Merge pull request #2140 from pussycat0x/master

New templates added

exposures/files/sensitive-storage-data-exposure.yaml

@@ -0,0 +1,28 @@
+id: sensitive-storage-data-expose
+info:
+  name: Sensitive Storage Data Exposed
+  author: pussycat0x
+  severity: medium
+  description: Searches for sensitive keys file,logs,debugbar,app.
+  reference: https://www.exploit-db.com/ghdb/6304
+  tags: expose,listing,config,logs
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/storage/"
+      - "{{BaseURL}}/api_smartapp/storage/"
+      - "{{BaseURL}}/equipbid/storage/"
+      - "{{BaseURL}}/server/storage/"
+      - "{{BaseURL}}/intikal/storage/"
+      - "{{BaseURL}}/elocker_old/storage/"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Index of"
+          - "oauth-private.key"
+          - "oauth-private.key"
+        condition: and
+      - type: status
+        status:
+          - 200

vulnerabilities/wordpress/easy-media-gallery-pro-listing.yaml

@@ -0,0 +1,22 @@
+id: easy-media-gallery-pro-listing
+info:
+  name: WordPress Plugin Media Gallery Pro Listing
+  author: pussycat0x
+  severity: info
+  description: Searches for sensitive directories present in the wordpress-plugins plugin.
+  reference: https://www.exploit-db.com/ghdb/6455
+  tags: wordpress,listing,wp-plugin
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/easy-media-gallery-pro/"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Index of"
+          - "wp-content/plugins/easy-media-gallery-pro/"
+        condition: and
+      - type: status
+        status:
+          - 200