default-login,service,tcp + tags: network,ftp,default-login,service tcp: diff --git a/network/default-login/ldap-anonymous-login.yaml b/network/default-login/ldap-anonymous-login.yaml index 10f4483c69..3141f0b300 100644 --- a/network/default-login/ldap-anonymous-login.yaml +++ b/network/default-login/ldap-anonymous-login.yaml @@ -5,17 +5,18 @@ info: author: s0obi severity: medium description: The remote LDAP server allows anonymous access - remediation: Configure the service to disallow NULL BINDs. reference: - https://ldap.com/ldapv3-wire-protocol-reference-bind - https://www.mowasay.com/2016/01/windows-how-do-i-disable-or-enable-anonymous-ldap-binds-to-windows-server-2008-r2-active-directory-ad/ + remediation: Configure the service to disallow NULL BINDs. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cwe-id: CWE-284 metadata: max-request: 1 - tags: network,ldap,default-login,tenable,tcp + tags: network,ldap,default-login,tenable + tcp: - inputs: - data: 300c020101600702010304008000 diff --git a/network/detection/activemq-openwire-transport-detect.yaml b/network/detection/activemq-openwire-transport-detect.yaml index c1ebb0eb00..ff4cf39ecc 100644 --- a/network/detection/activemq-openwire-transport-detect.yaml +++ b/network/detection/activemq-openwire-transport-detect.yaml @@ -7,10 +7,11 @@ info: description: | OpenWire is the native protocol that Apache ActiveMQ uses. It is designed for performance and size on the wire - sacrificing some ease of implementation with higher performance and reduced network bandwidth as a priority. metadata: - verified: true max-request: 1 shodan-query: product:"ActiveMQ OpenWire transport" - tags: network,activemq,detect,openwire,detection,tcp + verified: true + tags: network,activemq,detect,openwire + tcp: - inputs: - data: "VERSION" diff --git a/network/detection/apache-activemq-detect.yaml b/network/detection/apache-activemq-detect.yaml index 42d4e58fcd..a6428320a2 100644 --- a/network/detection/apache-activemq-detect.yaml +++ b/network/detection/apache-activemq-detect.yaml @@ -7,10 +7,11 @@ info: description: | Apache ActiveMQ is an open source message broker written in Java together with a full Java Message Service client. It provides "Enterprise Features" which in this case means fostering the communication from more than one client or server. metadata: - verified: true max-request: 1 shodan-query: product:"Apache ActiveMQ" - tags: network,activemq,oss,detect,apache,detection,tcp + verified: true + tags: network,activemq,oss,detect,apache + tcp: - inputs: - data: "HELP\n\n\u0000" diff --git a/network/detection/aws-sftp-detect.yaml b/network/detection/aws-sftp-detect.yaml index b4c87c6dc1..2294a4a534 100644 --- a/network/detection/aws-sftp-detect.yaml +++ b/network/detection/aws-sftp-detect.yaml @@ -12,10 +12,11 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 + verified: true shodan-query: SSH-2.0-AWS_SFTP_1.1 - tags: network,ssh,detect,aws,sftp,detection,tcp + tags: network,ssh,detect,aws,sftp + tcp: - host: - "{{Hostname}}" diff --git a/network/detection/axigen-mail-server-detect.yaml b/network/detection/axigen-mail-server-detect.yaml index cfbd5a0184..86d00cf935 100644 --- a/network/detection/axigen-mail-server-detect.yaml +++ b/network/detection/axigen-mail-server-detect.yaml @@ -7,11 +7,12 @@ info: description: | Axigen Mail Server was detected. metadata: - verified: true + fofa-query: app="axigen-Mail-Server" max-request: 1 shodan-query: product:"Axigen" - fofa-query: app="axigen-Mail-Server" - tags: network,axigen,detect,smtp,detection,tcp + verified: true + tags: network,axigen,detect,smtp + tcp: - inputs: - data: "\n" diff --git a/network/detection/bgp-detect.yaml b/network/detection/bgp-detect.yaml index d79e02c355..0fd5b34941 100644 --- a/network/detection/bgp-detect.yaml +++ b/network/detection/bgp-detect.yaml @@ -15,7 +15,7 @@ info: metadata: max-request: 1 shodan-query: product:"BGP" - tags: network,bgp,detect,detection,tcp + tags: network,bgp,detect tcp: - inputs: diff --git a/network/detection/cisco-finger-detect.yaml b/network/detection/cisco-finger-detect.yaml index 1ffc81509c..3e4937c6c7 100644 --- a/network/detection/cisco-finger-detect.yaml +++ b/network/detection/cisco-finger-detect.yaml @@ -7,10 +7,11 @@ info: description: | The finger daemon runs on TCP port 79. The client will (in the case of remote hosts) open a connection to port 79. metadata: - verified: true max-request: 1 shodan-query: product:"Cisco fingerd" - tags: network,finger,detect,cisco,detection,tcp + verified: true + tags: network,finger,detect,cisco + tcp: - inputs: - data: "\n" diff --git a/network/detection/clamav-detect.yaml b/network/detection/clamav-detect.yaml index 5497437246..cdabb2ddad 100644 --- a/network/detection/clamav-detect.yaml +++ b/network/detection/clamav-detect.yaml @@ -7,10 +7,11 @@ info: description: | Clam AntiVirus is a free software, cross-platform antimalware toolkit able to detect many types of malware, including viruses. metadata: - verified: true max-request: 1 shodan-query: port:3310 product:"ClamAV" - tags: network,clamav,detect,detection,tcp + verified: true + tags: network,clamav,detect + tcp: - inputs: - data: "VERSION" diff --git a/network/detection/cql-native-transport.yaml b/network/detection/cql-native-transport.yaml index 11338b526d..502754b6b2 100644 --- a/network/detection/cql-native-transport.yaml +++ b/network/detection/cql-native-transport.yaml @@ -7,10 +7,11 @@ info: description: | Native transport requests (NTR) are any requests made via the CQL Native Protocol. CQL Native Protocol is the way the Cassandra driver communicates with the server. metadata: - verified: true max-request: 1 shodan-query: cassandra - tags: network,cassandra,cql,detect,detection,tcp + verified: true + tags: network,cassandra,cql,detect + tcp: - inputs: - data: "/n" diff --git a/network/detection/detect-addpac-voip-gateway.yaml b/network/detection/detect-addpac-voip-gateway.yaml index 21fd8b0065..96c383b8aa 100644 --- a/network/detection/detect-addpac-voip-gateway.yaml +++ b/network/detection/detect-addpac-voip-gateway.yaml @@ -13,7 +13,7 @@ info: cwe-id: CWE-200 metadata: max-request: 1 - tags: network,addpac,apos,voip,detect,detection,tcp + tags: network,addpac,apos,voip,detect tcp: - inputs: diff --git a/network/detection/detect-jabber-xmpp.yaml b/network/detection/detect-jabber-xmpp.yaml index 7195ed8989..d8ecc79c8d 100644 --- a/network/detection/detect-jabber-xmpp.yaml +++ b/network/detection/detect-jabber-xmpp.yaml @@ -12,7 +12,7 @@ info: cwe-id: CWE-200 metadata: max-request: 1 - tags: network,jabber,xmpp,messaging,detect,detection,tcp + tags: network,jabber,xmpp,messaging,detect tcp: - inputs: diff --git a/network/detection/dotnet-remoting-service-detect.yaml b/network/detection/dotnet-remoting-service-detect.yaml index 51a660c5b5..d28906d6ff 100644 --- a/network/detection/dotnet-remoting-service-detect.yaml +++ b/network/detection/dotnet-remoting-service-detect.yaml @@ -10,10 +10,11 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: product:"MS .NET Remoting httpd" - tags: network,detect,microsoft,dotnet,detection,tcp + verified: true + tags: network,detect,microsoft,dotnet + tcp: - inputs: - data: "\n" diff --git a/network/detection/dropbear-cbc-ciphers.yaml b/network/detection/dropbear-cbc-ciphers.yaml index eb3e00c546..c9ecc8114a 100644 --- a/network/detection/dropbear-cbc-ciphers.yaml +++ b/network/detection/dropbear-cbc-ciphers.yaml @@ -6,15 +6,16 @@ info: severity: low description: | The SSH server is configured to support Cipher Block Chaining (CBC) encryption. This may allow an attacker to recover the plaintext message from the ciphertext. - remediation: | - Disable CBC Ciphers. reference: | https://www.tenable.com/plugins/nessus/70658 + remediation: | + Disable CBC Ciphers. metadata: - verified: true max-request: 1 shodan-query: product:"Dropbear sshd" - tags: network,ssh,dropbear,detect,detection,tcp + verified: true + tags: network,ssh,dropbear,detect + tcp: - inputs: - data: "\n" diff --git a/network/detection/esmtp-detect.yaml b/network/detection/esmtp-detect.yaml index a95e6cfbf8..8c6dcd8033 100644 --- a/network/detection/esmtp-detect.yaml +++ b/network/detection/esmtp-detect.yaml @@ -12,10 +12,11 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: ESMTP - tags: network,detect,smtp,mail,detection,tcp + verified: true + tags: network,detect,smtp,mail + tcp: - inputs: - data: "\n" diff --git a/network/detection/exim-detect.yaml b/network/detection/exim-detect.yaml index 962381350f..dac5b64098 100644 --- a/network/detection/exim-detect.yaml +++ b/network/detection/exim-detect.yaml @@ -12,10 +12,11 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: product:"Exim smtpd" - tags: network,detect,smtp,mail,exim,detection,tcp + verified: true + tags: network,detect,smtp,mail,exim + tcp: - inputs: - data: "\n" diff --git a/network/detection/expn-mail-detect.yaml b/network/detection/expn-mail-detect.yaml index 64fe8d4e4a..730b5ac4d3 100644 --- a/network/detection/expn-mail-detect.yaml +++ b/network/detection/expn-mail-detect.yaml @@ -8,7 +8,7 @@ info: The "EXPN" can be used by attackers to learn about valid usernames on the target system. On some SMTP servers, EXPN can be used to show the subscribers of a mailing list subscription lists are generally considered to be sensitive information. metadata: max-request: 1 - tags: mail,expn,network,detect,smtp,detection,tcp + tags: mail,expn,network,detect,smtp tcp: - inputs: diff --git a/network/detection/finger-detect.yaml b/network/detection/finger-detect.yaml index 736f0e305c..b1db8234d0 100644 --- a/network/detection/finger-detect.yaml +++ b/network/detection/finger-detect.yaml @@ -7,10 +7,11 @@ info: description: | The finger daemon runs on TCP port 79. The client will (in the case of remote hosts) open a connection to port 79. metadata: - verified: true max-request: 1 shodan-query: port:"79" action - tags: network,finger,detect,detection,tcp + verified: true + tags: network,finger,detect + tcp: - inputs: - data: "\n" diff --git a/network/detection/gnu-inetutils-ftpd-detect.yaml b/network/detection/gnu-inetutils-ftpd-detect.yaml index c85311da1f..b0f64e9844 100644 --- a/network/detection/gnu-inetutils-ftpd-detect.yaml +++ b/network/detection/gnu-inetutils-ftpd-detect.yaml @@ -7,10 +7,11 @@ info: description: | The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files between a client and server on a computer network. metadata: - verified: true max-request: 1 shodan-query: product:"GNU Inetutils FTPd" - tags: network,ftp,smartgateway,gnu,inetutils,detect,detection,tcp + verified: true + tags: network,ftp,smartgateway,gnu,inetutils,detect + tcp: - inputs: - data: "\n" diff --git a/network/detection/gopher-detect.yaml b/network/detection/gopher-detect.yaml index 6efb094bbc..8b07c94d51 100644 --- a/network/detection/gopher-detect.yaml +++ b/network/detection/gopher-detect.yaml @@ -11,7 +11,7 @@ info: cwe-id: CWE-200 metadata: max-request: 1 - tags: network,gopher,detect,detection,tcp + tags: network,gopher,detect tcp: - inputs: diff --git a/network/detection/ibm-d2b-database-server.yaml b/network/detection/ibm-d2b-database-server.yaml index deafa41531..f2a84eb117 100644 --- a/network/detection/ibm-d2b-database-server.yaml +++ b/network/detection/ibm-d2b-database-server.yaml @@ -12,10 +12,11 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: product:"IBM DB2 Database Server" - tags: network,ibm,database,db,db2,detect,detection,tcp + verified: true + tags: network,ibm,database,db,db2,detect + tcp: - inputs: - data: "01c2000000040000b601000053514c4442325241000100000401010005001d008800000001000080000000010900000001000040000000010900000001000040000000010800000004000040000000010400000001000040000000400400000004000040000000010400000004000040000000010400000004000040000000010400000002000040000000010400000004000040000000010000000001000040000000000400000004000080000000010400000004000080000000010400000003000080000000010400000004000080000000010800000001000040000000010400000004000040000000011000000001000080000000011000000001000080000000010400000004000040000000010900000001000040000000010900000001000080000000010400000003000080000000010000000000000000000000000104000001000080000000010000000000000000000000000000000000000000000000000000000001000040000000010000000001000040000000002020202020202020000000000000000000000000000000000100ff000000000000000000000000000000000000000000e404000000000000000000000000000000000000007f" diff --git a/network/detection/imap-detect.yaml b/network/detection/imap-detect.yaml index 9a417a0a22..22d2ec0ada 100644 --- a/network/detection/imap-detect.yaml +++ b/network/detection/imap-detect.yaml @@ -10,10 +10,11 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: imap - tags: network,detect,imap,mail,detection,tcp + verified: true + tags: network,detect,imap,mail + tcp: - inputs: - data: "\n" diff --git a/network/detection/iplanet-imap-detect.yaml b/network/detection/iplanet-imap-detect.yaml index 8570172f60..586851d2bf 100644 --- a/network/detection/iplanet-imap-detect.yaml +++ b/network/detection/iplanet-imap-detect.yaml @@ -10,9 +10,10 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - max-request: 1 fofa-query: app="iPlanet-Messaging-Server-5.2" && protocol="imap" - tags: network,imap,detect,iplanet,detection,tcp + max-request: 1 + tags: network,imap,detect,iplanet + tcp: - inputs: - data: "\n" diff --git a/network/detection/java-rmi-detect.yaml b/network/detection/java-rmi-detect.yaml index 7827d8bbba..527a054c22 100644 --- a/network/detection/java-rmi-detect.yaml +++ b/network/detection/java-rmi-detect.yaml @@ -12,7 +12,7 @@ info: cwe-id: CWE-200 metadata: max-request: 1 - tags: network,rmi,java,detect,detection,tcp + tags: network,rmi,java,detect tcp: - inputs: - data: "{{hex_decode('4a524d4900024b')}}" diff --git a/network/detection/microsoft-ftp-service.yaml b/network/detection/microsoft-ftp-service.yaml index 03129922d8..da5b71a91c 100644 --- a/network/detection/microsoft-ftp-service.yaml +++ b/network/detection/microsoft-ftp-service.yaml @@ -7,10 +7,11 @@ info: description: | The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files between a client and server on a computer network. metadata: - verified: true max-request: 1 shodan-query: Microsoft FTP Service - tags: network,ftp,microsoft,detect,detection,tcp + verified: true + tags: network,ftp,microsoft,detect + tcp: - inputs: diff --git a/network/detection/mikrotik-ftp-server-detect.yaml b/network/detection/mikrotik-ftp-server-detect.yaml index 5cbdac8c05..7e462acecb 100644 --- a/network/detection/mikrotik-ftp-server-detect.yaml +++ b/network/detection/mikrotik-ftp-server-detect.yaml @@ -7,10 +7,11 @@ info: description: | The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files between a client and server on a computer network. metadata: - verified: true max-request: 1 shodan-query: product:"MikroTik router ftpd" - tags: network,ftp,mikrotik,router,detect,detection,tcp + verified: true + tags: network,ftp,mikrotik,router,detect + tcp: - inputs: - data: "\n" diff --git a/network/detection/mikrotik-routeros-api.yaml b/network/detection/mikrotik-routeros-api.yaml index 119e52677d..69b48d9be5 100644 --- a/network/detection/mikrotik-routeros-api.yaml +++ b/network/detection/mikrotik-routeros-api.yaml @@ -10,10 +10,11 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: product:"MikroTik RouterOS API Service" - tags: network,mikrotik,detect,detection,tcp + verified: true + tags: network,mikrotik,detect + tcp: - inputs: - data: "3a0000002f00000002000040020f0001003d050000000000000000000000002f000000000000000000401f0000000000000000000000000000000000" diff --git a/network/detection/mongodb-detect.yaml b/network/detection/mongodb-detect.yaml index 20ee91e9ab..1cd1b6d2dc 100644 --- a/network/detection/mongodb-detect.yaml +++ b/network/detection/mongodb-detect.yaml @@ -13,7 +13,7 @@ info: cwe-id: CWE-200 metadata: max-request: 1 - tags: network,mongodb,detect,detection,tcp + tags: network,mongodb,detect tcp: - inputs: diff --git a/network/detection/moveit-sftp-detect.yaml b/network/detection/moveit-sftp-detect.yaml index 9ef5476b8d..7bbb02ecf8 100644 --- a/network/detection/moveit-sftp-detect.yaml +++ b/network/detection/moveit-sftp-detect.yaml @@ -12,7 +12,7 @@ info: metadata: max-request: 1 shodan-query: "SSH-2.0-MOVEit" - tags: network,ssh,detect,moveit,sftp,detection,tcp + tags: network,ssh,detect,moveit,sftp tcp: - host: diff --git a/network/detection/msmq-detect.yaml b/network/detection/msmq-detect.yaml index 84950825ad..00e3a4619e 100644 --- a/network/detection/msmq-detect.yaml +++ b/network/detection/msmq-detect.yaml @@ -11,11 +11,12 @@ info: - https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-mqqb/50da7ea1-eed7-41f9-ba6a-2aa37f5f1e92 - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21554 metadata: - verified: true + censys-query: services.service_name:MSMQ max-request: 1 shodan-query: MSMQ - censys-query: services.service_name:MSMQ - tags: network,msmq,detect,detection,tcp + verified: true + tags: network,msmq,detect + tcp: - inputs: - data: 10c00b004c494f523c020000ffffffff00000200d1587355509195954997b6e611ea26c60789cd434c39118f44459078909ea0fc4ecade1d100300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 diff --git a/network/detection/mysql-detect.yaml b/network/detection/mysql-detect.yaml index d3e59ca297..1fd8346ac1 100644 --- a/network/detection/mysql-detect.yaml +++ b/network/detection/mysql-detect.yaml @@ -10,10 +10,11 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: product:"MySQL" - tags: network,mysql,db,detect,detection,tcp + verified: true + tags: network,mysql,db,detect + tcp: - inputs: - data: "\n" diff --git a/network/detection/openssh-detect.yaml b/network/detection/openssh-detect.yaml index 80924d06a7..3ebb5103c4 100644 --- a/network/detection/openssh-detect.yaml +++ b/network/detection/openssh-detect.yaml @@ -17,7 +17,7 @@ info: cwe-id: CWE-200 metadata: max-request: 1 - tags: seclists,network,ssh,openssh,detect,detection,tcp + tags: seclists,network,ssh,openssh,detect tcp: - host: diff --git a/network/detection/pgsql-detect.yaml b/network/detection/pgsql-detect.yaml index a42ac2fb94..a25fd6b1ae 100644 --- a/network/detection/pgsql-detect.yaml +++ b/network/detection/pgsql-detect.yaml @@ -13,10 +13,11 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: port:5432 product:"PostgreSQL" - tags: network,postgresql,db,detect,detection,tcp + verified: true + tags: network,postgresql,db,detect + tcp: - inputs: - data: "000000500003000075736572006e75636c6569006461746162617365006e75636c6569006170706c69636174696f6e5f6e616d65007073716c00636c69656e745f656e636f64696e6700555446380000" diff --git a/network/detection/pop3-detect.yaml b/network/detection/pop3-detect.yaml index 69c1d80896..47de28817e 100644 --- a/network/detection/pop3-detect.yaml +++ b/network/detection/pop3-detect.yaml @@ -12,10 +12,11 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: pop3 port:110 - tags: network,detect,pop3,mail,detection,tcp + verified: true + tags: network,detect,pop3,mail + tcp: - inputs: - data: "\n" diff --git a/network/detection/proftpd-server-detect.yaml b/network/detection/proftpd-server-detect.yaml index 79c316da19..f3fcaeb1c9 100644 --- a/network/detection/proftpd-server-detect.yaml +++ b/network/detection/proftpd-server-detect.yaml @@ -7,10 +7,11 @@ info: description: | The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files between a client and server on a computer network. metadata: - verified: true max-request: 1 shodan-query: product:"ProFTPD" - tags: network,ftp,proftpd,detect,detection,tcp + verified: true + tags: network,ftp,proftpd,detect + tcp: - inputs: - data: "\n" diff --git a/network/detection/rabbitmq-detect.yaml b/network/detection/rabbitmq-detect.yaml index 93b2e26950..2ff24e5bd3 100644 --- a/network/detection/rabbitmq-detect.yaml +++ b/network/detection/rabbitmq-detect.yaml @@ -9,10 +9,11 @@ info: reference: - https://nmap.org/nsedoc/scripts/amqp-info.html metadata: - verified: true max-request: 1 shodan-query: product:"RabbitMQ" - tags: network,rabbitmq,oss,detect,detection,tcp + verified: true + tags: network,rabbitmq,oss,detect + tcp: - inputs: - data: "AMQP\u0000\u0000\t\u0001" diff --git a/network/detection/rdp-detect.yaml b/network/detection/rdp-detect.yaml index f42c92112c..b189855773 100644 --- a/network/detection/rdp-detect.yaml +++ b/network/detection/rdp-detect.yaml @@ -10,9 +10,10 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 - tags: network,windows,rdp,detect,detection,tcp + verified: true + tags: network,windows,rdp,detect + tcp: - inputs: - data: "0300002a25e00000000000436f6f6b69653a206d737473686173683d746573740d0a010008000b000000" diff --git a/network/detection/redis-detect.yaml b/network/detection/redis-detect.yaml index 304071c8e0..833dde5b80 100644 --- a/network/detection/redis-detect.yaml +++ b/network/detection/redis-detect.yaml @@ -12,7 +12,7 @@ info: verified: true max-request: 2 shodan-query: product:"redis" - tags: network,redis,detect,detection,tcp + tags: network,redis,detect tcp: - inputs: - data: "*1\r\n$4\r\ninfo\r\n" diff --git a/network/detection/riak-detect.yaml b/network/detection/riak-detect.yaml index e429483b46..a566d47a41 100644 --- a/network/detection/riak-detect.yaml +++ b/network/detection/riak-detect.yaml @@ -6,10 +6,11 @@ info: severity: info description: Riak is a distributed NoSQL key-value data store that offers high availability, fault tolerance, operational simplicity, and scalability. metadata: - verified: true max-request: 1 shodan-query: product:"Riak" - tags: network,oss,detect,riak,nosql,detection,tcp + verified: true + tags: network,oss,detect,riak,nosql + tcp: - inputs: - data: 0000000107 diff --git a/network/detection/rpcbind-portmapper-detect.yaml b/network/detection/rpcbind-portmapper-detect.yaml index 32fb4eb24b..bff4819a5c 100644 --- a/network/detection/rpcbind-portmapper-detect.yaml +++ b/network/detection/rpcbind-portmapper-detect.yaml @@ -10,10 +10,11 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: port:"111" - tags: network,rpcbind,portmap,detect,detection,tcp + verified: true + tags: network,rpcbind,portmap,detect + tcp: - inputs: - data: 8000002836ed646d0000000000000002000186a0000000040000000400000000000000000000000000000000 diff --git a/network/detection/rsyncd-service-detect.yaml b/network/detection/rsyncd-service-detect.yaml index 84f97ace50..b146a8b776 100644 --- a/network/detection/rsyncd-service-detect.yaml +++ b/network/detection/rsyncd-service-detect.yaml @@ -13,7 +13,7 @@ info: cwe-id: CWE-200 metadata: max-request: 1 - tags: network,rsyncd,detect,detection,tcp + tags: network,rsyncd,detect tcp: - inputs: diff --git a/network/detection/rtsp-detect.yaml b/network/detection/rtsp-detect.yaml index 69be4012b8..330b2e95be 100644 --- a/network/detection/rtsp-detect.yaml +++ b/network/detection/rtsp-detect.yaml @@ -12,10 +12,11 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: RTSP/1.0 - tags: network,rtsp,detect,detection,tcp + verified: true + tags: network,rtsp,detect + tcp: - inputs: - data: 4f5054494f4e53207369703a6e6d205349502f322e300d0a5669613a205349502f322e302f544350206e6d3b6272616e63683d666f6f0d0a46726f6d3a203c7369703a6e6d406e6d3e3b7461673d726f6f740d0a546f3a203c7369703a6e6d32406e6d323e0d0a43616c6c2d49443a2035303030300d0a435365713a203432204f5054494f4e530d0a4d61782d466f7277617264733a2037300d0a436f6e74656e742d4c656e6774683a20300d0a436f6e746163743a203c7369703a6e6d406e6d3e0d0a4163636570743a206170706c69636174696f6e2f7364700d0a0d0a diff --git a/network/detection/samba-detect.yaml b/network/detection/samba-detect.yaml index 6e6afb2013..c830550edc 100644 --- a/network/detection/samba-detect.yaml +++ b/network/detection/samba-detect.yaml @@ -5,15 +5,16 @@ info: author: pussycat0x severity: info description: Samba is a free and open-source software that allows files to be shared across Windows and Linux systems simply and easily. - remediation: Always apply the latest security patch. reference: - https://www.samba.org/samba/what_is_samba.html - https://www.samba.org/samba/history/security.html + remediation: Always apply the latest security patch. classification: cwe-id: CWE-200 metadata: max-request: 1 - tags: network,smb,samba,detect,detection,tcp + tags: network,smb,samba,detect + tcp: - inputs: - data: 000000a4ff534d4272000000000801400000000000000000000000000000400600000100008100025043204e4554574f524b2050524f4752414d20312e3000024d4943524f534f4654204e4554574f524b5320312e303300024d4943524f534f4654204e4554574f524b5320332e3000024c414e4d414e312e3000024c4d312e3258303032000253616d626100024e54204c414e4d414e20312e3000024e54204c4d20302e313200 diff --git a/network/detection/sap-router.yaml b/network/detection/sap-router.yaml index 10b43d9f8a..461f6b0cd0 100644 --- a/network/detection/sap-router.yaml +++ b/network/detection/sap-router.yaml @@ -8,7 +8,7 @@ info: SAProuter is a software application that provides a remote connection between our customer's network and SAP. metadata: max-request: 1 - tags: network,sap,detect,saprouter,detection,tcp + tags: network,sap,detect,saprouter tcp: - inputs: diff --git a/network/detection/smb-detect.yaml b/network/detection/smb-detect.yaml index 99094ed7f2..7aa8736bb6 100644 --- a/network/detection/smb-detect.yaml +++ b/network/detection/smb-detect.yaml @@ -8,7 +8,7 @@ info: SMB (Server Message Block) is a network-layered protocol mainly used on Windows for sharing files, printers, and communication between network-attached computers. SMB related vulnerabilities can be levaraged to compromise large-scale systems. metadata: max-request: 1 - tags: network,windows,smb,service,detect,detection,tcp + tags: network,windows,smb,service,detect tcp: - inputs: diff --git a/network/detection/smtp-detect.yaml b/network/detection/smtp-detect.yaml index 0a7d186030..9138afa5a1 100644 --- a/network/detection/smtp-detect.yaml +++ b/network/detection/smtp-detect.yaml @@ -8,7 +8,7 @@ info: SMTP is part of the application layer of the TCP/IP protocol. Using a process called “store and forward,” SMTP moves your email on and across networks. metadata: max-request: 1 - tags: network,service,smtp,detect,mail,detection,tcp + tags: network,service,smtp,detect,mail tcp: - inputs: diff --git a/network/detection/sshd-dropbear-detect.yaml b/network/detection/sshd-dropbear-detect.yaml index 2ec3ca50eb..a4720e86f8 100644 --- a/network/detection/sshd-dropbear-detect.yaml +++ b/network/detection/sshd-dropbear-detect.yaml @@ -7,10 +7,11 @@ info: description: | Dropbear is a software package written by Matt Johnston that provides a Secure Shell-compatible server and client. It is designed as a replacement for standard OpenSSH for environments with low memory and processor resources, such as embedded systems metadata: - verified: true max-request: 1 shodan-query: product:"Dropbear sshd" - tags: network,ssh,dropbear,detect,detection,tcp + verified: true + tags: network,ssh,dropbear,detect + tcp: - inputs: diff --git a/network/detection/starttls-mail-detect.yaml b/network/detection/starttls-mail-detect.yaml index 9c9f2ec54e..d14256180b 100644 --- a/network/detection/starttls-mail-detect.yaml +++ b/network/detection/starttls-mail-detect.yaml @@ -8,7 +8,7 @@ info: STARTTLS is an email protocol command that tells an email server that an email client, including an email client running in a web browser, wants to turn an existing insecure connection into a secure one. metadata: max-request: 1 - tags: mail,starttls,network,detect,smtp,detection,tcp + tags: mail,starttls,network,detect,smtp tcp: - inputs: diff --git a/network/detection/teamspeak3-detect.yaml b/network/detection/teamspeak3-detect.yaml index cac95801e7..d82d3be2bf 100644 --- a/network/detection/teamspeak3-detect.yaml +++ b/network/detection/teamspeak3-detect.yaml @@ -7,10 +7,10 @@ info: description: | ServerQuery is a commandline based administration tool/feature of TeamSpeak 3 server. metadata: - verified: true max-request: 1 shodan-query: product:"TeamSpeak 3 ServerQuery" - tags: network,service,teamspeak3,detect,detection,tcp + verified: true + tags: network,service,teamspeak3,detect tcp: - inputs: - data: "\r\n" diff --git a/network/detection/telnet-detect.yaml b/network/detection/telnet-detect.yaml index 9e0a233339..e927b88941 100644 --- a/network/detection/telnet-detect.yaml +++ b/network/detection/telnet-detect.yaml @@ -7,10 +7,11 @@ info: description: | Telnet is a network protocol used to virtually access a computer and to provide a two-way, collaborative and text-based communication channel between two machines. metadata: - verified: true max-request: 1 shodan-query: port:23 telnet - tags: network,telnet,detect,detection,tcp + verified: true + tags: network,telnet,detect + tcp: - inputs: - data: "\n" diff --git a/network/detection/totemomail-smtp-detect.yaml b/network/detection/totemomail-smtp-detect.yaml index acee38a566..2442f7f1cb 100644 --- a/network/detection/totemomail-smtp-detect.yaml +++ b/network/detection/totemomail-smtp-detect.yaml @@ -8,7 +8,7 @@ info: Totemomail is a comprehensive email solution designed to address all aspects of digital communication security. metadata: max-request: 1 - tags: mail,smtp,network,totemomail,detect,detection,tcp + tags: mail,smtp,network,totemomail,detect tcp: - inputs: diff --git a/network/detection/vmware-authentication-daemon-detect.yaml b/network/detection/vmware-authentication-daemon-detect.yaml index b51db23958..e7d189ea39 100644 --- a/network/detection/vmware-authentication-daemon-detect.yaml +++ b/network/detection/vmware-authentication-daemon-detect.yaml @@ -7,10 +7,11 @@ info: description: | vmauthd is the VMWare authentication daemon that is included with many VMWare products, including ESX(i), and Workstation. metadata: - verified: true max-request: 1 shodan-query: product:"VMware Authentication Daemon" - tags: network,vmware,authenticated,detect,detection,tcp + verified: true + tags: network,vmware,authenticated,detect + tcp: - inputs: diff --git a/network/detection/vnc-service-detect.yaml b/network/detection/vnc-service-detect.yaml index 410d518ce6..88e236633e 100644 --- a/network/detection/vnc-service-detect.yaml +++ b/network/detection/vnc-service-detect.yaml @@ -9,7 +9,7 @@ info: cwe-id: CWE-200 metadata: max-request: 1 - tags: network,vnc,service,detect,detection,tcp + tags: network,vnc,service,detect tcp: - inputs: diff --git a/network/detection/weblogic-iiop-detect.yaml b/network/detection/weblogic-iiop-detect.yaml index 10778d7b20..13d3028014 100644 --- a/network/detection/weblogic-iiop-detect.yaml +++ b/network/detection/weblogic-iiop-detect.yaml @@ -8,7 +8,7 @@ info: The IIOP (Internet Inter-ORB Protocol) protocol makes it possible for distributed programs written in different programming languages to communicate over the Internet. metadata: max-request: 1 - tags: network,weblogic,detect,oracle,iiop,detection,tcp + tags: network,weblogic,detect,oracle,iiop tcp: - inputs: - data: "{{hex_decode('47494f50010200030000001700000002000000000000000b4e616d6553657276696365')}}" diff --git a/network/detection/weblogic-t3-detect.yaml b/network/detection/weblogic-t3-detect.yaml index a11104ae2d..8ef1dbf125 100644 --- a/network/detection/weblogic-t3-detect.yaml +++ b/network/detection/weblogic-t3-detect.yaml @@ -8,7 +8,7 @@ info: T3 is the protocol used to transport information between WebLogic servers and other types of Java programs. metadata: max-request: 2 - tags: network,weblogic,detect,t3,oracle,detection,tcp + tags: network,weblogic,detect,t3,oracle tcp: - inputs: - data: "t3 12.2.1 diff --git a/network/detection/wing-ftp-detect.yaml b/network/detection/wing-ftp-detect.yaml index fd3fd0d194..f73ee40f28 100644 --- a/network/detection/wing-ftp-detect.yaml +++ b/network/detection/wing-ftp-detect.yaml @@ -7,10 +7,11 @@ info: description: | The File Transfer Protocol (FTP) is a standard network protocol that transfers computer files between a client and server on a computer network. metadata: - verified: true max-request: 1 + verified: true shodan-query: "Wing FTP Server" - tags: network,ftp,wing,detect,detection,tcp + tags: network,ftp,wing,detect + tcp: - inputs: - data: "\n" diff --git a/network/detection/ws_ftp-ssh-detect.yaml b/network/detection/ws_ftp-ssh-detect.yaml index 3e45912b3a..56a7c89681 100644 --- a/network/detection/ws_ftp-ssh-detect.yaml +++ b/network/detection/ws_ftp-ssh-detect.yaml @@ -8,7 +8,7 @@ info: WS_FTP-SSH service was detected. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 + cvss-score: 0.0 cwe-id: CWE-200 metadata: verified: true @@ -16,7 +16,8 @@ info: vendor: progress product: ws_ftp shodan-query: "WS_FTP port:22" - tags: network,ssh,ws_ftp,detect,progress,detection,tcp + tags: network,ssh,ws_ftp,detect,progress + tcp: - host: - "{{Hostname}}" diff --git a/network/detection/xlight-ftp-service-detect.yaml b/network/detection/xlight-ftp-service-detect.yaml index 768b03b4be..7b6ee3d28d 100644 --- a/network/detection/xlight-ftp-service-detect.yaml +++ b/network/detection/xlight-ftp-service-detect.yaml @@ -7,10 +7,11 @@ info: description: | The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files between a client and server on a computer network. metadata: - verified: true max-request: 1 shodan-query: product:"Xlight ftpd" - tags: network,ftp,xlight,detect,detection,tcp + verified: true + tags: network,ftp,xlight,detect + tcp: - inputs: diff --git a/network/enumeration/beanstalk-service.yaml b/network/enumeration/beanstalk-service.yaml index 6ecb51e21a..ebd0a6e0f9 100644 --- a/network/enumeration/beanstalk-service.yaml +++ b/network/enumeration/beanstalk-service.yaml @@ -9,10 +9,11 @@ info: reference: - https://jhadiary.wordpress.com/2016/05/18/beanstalk-helping-commands/ metadata: - verified: true max-request: 1 + verified: true shodan-query: port:11300 "cmd-peek" - tags: network,beanstalk,detect,enum,tcp + tags: network,beanstalk,detect,enum + tcp: - inputs: - data: "stats\r\n" diff --git a/network/enumeration/kafka-topics-list.yaml b/network/enumeration/kafka-topics-list.yaml index 90156a3d64..abec99584e 100644 --- a/network/enumeration/kafka-topics-list.yaml +++ b/network/enumeration/kafka-topics-list.yaml @@ -7,10 +7,11 @@ info: description: | Kafka topics are logical data streams that store and organize messages in Apache Kafka. They provide a way for data to be published, subscribed to, and processed by Kafka consumers. metadata: - verified: true max-request: 1 + verified: true shodan-query: product:"Kafka" - tags: network,detect,enum,kafka,apache,tcp + tags: network,detect,enum,kafka,apache + tcp: - inputs: - data: 00000020000300000000000200126b61666b612d707974686f6e2d322e302e3200000000 diff --git a/network/enumeration/mongodb-info-enum.yaml b/network/enumeration/mongodb-info-enum.yaml index dbda8ba16c..e9d2f287a1 100644 --- a/network/enumeration/mongodb-info-enum.yaml +++ b/network/enumeration/mongodb-info-enum.yaml @@ -12,10 +12,11 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - verified: true max-request: 1 shodan-query: mongodb server information - tags: network,mongodb,enum,tcp + verified: true + tags: network,mongodb,enum + tcp: - inputs: - data: 3b0000003c300000ffffffffd40700000000000061646d696e2e24636d640000000000ffffffff14000000106275696c64696e666f000100000000 diff --git a/network/enumeration/niagara-fox-info-enum.yaml b/network/enumeration/niagara-fox-info-enum.yaml index 1515a39ec2..a88e118181 100644 --- a/network/enumeration/niagara-fox-info-enum.yaml +++ b/network/enumeration/niagara-fox-info-enum.yaml @@ -9,10 +9,11 @@ info: reference: - https://nmap.org/nsedoc/scripts/fox-info.html metadata: - verified: true max-request: 1 shodan-query: product:"Niagara Fox" - tags: network,fox,niagara,enum,tcp + verified: true + tags: network,fox,niagara,enum + tcp: - inputs: - data: "fox a 1 -1 fox hello\n{\nfox.version=s:1.0\nid=i:1\n};;\n" diff --git a/network/enumeration/psql-user-enum.yaml b/network/enumeration/psql-user-enum.yaml index c07fbcd29b..d453aeed64 100644 --- a/network/enumeration/psql-user-enum.yaml +++ b/network/enumeration/psql-user-enum.yaml @@ -9,10 +9,11 @@ info: reference: - https://medium.com/@netscylla/pentesters-guide-to-postgresql-hacking-59895f4f007 metadata: - verified: "true" max-request: 1 shodan-query: port:5432 product:"PostgreSQL" - tags: network,postgresql,db,unauth,enum,psql,tcp + verified: "true" + tags: network,postgresql,db,unauth,enum,psql + tcp: - inputs: - data: "{{hex_encode('\u0000\u0000\u0000{{str}}\u0000\u0003\u0000\u0000user\u0000{{users}}\u0000database\u0000{{users}}\u0000application_name\u0000psql\u0000client_encoding\u0000UTF8\u0000\u0000')}}" diff --git a/network/enumeration/smtp/smtp-commands-enum.yaml b/network/enumeration/smtp/smtp-commands-enum.yaml index 7cec388952..bf7c6371df 100644 --- a/network/enumeration/smtp/smtp-commands-enum.yaml +++ b/network/enumeration/smtp/smtp-commands-enum.yaml @@ -9,10 +9,11 @@ info: reference: - https://nmap.org/nsedoc/scripts/smtp-commands.html metadata: - verified: true max-request: 1 shodan-query: smtp - tags: network,enum,smtp,mail,tcp + verified: true + tags: network,enum,smtp,mail + tcp: - inputs: - data: "EHLO x\r\n" diff --git a/network/enumeration/smtp/smtp-user-enum.yaml b/network/enumeration/smtp/smtp-user-enum.yaml index 636063d795..6413362b1b 100644 --- a/network/enumeration/smtp/smtp-user-enum.yaml +++ b/network/enumeration/smtp/smtp-user-enum.yaml @@ -9,10 +9,11 @@ info: reference: - https://nmap.org/nsedoc/scripts/smtp-enum-users.html metadata: - verified: true max-request: 1 shodan-query: smtp - tags: network,enum,smtp,mail,tcp + verified: true + tags: network,enum,smtp,mail + tcp: - inputs: - data: "VRFY {{useraccounts}}\n" diff --git a/network/exposures/cisco-smi-exposure.yaml b/network/exposures/cisco-smi-exposure.yaml index 67e08c76fd..8ee1ea69ba 100644 --- a/network/exposures/cisco-smi-exposure.yaml +++ b/network/exposures/cisco-smi-exposure.yaml @@ -17,7 +17,7 @@ info: cwe-id: CWE-200 metadata: max-request: 1 - tags: network,cisco,smi,exposure,tcp + tags: network,cisco,smi,exposure tcp: - inputs: diff --git a/network/exposures/exposed-adb.yaml b/network/exposures/exposed-adb.yaml index 16e2cb1d51..f8615f9cd7 100644 --- a/network/exposures/exposed-adb.yaml +++ b/network/exposures/exposed-adb.yaml @@ -11,7 +11,7 @@ info: - https://www.securezoo.com/2018/06/thousands-of-android-devices-leave-debug-port-5555-exposed/ metadata: max-request: 1 - tags: network,adb,rce,android,exposure,tcp + tags: network,adb,rce,android,exposure tcp: - inputs: diff --git a/network/exposures/exposed-dockerd.yaml b/network/exposures/exposed-dockerd.yaml index d5ebbf6c5b..4bbec4da52 100644 --- a/network/exposures/exposed-dockerd.yaml +++ b/network/exposures/exposed-dockerd.yaml @@ -7,10 +7,11 @@ info: description: | Docker Daemon exposed on the network map can help remote attacker to gain access to the Docker containers and potentially the host system. metadata: - verified: true max-request: 1 shodan-query: port:2375 product:"docker" - tags: network,docker,exposure,tcp + verified: true + tags: network,docker,exposure + tcp: - inputs: - data: "Docker:\nVersion:\n" diff --git a/network/exposures/exposed-redis.yaml b/network/exposures/exposed-redis.yaml index ea11472061..7e561cf726 100644 --- a/network/exposures/exposed-redis.yaml +++ b/network/exposures/exposed-redis.yaml @@ -13,7 +13,7 @@ info: cwe-id: CWE-306 metadata: max-request: 2 - tags: network,redis,unauth,exposure,tcp + tags: network,redis,unauth,exposure tcp: - inputs: diff --git a/network/exposures/exposed-zookeeper.yaml b/network/exposures/exposed-zookeeper.yaml index 2a402b16f8..31d8f2b33f 100644 --- a/network/exposures/exposed-zookeeper.yaml +++ b/network/exposures/exposed-zookeeper.yaml @@ -9,7 +9,7 @@ info: - https://zookeeper.apache.org/security.html metadata: max-request: 1 - tags: network,zookeeper,unauth,exposure,tcp + tags: network,zookeeper,unauth,exposure tcp: - inputs: diff --git a/network/honeypot/adbhoney-honeypot-cnxn-detect.yaml b/network/honeypot/adbhoney-honeypot-cnxn-detect.yaml index 52bfd2a477..e1cf0c28ef 100644 --- a/network/honeypot/adbhoney-honeypot-cnxn-detect.yaml +++ b/network/honeypot/adbhoney-honeypot-cnxn-detect.yaml @@ -8,12 +8,13 @@ info: ADBHoney honeypot has been identified. The response to the 'adb connect' command differs from real installations, signaling a possible deceptive setup. metadata: - verified: true max-request: 1 - vendor: android product: adb shodan-query: product:Android Debug Bridge (ADB) && SM-G960F - tags: adbhoney,android,adb,honeypot,ir,cti,network,tcp + vendor: android + verified: true + tags: adbhoney,android,adb,honeypot,ir,cti,network + tcp: - inputs: - data: "434e584e0100000100001000ea000000445b0000bcb1a7b1" # CNXN diff --git a/network/honeypot/adbhoney-honeypot-shell-detect.yaml b/network/honeypot/adbhoney-honeypot-shell-detect.yaml index b7a0c845e0..2815e73bb1 100644 --- a/network/honeypot/adbhoney-honeypot-shell-detect.yaml +++ b/network/honeypot/adbhoney-honeypot-shell-detect.yaml @@ -8,12 +8,13 @@ info: ADBHoney honeypot has been identified. The response to the 'adb shell pwd' command differs from real installations, signaling a possible deceptive setup. metadata: - verified: true max-request: 1 - vendor: android product: adb shodan-query: product:Android Debug Bridge (ADB) && SM-G960F - tags: adbhoney,android,adb,honeypot,ir,cti,network,tcp + vendor: android + verified: true + tags: adbhoney,android,adb,honeypot,ir,cti,network + tcp: - inputs: - data: "434e584e0100000100001000ea000000445b0000bcb1a7b1" # CNXN diff --git a/network/honeypot/conpot-siemens-honeypot-detect.yaml b/network/honeypot/conpot-siemens-honeypot-detect.yaml index 5107bde517..6cbeef73bc 100644 --- a/network/honeypot/conpot-siemens-honeypot-detect.yaml +++ b/network/honeypot/conpot-siemens-honeypot-detect.yaml @@ -8,12 +8,13 @@ info: A Conpot (Siemens) honeypot has been identified. The response to a first packet of a connection attempt differs from real installations, signaling a possible deceptive setup. metadata: - verified: true max-request: 1 + verified: true vendor: conpot product: siemens shodan-query: html:"Overview - Siemens, SIMATIC" - tags: conpot,siemens,honeypot,ir,cti,network,tcp + tags: conpot,siemens,honeypot,ir,cti,network + tcp: - inputs: - data: "0300001611e00000000400c1020100c2020102c0010a" diff --git a/network/honeypot/cowrie-ssh-honeypot-detect.yaml b/network/honeypot/cowrie-ssh-honeypot-detect.yaml index 70749e2433..da526c0d5a 100644 --- a/network/honeypot/cowrie-ssh-honeypot-detect.yaml +++ b/network/honeypot/cowrie-ssh-honeypot-detect.yaml @@ -9,9 +9,10 @@ info: The response to a wrong SSH version differs from real installations, signaling a possible deceptive setup. metadata: max-request: 1 - vendor: cowrie product: ssh - tags: cowrie,twisted,ssh,honeypot,ir,cti,network,tcp + vendor: cowrie + tags: cowrie,twisted,ssh,honeypot,ir,cti,network + tcp: - inputs: - data: "SSH-1337-OpenSSH_9.0\r\n" diff --git a/network/honeypot/dionaea-ftp-honeypot-detect.yaml b/network/honeypot/dionaea-ftp-honeypot-detect.yaml index e0f388d162..b32d00318a 100644 --- a/network/honeypot/dionaea-ftp-honeypot-detect.yaml +++ b/network/honeypot/dionaea-ftp-honeypot-detect.yaml @@ -9,9 +9,10 @@ info: The response to the 'PASS' command differs from real installations, signaling a possible deceptive setup. metadata: max-request: 1 - vendor: dionaea product: ftp - tags: dionaea,ftp,honeypot,ir,cti,network,tcp + vendor: dionaea + tags: dionaea,ftp,honeypot,ir,cti,network + tcp: - inputs: - data: "USER root\r\n" diff --git a/network/honeypot/dionaea-mqtt-honeypot-detect.yaml b/network/honeypot/dionaea-mqtt-honeypot-detect.yaml index f2f6f9b793..4c7ab44734 100644 --- a/network/honeypot/dionaea-mqtt-honeypot-detect.yaml +++ b/network/honeypot/dionaea-mqtt-honeypot-detect.yaml @@ -8,12 +8,13 @@ info: A Dionaea MQTT honeypot has been identified. The response to a MQTTv5 packet differs from real installations, signaling a possible deceptive setup. metadata: - verified: true max-request: 1 - vendor: dionaea product: mqtt shodan-query: product:"MQTT" - tags: dionaea,mqtt,honeypot,ir,cti,network,tcp + vendor: dionaea + verified: true + tags: dionaea,mqtt,honeypot,ir,cti,network + tcp: - inputs: - data: "101000044d5154540502003c032100140000" diff --git a/network/honeypot/dionaea-mysql-honeypot-detect.yaml b/network/honeypot/dionaea-mysql-honeypot-detect.yaml index 2eecdf6c24..6cdc4bab52 100644 --- a/network/honeypot/dionaea-mysql-honeypot-detect.yaml +++ b/network/honeypot/dionaea-mysql-honeypot-detect.yaml @@ -9,9 +9,10 @@ info: The response to a connection command differs from real installations, signaling a possible deceptive setup. metadata: max-request: 1 - vendor: dionaea product: mysql - tags: dionaea,mysql,honeypot,ir,cti,network,tcp + vendor: dionaea + tags: dionaea,mysql,honeypot,ir,cti,network + tcp: - inputs: - data: "\x4a\x00\x00\x00\x0a\x35\x2e\x31\x2e\x32\x39\x00\x0b\x00\x00\x00\x21\x3e\x34\x1b\x51\x3f\x34\x33\x60\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" diff --git a/network/honeypot/dionaea-smb-honeypot-detect.yaml b/network/honeypot/dionaea-smb-honeypot-detect.yaml index e2af0c93c1..49d89e5226 100644 --- a/network/honeypot/dionaea-smb-honeypot-detect.yaml +++ b/network/honeypot/dionaea-smb-honeypot-detect.yaml @@ -9,10 +9,11 @@ info: The response to an SMB connection packet differs from real installations, signaling a possible deceptive setup. metadata: max-request: 1 + shodan-query: port:445 vendor: dionaea product: dionaea - shodan-query: port:445 - tags: dionaea,smb,honeypot,ir,cti,network,tcp + tags: dionaea,smb,honeypot,ir,cti,network + tcp: - inputs: - data: "00000045ff534d4272000000000801c8000000000000000000000000ffff0100ffff0000002200024e54204c4d20302e31320002534d4220322e3030320002534d4220322e3f3f3f00" diff --git a/network/honeypot/gaspot-honeypot-detect.yaml b/network/honeypot/gaspot-honeypot-detect.yaml index 1e4c39adf8..9eb681263d 100644 --- a/network/honeypot/gaspot-honeypot-detect.yaml +++ b/network/honeypot/gaspot-honeypot-detect.yaml @@ -9,10 +9,11 @@ info: The response to the '^AI21400' command differs from real installations, signaling a possible deceptive setup. metadata: max-request: 1 - vendor: gaspot product: veeder-root shodan-query: port:10001 - tags: gaspot,veeder-root,ics,honeypot,ir,cti,network,tcp + vendor: gaspot + tags: gaspot,veeder-root,ics,honeypot,ir,cti,network + tcp: - inputs: - data: "^AI21400" diff --git a/network/honeypot/mailoney-honeypot-detect.yaml b/network/honeypot/mailoney-honeypot-detect.yaml index c14f69197f..5f1defcd34 100644 --- a/network/honeypot/mailoney-honeypot-detect.yaml +++ b/network/honeypot/mailoney-honeypot-detect.yaml @@ -9,9 +9,10 @@ info: The response to the 'HELP' command differs from real installations, signaling a possible deceptive setup. metadata: max-request: 1 - vendor: mailoney product: exim - tags: mailoney,exim,smtp,honeypot,ir,cti,network,tcp + vendor: mailoney + tags: mailoney,exim,smtp,honeypot,ir,cti,network + tcp: - inputs: - data: "HELP\r\n" diff --git a/network/honeypot/redis-honeypot-detect.yaml b/network/honeypot/redis-honeypot-detect.yaml index 1381c4351a..5f4ff72394 100644 --- a/network/honeypot/redis-honeypot-detect.yaml +++ b/network/honeypot/redis-honeypot-detect.yaml @@ -11,10 +11,11 @@ info: cpe: cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:* metadata: max-request: 1 - vendor: redis product: redis shodan-query: redis - tags: redis,honeypot,ir,cti,network,tcp + vendor: redis + tags: redis,honeypot,ir,cti,network + tcp: - inputs: - data: "QUIT" diff --git a/network/jarm/c2/cobalt-strike-c2-jarm.yaml b/network/jarm/c2/cobalt-strike-c2-jarm.yaml index 39601ecb44..d60ce89b52 100644 --- a/network/jarm/c2/cobalt-strike-c2-jarm.yaml +++ b/network/jarm/c2/cobalt-strike-c2-jarm.yaml @@ -12,7 +12,7 @@ info: verified: true max-request: 1 shodan-query: ssl.jarm:07d14d16d21d21d07c42d41d00041d24a458a375eef0c576d23a7bab9a9fb1+port:443 - tags: jarm,network,c2,ir,osint,cti,cobalt-strike,tcp + tags: jarm,network,c2,ir,osint,cti,cobalt-strike tcp: - inputs: - data: 2E diff --git a/network/jarm/c2/covenant-c2-jarm.yaml b/network/jarm/c2/covenant-c2-jarm.yaml index e86d244e78..0589a5d0bf 100644 --- a/network/jarm/c2/covenant-c2-jarm.yaml +++ b/network/jarm/c2/covenant-c2-jarm.yaml @@ -11,7 +11,7 @@ info: - https://twitter.com/MichalKoczwara/status/1548685058403360770 metadata: max-request: 1 - tags: jarm,network,c2,ir,osint,cti,covenant,tcp + tags: jarm,network,c2,ir,osint,cti,covenant tcp: - inputs: - data: 2E diff --git a/network/jarm/c2/deimos-c2-jarm.yaml b/network/jarm/c2/deimos-c2-jarm.yaml index bf1ee183f0..098e0d79a8 100644 --- a/network/jarm/c2/deimos-c2-jarm.yaml +++ b/network/jarm/c2/deimos-c2-jarm.yaml @@ -11,7 +11,7 @@ info: - https://twitter.com/MichalKoczwara/status/1551632627387473920 metadata: max-request: 1 - tags: jarm,c2,ir,osint,cti,deimos,network,tcp + tags: jarm,c2,ir,osint,cti,deimos,network tcp: - inputs: - data: 2E diff --git a/network/jarm/c2/evilginx2-jarm.yaml b/network/jarm/c2/evilginx2-jarm.yaml index 85efbd2517..eb3ca54cd4 100644 --- a/network/jarm/c2/evilginx2-jarm.yaml +++ b/network/jarm/c2/evilginx2-jarm.yaml @@ -11,7 +11,7 @@ info: - https://github.com/kgretzky/evilginx2 metadata: max-request: 1 - tags: jarm,network,c2,ir,osint,cti,evilginx2,phishing,tcp + tags: jarm,network,c2,ir,osint,cti,evilginx2,phishing tcp: - inputs: - data: 2E diff --git a/network/jarm/c2/generic-c2-jarm.yaml b/network/jarm/c2/generic-c2-jarm.yaml index c51265b260..ba02a7897e 100644 --- a/network/jarm/c2/generic-c2-jarm.yaml +++ b/network/jarm/c2/generic-c2-jarm.yaml @@ -10,7 +10,7 @@ info: - https://github.com/MichaelKoczwara/C2JARM metadata: max-request: 1 - tags: network,jarm,c2,ir,osint,cti,tcp + tags: network,jarm,c2,ir,osint,cti tcp: - inputs: - data: 2E diff --git a/network/jarm/c2/grat2-c2-jarm.yaml b/network/jarm/c2/grat2-c2-jarm.yaml index b2e4162165..02ea45e886 100644 --- a/network/jarm/c2/grat2-c2-jarm.yaml +++ b/network/jarm/c2/grat2-c2-jarm.yaml @@ -11,7 +11,7 @@ info: - https://github.com/r3nhat/GRAT2 metadata: max-request: 1 - tags: c2,jarm,network,ir,osint,cti,shad0w,tcp + tags: c2,jarm,network,ir,osint,cti,shad0w tcp: - inputs: - data: 2E diff --git a/network/jarm/c2/havoc-c2-jarm.yaml b/network/jarm/c2/havoc-c2-jarm.yaml index f4fb946ebd..7ccd6850f7 100644 --- a/network/jarm/c2/havoc-c2-jarm.yaml +++ b/network/jarm/c2/havoc-c2-jarm.yaml @@ -13,7 +13,7 @@ info: verified: "true" max-request: 1 shodan-query: 'ssl:postalCode=3540 ssl.jarm:3fd21b20d00000021c43d21b21b43de0a012c76cf078b8d06f4620c2286f5e' - tags: jarm,c2,ir,osint,cti,havoc,network,tcp + tags: jarm,c2,ir,osint,cti,havoc,network tcp: - inputs: - data: 2E diff --git a/network/jarm/c2/mac-c2-jarm.yaml b/network/jarm/c2/mac-c2-jarm.yaml index 3c10258199..e10e035f49 100644 --- a/network/jarm/c2/mac-c2-jarm.yaml +++ b/network/jarm/c2/mac-c2-jarm.yaml @@ -11,7 +11,7 @@ info: - https://github.com/cedowens/MacC2 metadata: max-request: 1 - tags: jarm,network,c2,ir,osint,cti,macc2,tcp + tags: jarm,network,c2,ir,osint,cti,macc2 tcp: - inputs: - data: 2E diff --git a/network/jarm/c2/macshell-c2-jarm.yaml b/network/jarm/c2/macshell-c2-jarm.yaml index 3efd1cfe00..78e2e3e956 100644 --- a/network/jarm/c2/macshell-c2-jarm.yaml +++ b/network/jarm/c2/macshell-c2-jarm.yaml @@ -11,7 +11,7 @@ info: - https://github.com/cedowens/MacShellSwift metadata: max-request: 1 - tags: jarm,network,c2,ir,osint,cti,macshell,tcp + tags: jarm,network,c2,ir,osint,cti,macshell tcp: - inputs: - data: 2E diff --git a/network/jarm/c2/merlin-c2-jarm.yaml b/network/jarm/c2/merlin-c2-jarm.yaml index efb2195b4d..b43ccbf94c 100644 --- a/network/jarm/c2/merlin-c2-jarm.yaml +++ b/network/jarm/c2/merlin-c2-jarm.yaml @@ -11,7 +11,7 @@ info: - https://merlin-c2.readthedocs.io/en/latest/ metadata: max-request: 1 - tags: jarm,network,c2,ir,osint,cti,merlin,tcp + tags: jarm,network,c2,ir,osint,cti,merlin tcp: - inputs: - data: 2E diff --git a/network/jarm/c2/metasploit-c2-jarm.yaml b/network/jarm/c2/metasploit-c2-jarm.yaml index 72cae7ea12..fb8f6e89e8 100644 --- a/network/jarm/c2/metasploit-c2-jarm.yaml +++ b/network/jarm/c2/metasploit-c2-jarm.yaml @@ -11,7 +11,7 @@ info: - https://www.socinvestigation.com/shodan-filters-to-hunt-adversaries-infrastructure-and-c2/ metadata: max-request: 1 - tags: jarm,network,c2,ir,osint,cti,metasploit,tcp + tags: jarm,network,c2,ir,osint,cti,metasploit tcp: - inputs: - data: 2E diff --git a/network/jarm/c2/mythic-c2-jarm.yaml b/network/jarm/c2/mythic-c2-jarm.yaml index c61844df73..e6464bdb08 100644 --- a/network/jarm/c2/mythic-c2-jarm.yaml +++ b/network/jarm/c2/mythic-c2-jarm.yaml @@ -12,7 +12,7 @@ info: - https://www.socinvestigation.com/shodan-filters-to-hunt-adversaries-infrastructure-and-c2/ metadata: max-request: 1 - tags: jarm,network,c2,ir,osint,cti,mythic,tcp + tags: jarm,network,c2,ir,osint,cti,mythic tcp: - inputs: - data: 2E diff --git a/network/jarm/c2/posh-c2-jarm.yaml b/network/jarm/c2/posh-c2-jarm.yaml index 4a3a74dfc5..a74933c0dc 100644 --- a/network/jarm/c2/posh-c2-jarm.yaml +++ b/network/jarm/c2/posh-c2-jarm.yaml @@ -12,7 +12,7 @@ info: - https://poshc2.readthedocs.io/en/latest/ metadata: max-request: 1 - tags: jarm,network,c2,ir,osint,cti,posh,tcp + tags: jarm,network,c2,ir,osint,cti,posh tcp: - inputs: - data: 2E diff --git a/network/jarm/c2/shad0w-c2-jarm.yaml b/network/jarm/c2/shad0w-c2-jarm.yaml index 057615fa2d..6092db22be 100644 --- a/network/jarm/c2/shad0w-c2-jarm.yaml +++ b/network/jarm/c2/shad0w-c2-jarm.yaml @@ -11,7 +11,7 @@ info: - https://github.com/bats3c/shad0w metadata: max-request: 1 - tags: jarm,network,c2,ir,osint,cti,shad0w,tcp + tags: jarm,network,c2,ir,osint,cti,shad0w tcp: - inputs: - data: 2E diff --git a/network/jarm/c2/silenttrinity-c2-jarm.yaml b/network/jarm/c2/silenttrinity-c2-jarm.yaml index 351a64b2eb..3bebaa2553 100644 --- a/network/jarm/c2/silenttrinity-c2-jarm.yaml +++ b/network/jarm/c2/silenttrinity-c2-jarm.yaml @@ -11,7 +11,7 @@ info: - https://github.com/byt3bl33d3r/SILENTTRINITY metadata: max-request: 1 - tags: jarm,network,c2,ir,osint,cti,silenttrinity,tcp + tags: jarm,network,c2,ir,osint,cti,silenttrinity tcp: - inputs: - data: 2E diff --git a/network/jarm/c2/sliver-c2-jarm.yaml b/network/jarm/c2/sliver-c2-jarm.yaml index 793cd172e9..968fb52b92 100644 --- a/network/jarm/c2/sliver-c2-jarm.yaml +++ b/network/jarm/c2/sliver-c2-jarm.yaml @@ -11,7 +11,7 @@ info: - https://github.com/BishopFox/sliver metadata: max-request: 1 - tags: jarm,network,c2,ir,osint,cti,sliver,tcp + tags: jarm,network,c2,ir,osint,cti,sliver tcp: - inputs: - data: 2E diff --git a/network/misconfig/apache-dubbo-unauth.yaml b/network/misconfig/apache-dubbo-unauth.yaml index 2060d0eedd..bd5e4743d4 100644 --- a/network/misconfig/apache-dubbo-unauth.yaml +++ b/network/misconfig/apache-dubbo-unauth.yaml @@ -9,10 +9,11 @@ info: reference: - https://dubbo.apache.org/en/docs3-v2/java-sdk/advanced-features-and-usage/security/auth/ metadata: - verified: true - max-request: 1 fofa-query: apache dubbo - tags: network,dubbo,apache,unauth,misconfig,tcp + max-request: 1 + verified: true + tags: network,dubbo,apache,unauth,misconfig + tcp: - inputs: - data: "68656c700d0a" diff --git a/network/misconfig/apache-rocketmq-broker-unauth.yaml b/network/misconfig/apache-rocketmq-broker-unauth.yaml index d091f52aa5..548ceb290d 100644 --- a/network/misconfig/apache-rocketmq-broker-unauth.yaml +++ b/network/misconfig/apache-rocketmq-broker-unauth.yaml @@ -9,11 +9,12 @@ info: reference: - https://rocketmq.apache.org/docs/bestPractice/03access metadata: - verified: true + fofa-query: protocol="rocketmq" max-request: 1 shodan-query: title:"RocketMQ" - fofa-query: protocol="rocketmq" - tags: network,rocketmq,broker,apache,unauth,misconfig,tcp + verified: true + tags: network,rocketmq,broker,apache,unauth,misconfig + tcp: - inputs: - data: "000000c9000000b17b22636f6465223a32352c226578744669656c6473223a7b224163636573734b6579223a22726f636b65746d7132222c225369676e6174757265223a222b7a6452645575617a6953516b4855557164727477673146386a6b3d227d2c22666c6167223a302c226c616e6775616765223a224a415641222c226f7061717565223a302c2273657269616c697a655479706543757272656e74525043223a224a534f4e222c2276657273696f6e223a3433337d746573745f6b65793d746573745f76616c75650a0a" diff --git a/network/misconfig/clamav-unauth.yaml b/network/misconfig/clamav-unauth.yaml index a2d91dc856..cd31e75d47 100644 --- a/network/misconfig/clamav-unauth.yaml +++ b/network/misconfig/clamav-unauth.yaml @@ -12,10 +12,11 @@ info: - https://seclists.org/nmap-dev/2016/q2/201 - https://bugzilla.clamav.net/show_bug.cgi?id=11585 metadata: - verified: true max-request: 1 shodan-query: port:3310 product:"ClamAV" version:"0.99.2" - tags: network,clamav,unauth,seclists,misconfig,tcp + verified: true + tags: network,clamav,unauth,seclists,misconfig + tcp: - inputs: - data: "SCAN /nonexistent/{{to_lower(rand_text_alpha(10))}}\r\n" diff --git a/network/misconfig/clickhouse-unauth.yaml b/network/misconfig/clickhouse-unauth.yaml index bfb44326ff..e8460a0350 100644 --- a/network/misconfig/clickhouse-unauth.yaml +++ b/network/misconfig/clickhouse-unauth.yaml @@ -7,7 +7,7 @@ info: description: ClickHouse was able to be accessed with no required authentication in place. metadata: max-request: 1 - tags: network,clickhouse,unauth,misconfig,tcp + tags: network,clickhouse,unauth,misconfig tcp: - inputs: diff --git a/network/misconfig/dropbear-weakalgo.yaml b/network/misconfig/dropbear-weakalgo.yaml index ae0038f05a..d8034d65c1 100644 --- a/network/misconfig/dropbear-weakalgo.yaml +++ b/network/misconfig/dropbear-weakalgo.yaml @@ -6,15 +6,16 @@ info: severity: low description: | The SSH key exchange algorithm is fundamental to keep the protocol secure. It is what allows two previously unknown parties to generate a shared key in plain sight, and have that secret remain private to the client and server. Over time, some implementations of this algorithm have been identified as weak or vulnerable. - remediation: | - Disable the weak algorithms. reference: | https://www.virtuesecurity.com/kb/ssh-weak-key-exchange-algorithms-enabled + remediation: | + Disable the weak algorithms. metadata: - verified: true max-request: 1 shodan-query: product:"Dropbear sshd" - tags: network,ssh,dropbear,misconfig,tcp + verified: true + tags: network,ssh,dropbear,misconfig + tcp: - inputs: - data: "\n" diff --git a/network/misconfig/dropbear-weakmac.yaml b/network/misconfig/dropbear-weakmac.yaml index 3a0b643526..56f4dcb786 100644 --- a/network/misconfig/dropbear-weakmac.yaml +++ b/network/misconfig/dropbear-weakmac.yaml @@ -6,15 +6,16 @@ info: severity: low description: | The mac-alg command specifies which MAC algorithms in the SSH client profile for SSH encryption negotiation with an SFTP server when the DataPower Gateway acts as an SFTP client. - remediation: | - Disable MD5 and 96-bit MAC algorithms. reference: | https://www.virtuesecurity.com/kb/ssh-weak-mac-algorithms-enabled + remediation: | + Disable MD5 and 96-bit MAC algorithms. metadata: - verified: true max-request: 1 shodan-query: product:"Dropbear sshd" - tags: network,ssh,dropbear,misconfig,tcp + verified: true + tags: network,ssh,dropbear,misconfig + tcp: - inputs: - data: "\n" diff --git a/network/misconfig/erlang-daemon.yaml b/network/misconfig/erlang-daemon.yaml index 6ec9ccef4c..1a29de35b9 100644 --- a/network/misconfig/erlang-daemon.yaml +++ b/network/misconfig/erlang-daemon.yaml @@ -11,10 +11,11 @@ info: - https://book.hacktricks.xyz/network-services-pentesting/4369-pentesting-erlang-port-mapper-daemon-epmd - https://medium.com/@_sadshade/couchdb-erlang-and-cookies-rce-on-default-settings-b1e9173a4bcd metadata: - verified: true max-request: 1 shodan-query: product:"Erlang Port Mapper Daemon" - tags: demon,enum,erlang,epmd,network,misconfig,tcp + verified: true + tags: demon,enum,erlang,epmd + tcp: - inputs: - data: "\x00\x01\x6e" diff --git a/network/misconfig/ganglia-xml-grid-monitor.yaml b/network/misconfig/ganglia-xml-grid-monitor.yaml index 1f1bed29fb..3de2b4a71b 100644 --- a/network/misconfig/ganglia-xml-grid-monitor.yaml +++ b/network/misconfig/ganglia-xml-grid-monitor.yaml @@ -9,7 +9,7 @@ info: - http://ganglia.info/ metadata: max-request: 1 - tags: ganglia,network,misconfig,tcp + tags: ganglia,network,misconfig tcp: - inputs: diff --git a/network/misconfig/memcached-stats.yaml b/network/misconfig/memcached-stats.yaml index d1ca4417ea..8af382ab72 100644 --- a/network/misconfig/memcached-stats.yaml +++ b/network/misconfig/memcached-stats.yaml @@ -8,7 +8,7 @@ info: Memcached stats is used to return server statistics such as PID, version, connections, etc. metadata: max-request: 1 - tags: network,memcached,misconfig,tcp + tags: network,memcached,misconfig tcp: - inputs: diff --git a/network/misconfig/mongodb-unauth.yaml b/network/misconfig/mongodb-unauth.yaml index 3302246c0d..c7190ea2e5 100644 --- a/network/misconfig/mongodb-unauth.yaml +++ b/network/misconfig/mongodb-unauth.yaml @@ -5,14 +5,15 @@ info: author: pdteam severity: high description: MongoDB was able to be accessed with no password. Note that MongoDB does not require a password by default. - remediation: Enable Authentication in MongoDB reference: - https://github.com/orleven/Tentacle - https://book.hacktricks.xyz/pentesting/27017-27018-mongodb - https://www.mongodb.com/features/mongodb-authentication + remediation: Enable Authentication in MongoDB metadata: max-request: 1 - tags: network,mongodb,unauth,misconfig,tcp + tags: network,mongodb,unauth,misconfig + tcp: - inputs: - data: 480000000200000000000000d40700000000000061646d696e2e24636d6400000000000100000021000000026765744c6f670010000000737461727475705761726e696e67730000 diff --git a/network/misconfig/mysql-native-password.yaml b/network/misconfig/mysql-native-password.yaml index 76e4e6054c..26f6f1cde1 100644 --- a/network/misconfig/mysql-native-password.yaml +++ b/network/misconfig/mysql-native-password.yaml @@ -12,7 +12,7 @@ info: cwe-id: CWE-200 metadata: max-request: 1 - tags: network,mysql,db,misconfig,tcp + tags: network,mysql,db,misconfig tcp: - host: diff --git a/network/misconfig/printers-info-leak.yaml b/network/misconfig/printers-info-leak.yaml index 4c3bd0ff5e..6c01ac8f63 100644 --- a/network/misconfig/printers-info-leak.yaml +++ b/network/misconfig/printers-info-leak.yaml @@ -4,13 +4,14 @@ info: name: Unauthorized Printer Access author: pussycat0x severity: info - description: | - Unauthorized access to printers allows attackers to print, eavesdrop sensitive documents. reference: - https://book.hacktricks.xyz/pentesting/9100-pjl + description: | + Unauthorized access to printers allows attackers to print, eavesdrop sensitive documents. metadata: max-request: 1 - tags: network,iot,printer,misconfig,tcp + tags: network,iot,printer,misconfig + tcp: - inputs: - data: "@PJL INFO STATUS\n" diff --git a/network/misconfig/sap-router-info-leak.yaml b/network/misconfig/sap-router-info-leak.yaml index aa0f0811c2..928e9f2f2b 100644 --- a/network/misconfig/sap-router-info-leak.yaml +++ b/network/misconfig/sap-router-info-leak.yaml @@ -10,7 +10,7 @@ info: - https://support.sap.com/en/tools/connectivity-tools/saprouter.html metadata: max-request: 1 - tags: network,sap,misconfig,saprouter,tcp + tags: network,sap,misconfig,saprouter tcp: - inputs: diff --git a/network/misconfig/tidb-native-password.yaml b/network/misconfig/tidb-native-password.yaml index e0cef548ae..936051dc1a 100644 --- a/network/misconfig/tidb-native-password.yaml +++ b/network/misconfig/tidb-native-password.yaml @@ -11,7 +11,7 @@ info: cwe-id: CWE-200 metadata: max-request: 1 - tags: network,tidb,db,misconfig,tcp + tags: network,tidb,db,misconfig tcp: - host: diff --git a/network/misconfig/tidb-unauth.yaml b/network/misconfig/tidb-unauth.yaml index e99232ea3d..3d95d6f47b 100644 --- a/network/misconfig/tidb-unauth.yaml +++ b/network/misconfig/tidb-unauth.yaml @@ -8,7 +8,7 @@ info: metadata: max-request: 1 zoomeye-query: tidb +port:"4000" - tags: network,tidb,unauth,misconfig,tcp + tags: network,tidb,unauth,misconfig tcp: - inputs: diff --git a/network/misconfig/unauth-psql.yaml b/network/misconfig/unauth-psql.yaml index 6a5f22bdd5..90cad1b4ce 100644 --- a/network/misconfig/unauth-psql.yaml +++ b/network/misconfig/unauth-psql.yaml @@ -9,10 +9,11 @@ info: reference: - https://www.postgresql.org/docs/9.6/auth-methods.html metadata: - verified: "true" max-request: 1 shodan-query: port:5432 product:"PostgreSQL" - tags: network,postgresql,db,unauth,misconfig,tcp + verified: "true" + tags: network,postgresql,db,unauth,misconfig + tcp: - inputs: - data: "00000054000300007573657200706f73746772657300646174616261736500706f737467726573006170706c69636174696f6e5f6e616d65007073716c00636c69656e745f656e636f64696e6700555446380000" # default database postgres diff --git a/network/vulnerabilities/clockwatch-enterprise-rce.yaml b/network/vulnerabilities/clockwatch-enterprise-rce.yaml index 52c1a5d0dd..b6028aa305 100644 --- a/network/vulnerabilities/clockwatch-enterprise-rce.yaml +++ b/network/vulnerabilities/clockwatch-enterprise-rce.yaml @@ -14,7 +14,7 @@ info: cwe-id: CWE-77 metadata: max-request: 1 - tags: clockwatch,rce,network,tcp + tags: clockwatch,rce,network tcp: - inputs: diff --git a/ssl/c2/venomrat.yaml b/ssl/c2/venomrat.yaml index abee5b20d7..49c343dc7a 100644 --- a/ssl/c2/venomrat.yaml +++ b/ssl/c2/venomrat.yaml @@ -10,7 +10,7 @@ info: verified: "true" max-request: 1 fofa-query: cert.issuer.cn="VenomRAT Server" - tags: c2,ir,osint,malware,ssl,venomrat,tls + tags: c2,ir,osint,malware,ssl,venomrat ssl: - address: "{{Host}}:{{Port}}" diff --git a/ssl/deprecated-tls.yaml b/ssl/deprecated-tls.yaml index f6d7b37d64..9adc90d54e 100644 --- a/ssl/deprecated-tls.yaml +++ b/ssl/deprecated-tls.yaml @@ -4,16 +4,17 @@ info: name: Deprecated TLS Detection (TLS 1.1 or SSLv3) author: righettod,forgedhallpass severity: info + reference: + - https://ssl-config.mozilla.org/#config=intermediate description: | Both TLS 1.1 and SSLv3 are deprecated in favor of stronger encryption. remediation: | Update the web server's TLS configuration to disable TLS 1.1 and SSLv3. - reference: - - https://ssl-config.mozilla.org/#config=intermediate metadata: max-request: 3 shodan-query: ssl.version:sslv2 ssl.version:sslv3 ssl.version:tlsv1 ssl.version:tlsv1.1 tags: ssl,tls + ssl: - address: "{{Host}}:{{Port}}" min_version: ssl30