Merge branch 'main' into add-cpe-epss

2023-05-05 00:00:13 +05:30 · 2023-05-05 00:00:13 +05:30 · 561b42ebe7
parent 2175d81329 eaa01134b2
commit 561b42ebe7
5854 changed files with 16869 additions and 5924 deletions
--- a/.github/workflows/cve2json.yml
+++ b/.github/workflows/cve2json.yml
@ -23,7 +23,7 @@ jobs:
        run: |
           go env -w GO111MODULE=off
           go get gopkg.in/yaml.v3
-           go run .github/scripts/yaml2json.go $GITHUB_WORKSPACE/cves/ cves.json
+           go run .github/scripts/yaml2json.go $GITHUB_WORKSPACE/http/cves/ cves.json
           md5sum cves.json | cut -d' ' -f1 > cves.json-checksum.txt
          
      - name: Commit files
--- a/.new-additions
+++ b/.new-additions
@ -8,9 +8,11 @@ http/cves/2023/CVE-2023-27524.yaml
 http/cves/2023/CVE-2023-29489.yaml
 http/cves/2023/CVE-2023-29922.yaml
 http/default-logins/powerjob-default-login.yaml
+http/default-logins/umami/umami-default-login.yaml
 http/exposed-panels/papercut-ng-panel.yaml
 http/exposed-panels/proxmox-panel.yaml
 http/exposed-panels/sophos-web-appliance.yaml
 http/misconfiguration/apache/apache-zeppelin-unauth.yaml
 http/osint/mail-archive.yaml
 http/vulnerabilities/apache/apache-druid-kafka-connect-rce.yaml
+http/vulnerabilities/wordpress/wpml-xss.yaml
--- a/cves.json
+++ b/cves.json
--- a/cves.json-checksum.txt
+++ b/cves.json-checksum.txt
@ -1 +1 @@
-d41d8cd98f00b204e9800998ecf8427e
+007505eab9adec1b628522c2675730ee
--- a/dns/azure-takeover-detection.yaml
+++ b/dns/azure-takeover-detection.yaml
@ -14,6 +14,8 @@ info:
    cvss-score: 7.2
    cwe-id: CWE-404
  tags: dns,takeover,azure
+  metadata:
+    max-request: 1

 dns:
  - name: "{{FQDN}}"
--- a/dns/caa-fingerprint.yaml
+++ b/dns/caa-fingerprint.yaml
@ -10,6 +10,8 @@ info:
  classification:
    cwe-id: CWE-200
  tags: dns,caa
+  metadata:
+    max-request: 1

 dns:
  - name: "{{FQDN}}"
--- a/dns/cname-fingerprint.yaml
+++ b/dns/cname-fingerprint.yaml
@ -11,6 +11,8 @@ info:
  classification:
    cwe-id: CWE-200
  tags: dns,cname
+  metadata:
+    max-request: 1

 dns:
  - name: "{{FQDN}}"
--- a/dns/cname-service.yaml
+++ b/dns/cname-service.yaml
@ -10,6 +10,8 @@ info:
  classification:
    cwe-id: CWE-200
  tags: dns,service
+  metadata:
+    max-request: 1

 dns:
  - name: "{{FQDN}}"
--- a/dns/detect-dangling-cname.yaml
+++ b/dns/detect-dangling-cname.yaml
@ -13,6 +13,8 @@ info:
  classification:
    cwe-id: CWE-200
  tags: dns,takeover
+  metadata:
+    max-request: 1

 dns:
  - name: "{{FQDN}}"
--- a/dns/dmarc-detect.yaml
+++ b/dns/dmarc-detect.yaml
@ -14,6 +14,8 @@ info:
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: dns,dmarc
+  metadata:
+    max-request: 1

 dns:
  - name: "_dmarc.{{FQDN}}"
--- a/dns/dns-waf-detect.yaml
+++ b/dns/dns-waf-detect.yaml
@ -8,6 +8,8 @@ info:
  classification:
    cwe-id: CWE-200
  tags: tech,waf,dns
+  metadata:
+    max-request: 2

 dns:
  - name: "{{FQDN}}"
--- a/dns/dnssec-detection.yaml
+++ b/dns/dnssec-detection.yaml
@ -11,6 +11,8 @@ info:
  classification:
    cwe-id: CWE-200
  tags: dns,dnssec
+  metadata:
+    max-request: 1

 dns:
  - name: "{{FQDN}}"
--- a/dns/ec2-detection.yaml
+++ b/dns/ec2-detection.yaml
@ -10,6 +10,8 @@ info:
  classification:
    cwe-id: CWE-200
  tags: dns,ec2,aws
+  metadata:
+    max-request: 1

 dns:
  - name: "{{FQDN}}"
--- a/dns/elasticbeantalk-takeover.yaml
+++ b/dns/elasticbeantalk-takeover.yaml
@ -15,6 +15,7 @@ info:
    cvss-score: 7.2
    cwe-id: CWE-404
  metadata:
+    max-request: 1
    comments: |
      Only CNAMEs with region specification are hijackable.
      You need to claim the CNAME in AWS portal (https://aws.amazon.com/) or via AWS CLI to confirm the takeover.
--- a/dns/mx-fingerprint.yaml
+++ b/dns/mx-fingerprint.yaml
@ -11,6 +11,8 @@ info:
  classification:
    cwe-id: CWE-200
  tags: dns,mx
+  metadata:
+    max-request: 1

 dns:
  - name: "{{FQDN}}"
--- a/dns/mx-service-detector.yaml
+++ b/dns/mx-service-detector.yaml
@ -8,6 +8,8 @@ info:
  classification:
    cwe-id: CWE-200
  tags: dns,service
+  metadata:
+    max-request: 1

 dns:
  - name: "{{FQDN}}"
--- a/dns/nameserver-fingerprint.yaml
+++ b/dns/nameserver-fingerprint.yaml
@ -8,6 +8,8 @@ info:
  classification:
    cwe-id: CWE-200
  tags: dns,ns
+  metadata:
+    max-request: 1

 dns:
  - name: "{{FQDN}}"
--- a/dns/ptr-fingerprint.yaml
+++ b/dns/ptr-fingerprint.yaml
@ -8,6 +8,8 @@ info:
  classification:
    cwe-id: CWE-200
  tags: dns,ptr
+  metadata:
+    max-request: 1

 dns:
  - name: "{{FQDN}}"
--- a/dns/servfail-refused-hosts.yaml
+++ b/dns/servfail-refused-hosts.yaml
@ -9,6 +9,8 @@ info:
  classification:
    cwe-id: CWE-200
  tags: dns,takeover
+  metadata:
+    max-request: 1

 dns:
  - name: "{{FQDN}}"
--- a/dns/spoofable-spf-records-ptr.yaml
+++ b/dns/spoofable-spf-records-ptr.yaml
@ -10,6 +10,8 @@ info:
  classification:
    cwe-id: CWE-200
  tags: dns,spf
+  metadata:
+    max-request: 1

 dns:
  - name: "{{FQDN}}"
--- a/dns/txt-fingerprint.yaml
+++ b/dns/txt-fingerprint.yaml
@ -10,6 +10,8 @@ info:
  classification:
    cwe-id: CWE-200
  tags: dns,txt
+  metadata:
+    max-request: 1

 dns:
  - name: "{{FQDN}}"
--- a/dns/worksites-detection.yaml
+++ b/dns/worksites-detection.yaml
@ -10,6 +10,8 @@ info:
  classification:
    cwe-id: CWE-200
  tags: dns,service
+  metadata:
+    max-request: 1

 dns:
  - name: "{{FQDN}}"
--- a/helpers/wordpress/plugins/advanced-custom-fields.txt
+++ b/helpers/wordpress/plugins/advanced-custom-fields.txt
@ -1 +1 @@
-6.1.4
+6.1.5
--- a/helpers/wordpress/plugins/all-in-one-wp-migration.txt
+++ b/helpers/wordpress/plugins/all-in-one-wp-migration.txt
@ -1 +1 @@
-7.73
+7.74
--- a/helpers/wordpress/plugins/elementskit-lite.txt
+++ b/helpers/wordpress/plugins/elementskit-lite.txt
@ -1 +1 @@
-2.8.7
+2.8.8
--- a/helpers/wordpress/plugins/facebook-for-woocommerce.txt
+++ b/helpers/wordpress/plugins/facebook-for-woocommerce.txt
@ -1 +1 @@
-3.0.19
+3.0.22
--- a/helpers/wordpress/plugins/formidable.txt
+++ b/helpers/wordpress/plugins/formidable.txt
@ -1 +1 @@
-6.2.3
+6.3
--- a/helpers/wordpress/plugins/google-analytics-dashboard-for-wp.txt
+++ b/helpers/wordpress/plugins/google-analytics-dashboard-for-wp.txt
@ -1 +1 @@
-7.14.2
+7.15.2
--- a/helpers/wordpress/plugins/google-listings-and-ads.txt
+++ b/helpers/wordpress/plugins/google-listings-and-ads.txt
@ -1 +1 @@
-2.4.3
+2.4.4
--- a/helpers/wordpress/plugins/gutenberg.txt
+++ b/helpers/wordpress/plugins/gutenberg.txt
@ -1 +1 @@
-15.6.2
+15.7.0
--- a/helpers/wordpress/plugins/jetpack.txt
+++ b/helpers/wordpress/plugins/jetpack.txt
@ -1 +1 @@
-12.0
+12.1
--- a/helpers/wordpress/plugins/kadence-blocks.txt
+++ b/helpers/wordpress/plugins/kadence-blocks.txt
@ -1 +1 @@
-3.0.36
+3.0.37
--- a/helpers/wordpress/plugins/mailchimp-for-wp.txt
+++ b/helpers/wordpress/plugins/mailchimp-for-wp.txt
@ -1 +1 @@
-4.9.3
+4.9.4
--- a/helpers/wordpress/plugins/mailpoet.txt
+++ b/helpers/wordpress/plugins/mailpoet.txt
@ -1 +1 @@
-4.13.0
+4.14.0
--- a/helpers/wordpress/plugins/ml-slider.txt
+++ b/helpers/wordpress/plugins/ml-slider.txt
@ -1 +1 @@
-3.30.0
+3.30.1
--- a/helpers/wordpress/plugins/really-simple-ssl.txt
+++ b/helpers/wordpress/plugins/really-simple-ssl.txt
@ -1 +1 @@
-6.2.4
+6.2.5
--- a/helpers/wordpress/plugins/seo-by-rank-math.txt
+++ b/helpers/wordpress/plugins/seo-by-rank-math.txt
@ -1 +1 @@
-1.0.112
+1.0.114
--- a/helpers/wordpress/plugins/sg-security.txt
+++ b/helpers/wordpress/plugins/sg-security.txt
@ -1 +1 @@
-1.4.3
+1.4.5
--- a/helpers/wordpress/plugins/so-widgets-bundle.txt
+++ b/helpers/wordpress/plugins/so-widgets-bundle.txt
@ -1 +1 @@
-1.49.1
+1.49.2
--- a/helpers/wordpress/plugins/woocommerce-gateway-stripe.txt
+++ b/helpers/wordpress/plugins/woocommerce-gateway-stripe.txt
@ -1 +1 @@
-7.3.0
+7.4.0
--- a/helpers/wordpress/plugins/woocommerce-payments.txt
+++ b/helpers/wordpress/plugins/woocommerce-payments.txt
@ -1 +1 @@
-5.8.0
+5.8.1
--- a/helpers/wordpress/plugins/wp-statistics.txt
+++ b/helpers/wordpress/plugins/wp-statistics.txt
@ -1 +1 @@
-14.0.2
+14.1
--- a/http/cnvd/2017/CNVD-2017-03561.yaml
+++ b/http/cnvd/2017/CNVD-2017-03561.yaml
@ -10,6 +10,7 @@ info:
    - https://gitee.com/cute-guy/Penetration_Testing_POC/blob/master/%E6%B3%9B%E5%BE%AEe-mobile%20ognl%E6%B3%A8%E5%85%A5.md
    - https://reconshell.com/vulnerability-research-list/
  metadata:
+    max-request: 2
    verified: true
    fofa-query: app="泛微-eMobile"
  tags: cnvd,cnvd2017,emobile,ognl,fanwei
--- a/http/cnvd/2018/CNVD-2018-13393.yaml
+++ b/http/cnvd/2018/CNVD-2018-13393.yaml
@ -12,6 +12,8 @@ info:
    cvss-score: 8.6
    cwe-id: CWE-22
  tags: metinfo,cnvd,cvnd2018,lfi
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cnvd/2019/CNVD-2019-01348.yaml
+++ b/http/cnvd/2019/CNVD-2019-01348.yaml
@ -13,6 +13,8 @@ info:
    cwe-id: CWE-284
  remediation: Upgrade to the latest version of Xiuno BBS or switch to a supported product.
  tags: xiuno,cnvd,cnvd2019
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cnvd/2019/CNVD-2019-06255.yaml
+++ b/http/cnvd/2019/CNVD-2019-06255.yaml
@ -14,6 +14,8 @@ info:
    cwe-id: CWE-77
  remediation: Upgrade to CatfishCMS version 4.8.54 or later.
  tags: rce,cnvd,catfishcms,cnvd2019
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cnvd/2019/CNVD-2019-19299.yaml
+++ b/http/cnvd/2019/CNVD-2019-19299.yaml
@ -13,6 +13,8 @@ info:
    cvss-score: 10.0
    cwe-id: CWE-77
  tags: zhiyuan,cnvd,cnvd2019,rce
+  metadata:
+    max-request: 2

 http:
  - raw:
--- a/http/cnvd/2019/CNVD-2019-32204.yaml
+++ b/http/cnvd/2019/CNVD-2019-32204.yaml
@ -12,6 +12,8 @@ info:
    cvss-score: 10.0
    cwe-id: CWE-77
  tags: fanwei,cnvd,cnvd2019,rce
+  metadata:
+    max-request: 1

 http:
  - raw:
--- a/http/cnvd/2020/CNVD-2020-23735.yaml
+++ b/http/cnvd/2020/CNVD-2020-23735.yaml
@ -12,6 +12,8 @@ info:
    cvss-score: 7.5
    cwe-id: CWE-22
  tags: xunchi,lfi,cnvd,cnvd2020
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cnvd/2020/CNVD-2020-26585.yaml
+++ b/http/cnvd/2020/CNVD-2020-26585.yaml
@ -15,6 +15,7 @@ info:
    cvss-score: 9.9
    cwe-id: CWE-434
  metadata:
+    max-request: 2
    verified: true
    fofa-query: app="ShowDoc"
  tags: cnvd,cnvd2020,showdoc,fileupload
--- a/http/cnvd/2020/CNVD-2020-46552.yaml
+++ b/http/cnvd/2020/CNVD-2020-46552.yaml
@ -14,6 +14,8 @@ info:
    cvss-score: 10.0
    cwe-id: CWE-77
  tags: cnvd,cnvd2020,sangfor,rce
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cnvd/2020/CNVD-2020-56167.yaml
+++ b/http/cnvd/2020/CNVD-2020-56167.yaml
@ -9,6 +9,8 @@ info:
    - https://www.cnvd.org.cn/flaw/show/CNVD-2020-56167
    - https://securityforeveryone.com/tools/ruijie-smartweb-default-password-scanner
  tags: ruijie,default-login,cnvd,cnvd2020
+  metadata:
+    max-request: 1

 http:
  - method: POST
--- a/http/cnvd/2020/CNVD-2020-62422.yaml
+++ b/http/cnvd/2020/CNVD-2020-62422.yaml
@ -8,6 +8,8 @@ info:
  reference:
    - https://blog.csdn.net/m0_46257936/article/details/113150699
  tags: lfi,cnvd,cnvd2020,seeyon
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cnvd/2020/CNVD-2020-67113.yaml
+++ b/http/cnvd/2020/CNVD-2020-67113.yaml
@ -12,6 +12,7 @@ info:
    cvss-score: 5.3
    cwe-id: CWE-425
  metadata:
+    max-request: 2
    verified: true
    shodan-query: http.title:"H5S CONSOLE"
  tags: cnvd,cnvd2020,h5s,unauth,h5sconsole
--- a/http/cnvd/2020/CNVD-2020-68596.yaml
+++ b/http/cnvd/2020/CNVD-2020-68596.yaml
@ -12,6 +12,8 @@ info:
    cvss-score: 8.6
    cwe-id: CWE-22
  tags: weiphp,lfi,cnvd,cnvd2020
+  metadata:
+    max-request: 3

 http:
  - raw:
--- a/http/cnvd/2021/CNVD-2021-01931.yaml
+++ b/http/cnvd/2021/CNVD-2021-01931.yaml
@ -12,6 +12,8 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
    cvss-score: 8.6
    cwe-id: CWE-22
+  metadata:
+    max-request: 2

 http:
  - method: GET
--- a/http/cnvd/2021/CNVD-2021-09650.yaml
+++ b/http/cnvd/2021/CNVD-2021-09650.yaml
@ -14,6 +14,8 @@ info:
    cvss-score: 10.0
    cwe-id: CWE-77
  tags: ruijie,cnvd,cnvd2021,rce
+  metadata:
+    max-request: 1

 http:
  - raw:
--- a/http/cnvd/2021/CNVD-2021-10543.yaml
+++ b/http/cnvd/2021/CNVD-2021-10543.yaml
@ -12,6 +12,8 @@ info:
    cvss-score: 7.5
    cwe-id: CWE-200
  tags: config,exposure,cnvd,cnvd2021
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cnvd/2021/CNVD-2021-14536.yaml
+++ b/http/cnvd/2021/CNVD-2021-14536.yaml
@ -12,6 +12,7 @@ info:
    cvss-score: 8.3
    cwe-id: CWE-522
  metadata:
+    max-request: 1
    fofa-query: title="RG-UAC登录页面"
  tags: ruijie,cnvd,cnvd2021,disclosure

--- a/http/cnvd/2021/CNVD-2021-15822.yaml
+++ b/http/cnvd/2021/CNVD-2021-15822.yaml
@ -7,6 +7,7 @@ info:
  reference:
    - https://mp.weixin.qq.com/s/69cDWCDoVXRhehqaHPgYog
  metadata:
+    max-request: 1
    verified: true
    shodan-query: title:"ShopXO企业级B2C电商系统提供商"
    fofa-query: app="ShopXO企业级B2C电商系统提供商"
--- a/http/cnvd/2021/CNVD-2021-15824.yaml
+++ b/http/cnvd/2021/CNVD-2021-15824.yaml
@ -14,6 +14,8 @@ info:
    cvss-score: 7.2
    cwe-id: CWE-79
  tags: empirecms,cnvd,cnvd2021,xss,domxss
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cnvd/2021/CNVD-2021-17369.yaml
+++ b/http/cnvd/2021/CNVD-2021-17369.yaml
@ -12,6 +12,8 @@ info:
    cvss-score: 8.3
    cwe-id: CWE-522
  tags: ruijie,disclosure,cnvd,cnvd2021
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cnvd/2021/CNVD-2021-26422.yaml
+++ b/http/cnvd/2021/CNVD-2021-26422.yaml
@ -13,6 +13,8 @@ info:
    cvss-score: 10.0
    cwe-id: CWE-77
  tags: eyoumail,rce,cnvd,cnvd2021
+  metadata:
+    max-request: 1

 http:
  - raw:
--- a/http/cnvd/2021/CNVD-2021-28277.yaml
+++ b/http/cnvd/2021/CNVD-2021-28277.yaml
@ -9,6 +9,7 @@ info:
    - https://www.aisoutu.com/a/1432457
    - https://mp.weixin.qq.com/s/TkUZXKgfEOVqoHKBr3kNdw
  metadata:
+    max-request: 2
    fofa-query: app="Landray OA system"
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
--- a/http/cnvd/2021/CNVD-2021-30167.yaml
+++ b/http/cnvd/2021/CNVD-2021-30167.yaml
@ -14,6 +14,8 @@ info:
    cvss-score: 10.0
    cwe-id: CWE-77
  tags: cnvd,cnvd2021,beanshell,rce,yonyou
+  metadata:
+    max-request: 2

 http:
  - raw:
--- a/http/cnvd/2021/CNVD-2021-49104.yaml
+++ b/http/cnvd/2021/CNVD-2021-49104.yaml
@ -14,6 +14,8 @@ info:
    cwe-id: CWE-434
  remediation: Pan Wei has released an update to resolve this vulnerability.
  tags: pan,micro,cnvd,cnvd2021,fileupload,intrusive
+  metadata:
+    max-request: 2

 http:
  - raw:
--- a/http/cnvd/2022/CNVD-2022-03672.yaml
+++ b/http/cnvd/2022/CNVD-2022-03672.yaml
@ -15,6 +15,8 @@ info:
    cvss-score: 10.0
    cwe-id: CWE-77
  tags: cnvd,cnvd2020,sunflower,rce
+  metadata:
+    max-request: 2

 http:
  - raw:
--- a/http/cnvd/2022/CNVD-2022-42853.yaml
+++ b/http/cnvd/2022/CNVD-2022-42853.yaml
@ -14,6 +14,7 @@ info:
    cvss-score: 10.0
    cwe-id: CWE-89
  metadata:
+    max-request: 1
    verified: true
    shodan-query: http.title:"zentao"
    fofa-query: "Zentao"
--- a/http/cves/2000/CVE-2000-0114.yaml
+++ b/http/cves/2000/CVE-2000-0114.yaml
@ -15,6 +15,8 @@ info:
    cvss-score: 5.0
  remediation: Upgrade to the latest version.
  tags: cve,cve2000,frontpage,microsoft,edb
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cves/2002/CVE-2002-1131.yaml
+++ b/http/cves/2002/CVE-2002-1131.yaml
@ -19,6 +19,8 @@ info:
    cwe-id: CWE-80
    cve-id: CVE-2002-1131
  tags: cve2002,edb,xss,squirrelmail,cve
+  metadata:
+    max-request: 5

 http:
  - method: GET
--- a/http/cves/2004/CVE-2004-0519.yaml
+++ b/http/cves/2004/CVE-2004-0519.yaml
@ -16,6 +16,8 @@ info:
    cve-id: CVE-2004-0519
    cwe-id: NVD-CWE-Other
  tags: squirrelmail,cve2004,cve,edb,xss
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cves/2005/CVE-2005-2428.yaml
+++ b/http/cves/2005/CVE-2005-2428.yaml
@ -16,6 +16,8 @@ info:
    cve-id: CVE-2005-2428
    cwe-id: CWE-200
  tags: domino,edb,cve,cve2005
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cves/2005/CVE-2005-3344.yaml
+++ b/http/cves/2005/CVE-2005-3344.yaml
@ -16,6 +16,8 @@ info:
    cve-id: CVE-2005-3344
    cwe-id: NVD-CWE-Other
  tags: cve,cve2005,horde,unauth
+  metadata:
+    max-request: 2

 http:
  - method: GET
--- a/http/cves/2005/CVE-2005-4385.yaml
+++ b/http/cves/2005/CVE-2005-4385.yaml
@ -15,6 +15,8 @@ info:
    cve-id: CVE-2005-4385
    cwe-id: NVD-CWE-Other
  tags: cofax,xss,cve,cve2005
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cves/2006/CVE-2006-1681.yaml
+++ b/http/cves/2006/CVE-2006-1681.yaml
@ -16,6 +16,8 @@ info:
    cve-id: CVE-2006-1681
    cwe-id: NVD-CWE-Other
  tags: cherokee,httpd,xss,cve,cve2006
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cves/2006/CVE-2006-2842.yaml
+++ b/http/cves/2006/CVE-2006-2842.yaml
@ -17,6 +17,8 @@ info:
    cve-id: CVE-2006-2842
    cwe-id: CWE-22
  tags: cve,cve2006,lfi,squirrelmail,edb
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cves/2007/CVE-2007-0885.yaml
+++ b/http/cves/2007/CVE-2007-0885.yaml
@ -16,6 +16,8 @@ info:
    cwe-id: NVD-CWE-Other
    cvss-score: 6.8
  tags: cve,cve2007,jira,xss
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cves/2007/CVE-2007-4504.yaml
+++ b/http/cves/2007/CVE-2007-4504.yaml
@ -15,6 +15,8 @@ info:
    cve-id: CVE-2007-4504
    cwe-id: CWE-22
  tags: lfi,edb,cve,cve2007,joomla
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cves/2007/CVE-2007-4556.yaml
+++ b/http/cves/2007/CVE-2007-4556.yaml
@ -17,6 +17,8 @@ info:
    cve-id: CVE-2007-4556
    cwe-id: NVD-CWE-Other
  tags: cve,cve2007,apache,rce,struts
+  metadata:
+    max-request: 1

 http:
  - method: POST
--- a/http/cves/2007/CVE-2007-5728.yaml
+++ b/http/cves/2007/CVE-2007-5728.yaml
@ -17,6 +17,7 @@ info:
    cve-id: CVE-2007-5728
    cwe-id: CWE-79
  metadata:
+    max-request: 1
    shodan-query: http.title:"phpPgAdmin"
  tags: cve,cve2007,xss,pgadmin,phppgadmin,edb

--- a/http/cves/2008/CVE-2008-1059.yaml
+++ b/http/cves/2008/CVE-2008-1059.yaml
@ -17,6 +17,8 @@ info:
    cve-id: CVE-2008-1059
    cwe-id: CWE-79
  tags: lfi,cve,cve2008,wordpress,wp-plugin,wp,sniplets,edb,wpscan
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cves/2008/CVE-2008-1061.yaml
+++ b/http/cves/2008/CVE-2008-1061.yaml
@ -17,6 +17,8 @@ info:
    cve-id: CVE-2008-1061
    cwe-id: CWE-79
  tags: xss,wp-plugin,wp,edb,wpscan,cve,cve2008,wordpress,sniplets
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cves/2008/CVE-2008-2398.yaml
+++ b/http/cves/2008/CVE-2008-2398.yaml
@ -17,6 +17,8 @@ info:
    cwe-id: CWE-79
    cvss-score: 4.3
  tags: cve,cve2008,xss
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cves/2008/CVE-2008-2650.yaml
+++ b/http/cves/2008/CVE-2008-2650.yaml
@ -17,6 +17,8 @@ info:
    cve-id: CVE-2008-2650
    cwe-id: CWE-22
  tags: cve,cve2008,lfi,cmsimple
+  metadata:
+    max-request: 1

 http:
  - raw:
--- a/http/cves/2008/CVE-2008-4668.yaml
+++ b/http/cves/2008/CVE-2008-4668.yaml
@ -16,6 +16,8 @@ info:
    cve-id: CVE-2008-4668
    cwe-id: CWE-22
  tags: cve,cve2008,joomla,lfi,edb
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cves/2008/CVE-2008-4764.yaml
+++ b/http/cves/2008/CVE-2008-4764.yaml
@ -16,6 +16,8 @@ info:
    cve-id: CVE-2008-4764
    cwe-id: CWE-22
  tags: edb,cve,cve2008,joomla,lfi
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cves/2008/CVE-2008-5587.yaml
+++ b/http/cves/2008/CVE-2008-5587.yaml
@ -17,6 +17,7 @@ info:
    cve-id: CVE-2008-5587
    cwe-id: CWE-22
  metadata:
+    max-request: 1
    shodan-query: http.title:"phpPgAdmin"
  tags: cve,cve2008,lfi,phppgadmin,edb

--- a/http/cves/2008/CVE-2008-6080.yaml
+++ b/http/cves/2008/CVE-2008-6080.yaml
@ -16,6 +16,8 @@ info:
    cve-id: CVE-2008-6080
    cwe-id: CWE-22
  tags: edb,cve,cve2008,joomla,lfi
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cves/2008/CVE-2008-6172.yaml
+++ b/http/cves/2008/CVE-2008-6172.yaml
@ -16,6 +16,8 @@ info:
    cve-id: CVE-2008-6172
    cwe-id: CWE-22
  tags: cve2008,joomla,lfi,edb,cve
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cves/2008/CVE-2008-6222.yaml
+++ b/http/cves/2008/CVE-2008-6222.yaml
@ -16,6 +16,8 @@ info:
    cve-id: CVE-2008-6222
    cwe-id: CWE-22
  tags: cve2008,joomla,lfi,edb,cve
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cves/2008/CVE-2008-6465.yaml
+++ b/http/cves/2008/CVE-2008-6465.yaml
@ -17,6 +17,7 @@ info:
    cve-id: CVE-2008-6465
    cwe-id: CWE-80
  metadata:
+    max-request: 1
    verified: true
    shodan-query: title:"Parallels H-Sphere
  tags: cve,cve2008,xss,parallels,h-sphere
--- a/http/cves/2008/CVE-2008-6668.yaml
+++ b/http/cves/2008/CVE-2008-6668.yaml
@ -16,6 +16,8 @@ info:
    cve-id: CVE-2008-6668
    cwe-id: CWE-22
  tags: cve2008,nweb2fax,lfi,traversal,edb,cve
+  metadata:
+    max-request: 2

 http:
  - method: GET
--- a/http/cves/2008/CVE-2008-6982.yaml
+++ b/http/cves/2008/CVE-2008-6982.yaml
@ -16,6 +16,7 @@ info:
    cve-id: CVE-2008-6982
    cwe-id: CWE-79
  metadata:
+    max-request: 1
    verified: "true"
  tags: cve,cve2008,devalcms,xss,cms,edb

--- a/http/cves/2009/CVE-2009-0545.yaml
+++ b/http/cves/2009/CVE-2009-0545.yaml
@ -16,6 +16,8 @@ info:
    cve-id: CVE-2009-0545
    cwe-id: CWE-20
  tags: edb,cve,cve2009,zeroshell,kerbynet,rce
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cves/2009/CVE-2009-0932.yaml
+++ b/http/cves/2009/CVE-2009-0932.yaml
@ -16,6 +16,8 @@ info:
    cve-id: CVE-2009-0932
    cwe-id: CWE-22
  tags: cve,cve2009,horde,lfi,traversal,edb
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cves/2009/CVE-2009-1151.yaml
+++ b/http/cves/2009/CVE-2009-1151.yaml
@ -17,6 +17,8 @@ info:
    cve-id: CVE-2009-1151
    cwe-id: CWE-77
  tags: deserialization,kev,vulhub,cve,cve2009,phpmyadmin,rce
+  metadata:
+    max-request: 1

 http:
  - raw:
--- a/http/cves/2009/CVE-2009-1496.yaml
+++ b/http/cves/2009/CVE-2009-1496.yaml
@ -16,6 +16,8 @@ info:
    cve-id: CVE-2009-1496
    cwe-id: CWE-22
  tags: joomla,lfi,edb,cve,cve2009
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cves/2009/CVE-2009-1558.yaml
+++ b/http/cves/2009/CVE-2009-1558.yaml
@ -17,6 +17,8 @@ info:
    cve-id: CVE-2009-1558
    cwe-id: CWE-22
  tags: cve,iot,linksys,camera,traversal,cve2009,lfi,cisco,firmware,edb
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/http/cves/2009/CVE-2009-1872.yaml
+++ b/http/cves/2009/CVE-2009-1872.yaml
@ -17,6 +17,7 @@ info:
    cwe-id: CWE-79
    cvss-score: 4.3
  metadata:
+    max-request: 1
    shodan-query: http.component:"Adobe ColdFusion"
    verified: "true"
  tags: cve,cve2009,adobe,xss,coldfusion,tenable
--- a/http/cves/2009/CVE-2009-2015.yaml
+++ b/http/cves/2009/CVE-2009-2015.yaml
@ -16,6 +16,8 @@ info:
    cve-id: CVE-2009-2015
    cwe-id: CWE-22
  tags: joomla,lfi,edb,cve,cve2009
+  metadata:
+    max-request: 1

 http:
  - method: GET
--- a/Show More
+++ b/Show More
 @ -1 +1 @@
 .1.4
 .1.5
 @ -1 +1 @@
 .73
 .74
 @ -1 +1 @@
 .8.7
 .8.8
 @ -1 +1 @@
 .0.19
 .0.22
 @ -1 +1 @@
 .2.3
 .3
 @ -1 +1 @@
 .14.2
 .15.2
 @ -1 +1 @@
 .4.3
 .4.4
 @ -1 +1 @@
 .6.2
 .7.0
 @ -1 +1 @@
 .0
 .1
 @ -1 +1 @@
 .0.36
 .0.37