Dashboard Content Enhancements (#4381)

Dashboard Content Enhancements
2022-05-13 16:26:43 -04:00 · 2022-05-13 16:26:43 -04:00 · 581b7a627b
parent a3fbef4bfc
commit 581b7a627b
128 changed files with 317 additions and 222 deletions
--- a/cnvd/2019/CNVD-2019-19299.yaml
+++ b/cnvd/2019/CNVD-2019-19299.yaml
@ -1,12 +1,17 @@
 id: CNVD-2019-19299
 info:
-  name: Zhiyuan A8 Arbitrary File Write (RCE)
+  name: Zhiyuan A8 - Remote Code Execution
  author: daffainfo
  severity: critical
  description: Zhiyuan A8 is susceptible to remote code execution because of an arbitrary file write issue.
  reference:
    - https://www.cxyzjd.com/article/guangying177/110177339
    - https://github.com/sectestt/CNVD-2019-19299
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
    cwe-id: CWE-77
  tags: zhiyuan,cnvd,cnvd2019,rce
 requests:
@ -45,3 +50,5 @@ requests:
          - 'contains(body_1, "htmoffice operate")'
          - 'contains(body_2, "Windows IP")'
        condition: and
 # Enhanced by mp on 2022/05/12
--- a/cnvd/2019/CNVD-2019-32204.yaml
+++ b/cnvd/2019/CNVD-2019-32204.yaml
@ -1,12 +1,16 @@
 id: CNVD-2019-32204
 info:
-  name: Fanwei e-cology <= 9.0 Remote Code Execution
+  name: Fanwei e-cology <=9.0 - Remote Code Execution
  author: daffainfo
  severity: critical
-  description: The attacker can directly execute arbitrary commands on the target server by invoking the unauthorized access problem interface in the BeanShell component. Currently, the security patch for this vulnerability has been released. Please take protective measures as soon as possible for users who use the Fanwei e-cology OA system.
+  description: Fanwei e-cology <=9.0 is susceptible to remote code execution vulnerabilities. Remote attackers can directly execute arbitrary commands on the target server by invoking the unauthorized access problem interface in the BeanShell component. Currently, the security patch for this vulnerability has been released. Please take protective measures as soon as possible for users who use the Fanwei e-cology OA system.
  reference:
    - https://blog.actorsfit.com/a?ID=01500-11a2f7e6-54b0-4a40-9a79-5c56dc6ebd51
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
    cwe-id: CWE-77
  tags: fanwei,cnvd,cnvd2019,rce
 requests:
@ -22,3 +26,5 @@ requests:
      - type: regex
        regex:
          - "root:.*:0:0:"
 # Enhanced by mp on 2022/05/12
--- a/cnvd/2020/CNVD-2020-62422.yaml
+++ b/cnvd/2020/CNVD-2020-62422.yaml
@ -1,7 +1,7 @@
 id: CNVD-2020-62422
 info:
-  name: Seeyon readfile(CNVD-2020-62422)
+  name: Seeyon - Arbitrary File Retrieval
  author: pikpikcu
  severity: medium
  reference:
--- a/cnvd/2020/CNVD-2020-68596.yaml
+++ b/cnvd/2020/CNVD-2020-68596.yaml
@ -1,11 +1,16 @@
 id: CNVD-2020-68596
 info:
-  name: WeiPHP 5.0 Path Traversal
+  name: WeiPHP 5.0 - Path Traversal
  author: pikpikcu
-  severity: critical
+  description: WeiPHP 5.0 is susceptible to directory traversal attacks.
  severity: high
  reference:
    - http://wiki.peiqi.tech/PeiQi_Wiki/CMS%E6%BC%8F%E6%B4%9E/Weiphp/Weiphp5.0%20%E5%89%8D%E5%8F%B0%E6%96%87%E4%BB%B6%E4%BB%BB%E6%84%8F%E8%AF%BB%E5%8F%96%20CNVD-2020-68596.html
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
    cvss-score: 8.6
    cwe-id: CWE-22
  tags: weiphp,lfi,cnvd,cnvd2020
 requests:
@ -41,3 +46,5 @@ requests:
          - WeiPHP
          - DB_PREFIX
        condition: and
 # Enhanced by mp on 2022/05/12
--- a/cnvd/2021/CNVD-2021-01931.yaml
+++ b/cnvd/2021/CNVD-2021-01931.yaml
@ -1,7 +1,7 @@
 id: CNVD-2021-01931
 info:
-  name: Ruoyi Management System Arbitrary File Download
+  name: Ruoyi Management System - Arbitrary File Retrieval
  author: daffainfo,ritikchaddha
  severity: high
  reference:
--- a/cnvd/2021/CNVD-2021-09650.yaml
+++ b/cnvd/2021/CNVD-2021-09650.yaml
@ -1,11 +1,16 @@
 id: CNVD-2021-09650
 info:
-  name: Ruijie EWEB Gateway Platform Command Execution
+  name: Ruijie EWEB Gateway Platform - Remote Command Injection
  author: daffainfo
  severity: critical
  description: Ruijie EWEB Gateway Platform is susceptible to remote command injection attacks.
  reference:
    - http://j0j0xsec.top/2021/04/22/%E9%94%90%E6%8D%B7EWEB%E7%BD%91%E5%85%B3%E5%B9%B3%E5%8F%B0%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E/
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
    cwe-id: CWE-77
  tags: ruijie,cnvd,cnvd2021,rce
 requests:
@ -23,3 +28,5 @@ requests:
        name: http
        words:
          - "http"
 # Enhanced by mp on 2022/05/12
--- a/cnvd/2021/CNVD-2021-26422.yaml
+++ b/cnvd/2021/CNVD-2021-26422.yaml
@ -4,9 +4,14 @@ info:
  name: eYouMail - Remote Code Execution
  author: daffainfo
  severity: critical
  description: eYouMail is susceptible to a remote code execution vulnerability.
  reference:
    - https://github.com/ltfafei/my_POC/blob/master/CNVD-2021-26422_eYouMail/CNVD-2021-26422_eYouMail_RCE_POC.py
    - https://github.com/EdgeSecurityTeam/Vulnerability/blob/main/%E4%BA%BF%E9%82%AE%E9%82%AE%E4%BB%B6%E7%B3%BB%E7%BB%9F%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20(CNVD-2021-26422).md
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
    cwe-id: CWE-77
  tags: eyoumail,rce,cnvd,cnvd2021
 requests:
@ -27,3 +32,5 @@ requests:
      - type: status
        status:
          - 200
 # Enhanced by mp on 2022/05/12
--- a/cnvd/2021/CNVD-2021-28277.yaml
+++ b/cnvd/2021/CNVD-2021-28277.yaml
@ -1,7 +1,7 @@
 id: CNVD-2021-28277
 info:
-  name: Landray-OA Arbitrary File Download
+  name: Landray-OA Arbitrary - Arbitrary File Retrieval
  author: pikpikcu,daffainfo
  severity: high
  reference:
--- a/cnvd/2022/CNVD-2022-03672.yaml
+++ b/cnvd/2022/CNVD-2022-03672.yaml
@ -1,14 +1,19 @@
 id: CNVD-2022-03672
 info:
-  name: Sunflower Simple and Personal edition RCE
+  name: Sunflower Simple and Personal - Remote Code Execution
  author: daffainfo
  severity: critical
  description: Sunflower Simple and Personal is susceptible to a remote code execution vulnerability.
  reference:
    - https://www.1024sou.com/article/741374.html
    - https://copyfuture.com/blogs-details/202202192249158884
    - https://www.cnvd.org.cn/flaw/show/CNVD-2022-10270
    - https://www.cnvd.org.cn/flaw/show/CNVD-2022-03672
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
    cwe-id: CWE-77
  tags: cnvd,cnvd2020,sunflower,rce
 requests:
@ -40,3 +45,5 @@ requests:
          - "contains(body_1, 'verify_string')"
          - "contains(body_2, 'Windows IP')"
        condition: and
 # Enhanced by mp on 2022/05/12
--- a/cves/2007/CVE-2007-4504.yaml
+++ b/cves/2007/CVE-2007-4504.yaml
@ -1,10 +1,10 @@
 id: CVE-2007-4504
 info:
-  name: Joomla! Component RSfiles 1.0.2 - 'path' File Download
+  name: Joomla! Component RSfiles <=1.0.2 - Arbitrary File Retrieval
  author: daffainfo
  severity: high
-  description: Directory traversal vulnerability in index.php in the RSfiles component (com_rsfiles) 1.0.2 and earlier for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter in a files.display action.
+  description: An arbitrary file retrieval vulnerability in index.php in the RSfiles component (com_rsfiles) <=1.0.2 for Joomla! allows remote attackers to arbitrarily read files via a .. (dot dot) in the path parameter in a files.display action.
  reference:
    - https://www.exploit-db.com/exploits/4307
    - https://www.cvedetails.com/cve/CVE-2007-4504
--- a/cves/2010/CVE-2010-0696.yaml
+++ b/cves/2010/CVE-2010-0696.yaml
@ -1,7 +1,7 @@
 id: CVE-2010-0696
 info:
-  name: Joomla! Component Jw_allVideos - Arbitrary File Download
+  name: Joomla! Component Jw_allVideos - Arbitrary File Retrieval
  author: daffainfo
  severity: high
  description: A directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ (modified dot dot) in the file parameter.
@ -25,4 +25,5 @@ requests:
      - type: status
        status:
          - 200
 # Enhanced by mp on 2022/02/13
--- a/cves/2010/CVE-2010-2122.yaml
+++ b/cves/2010/CVE-2010-2122.yaml
@ -1,10 +1,10 @@
 id: CVE-2010-2122
 info:
-  name: Joomla! Component simpledownload 0.9.5 - Local File Disclosure
+  name: Joomla! Component simpledownload <=0.9.5 - Arbitrary File Retrieval
  author: daffainfo
  severity: high
-  description: A directory traversal vulnerability in the SimpleDownload (com_simpledownload) component before 0.9.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
+  description: A directory traversal vulnerability in the SimpleDownload (com_simpledownload) component before 0.9.6 for Joomla! allows remote attackers to retrieve arbitrary files via a .. (dot dot) in the controller parameter to index.php.
  reference:
    - https://www.exploit-db.com/exploits/12623
    - https://www.cvedetails.com/cve/CVE-2010-2122
--- a/cves/2010/CVE-2010-3203.yaml
+++ b/cves/2010/CVE-2010-3203.yaml
@ -1,7 +1,7 @@
 id: CVE-2010-3203
 info:
-  name: Joomla! Component PicSell 1.0 - Local File Disclosure
+  name: Joomla! Component PicSell 1.0 - Arbitrary File Retrieval
  author: daffainfo
  severity: high
  description: A directory traversal vulnerability in the PicSell (com_picsell) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dflink parameter in a prevsell dwnfree action to index.php.
--- a/cves/2015/CVE-2015-4694.yaml
+++ b/cves/2015/CVE-2015-4694.yaml
@ -1,10 +1,10 @@
 id: CVE-2015-4694
 info:
-  name: WordPress Zip Attachments <= 1.1.4 - Arbitrary File Download
+  name: WordPress Zip Attachments <= 1.1.4 - Arbitrary File Retrieval
  author: 0x_Akoko
  severity: high
-  description: WordPress zip-attachments plugin allows arbitrary file downloads because it does not check the download path of the requested file.
+  description: WordPress zip-attachments plugin allows arbitrary file retrieval as it does not check the download path of the requested file.
  reference:
    - https://wordpress.org/plugins/zip-attachments/#developers
    - https://wpscan.com/vulnerability/8047
--- a/cves/2017/CVE-2017-11512.yaml
+++ b/cves/2017/CVE-2017-11512.yaml
@ -1,11 +1,11 @@
 id: CVE-2017-11512
 info:
-  name: ManageEngine ServiceDesk - Unauthenticated Arbitrary File Download
+  name: ManageEngine ServiceDesk - Arbitrary File Retrieval
  author: 0x_Akoko
  severity: high
  description: |
-    The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the name parameter for the download-snapshot URL. An unauthenticated remote attacker can use this vulnerability to download arbitrary files.
+    The ManageEngine ServiceDesk 9.3.9328 is vulnerable to an arbitrary file retrieval due to improper restrictions of the pathname used in the name parameter for the download-snapshot path. An unauthenticated remote attacker can use this vulnerability to download arbitrary files.
  reference:
    - https://exploit.kitploit.com/2017/11/manageengine-servicedesk-cve-2017-11512.html
    - https://www.cvedetails.com/cve/CVE-2017-11512
--- a/cves/2017/CVE-2017-15363.yaml
+++ b/cves/2017/CVE-2017-15363.yaml
@ -1,7 +1,7 @@
 id: CVE-2017-15363
 info:
-  name: Typo3 Restler Extension - Local File Disclosure
+  name: TYPO3 Restler - Arbitrary File Retrieval
  author: 0x_Akoko
  severity: high
  description: Directory traversal vulnerability in public/examples/resources/getsource.php in Luracast Restler through 3.0.0, as used in the restler extension before 1.7.1 for TYPO3, allows remote attackers to read arbitrary files via the file parameter.
--- a/cves/2017/CVE-2017-7269.yaml
+++ b/cves/2017/CVE-2017-7269.yaml
@ -5,7 +5,7 @@ info:
  author: thomas_from_offensity,geeknik
  severity: critical
  description: |
-    Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 contains a buffer overflow vulnearbility in the ScStoragePathFromUrl function in the WebDAV service that could allow remote attackers to execute arbitrary code via a long header beginning with "If <http://" in a PROPFIND request.
+    Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 contains a buffer overflow vulnerability in the ScStoragePathFromUrl function in the WebDAV service that could allow remote attackers to execute arbitrary code via a long header beginning with "If <http://" in a PROPFIND request.
  reference:
    - https://blog.0patch.com/2017/03/0patching-immortal-cve-2017-7269.html
    - https://github.com/danigargu/explodingcan/blob/master/explodingcan.py
--- a/cves/2017/CVE-2017-7615.yaml
+++ b/cves/2017/CVE-2017-7615.yaml
@ -6,7 +6,7 @@ id: CVE-2017-7615
 # MantisBT before 1.3.10, 2.2.4, and 2.3.1, that can be downloaded on reference[1].
 info:
-  name: CVE-2017-7615
+  name: MantisBT <=2.30 - Arbitrary Password Reset and Unauthenticated Admin Access
  author: bp0lr,dwisiswant0
  severity: high
  description: MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php.
--- a/cves/2017/CVE-2017-9841.yaml
+++ b/cves/2017/CVE-2017-9841.yaml
@ -1,15 +1,16 @@
 id: CVE-2017-9841
 info:
-  name: PHPUnit < 4.8.28 and 5.x - 5.63 Arbitrary Code Execution
+  name: PHPUnit - Remote Code Execution
  author: Random_Robbie,pikpikcu
  severity: critical
-  description: Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI
+  description: PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring via Util/PHP/eval-stdin.php , as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.
  reference:
    - https://github.com/cyberharsh/Php-unit-CVE-2017-9841
    - https://github.com/RandomRobbieBF/phpunit-brute
    - https://thephp.cc/articles/phpunit-a-security-risk
    - https://twitter.com/sec715/status/1411517028012158976
    - https://nvd.nist.gov/vuln/detail/CVE-2017-9841
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
@ -72,3 +73,5 @@ requests:
      - type: status
        status:
          - 200
 # Enhanced by mp on 2022/05/12
--- a/cves/2018/CVE-2018-0127.yaml
+++ b/cves/2018/CVE-2018-0127.yaml
@ -1,14 +1,15 @@
 id: CVE-2018-0127
 info:
-  name: Cisco RV132W and RV134W Router Information Disclosure
+  name: Cisco RV132W/RV134W Router - Information Disclosure
  author: jrolf
  severity: critical
-  description: A vulnerability in the web interface of Cisco RV132W ADSL2+ Wireless-N VPN Routers and Cisco RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to view configuration parameters for an affected device, which could lead to the disclosure of confidential information.
+  description: Cisco RV132W ADSL2+ Wireless-N VPN Routers and Cisco RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to view configuration parameters for an affected device via the web interface, which could lead to the disclosure of confidential information.
  reference:
    - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-rv13x_2
    - http://www.securitytracker.com/id/1040345
    - http://www.securityfocus.com/bid/102969
    - https://nvd.nist.gov/vuln/detail/CVE-2018-0127
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
@ -35,3 +36,5 @@ requests:
          - "MDM"
          - "cisco"
          - "admin"
 # Enhanced by mp on 2022/05/12
--- a/cves/2018/CVE-2018-1000226.yaml
+++ b/cves/2018/CVE-2018-1000226.yaml
@ -1,9 +1,10 @@
 id: CVE-2018-1000226
 info:
-  name: Cobbler versions 2.6.11+, (2.0.0+ or older versions) - Authentication Bypass
+  name: Cobbler - Authentication Bypass
  author: c-sh0
  severity: critical
  description: Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ and possibly even older versions, may be vulnerable to an authentication bypass vulnerability in XMLRPC API (/cobbler_api) that can result in privilege escalation, data manipulation or exfiltration, and LDAP credential harvesting. This attack appear to be exploitable via "network connectivity". Taking advantage of improper validation of security tokens in API endpoints. Please note this is a different issue than CVE-2018-10931.
  reference:
    - https://github.com/cobbler/cobbler/issues/1916
    - https://movermeyer.com/2018-08-02-privilege-escalation-exploits-in-cobblers-api/
@ -58,3 +59,5 @@ requests:
        part: body
        regex:
          - "(.*[a-zA-Z0-9].+==)</string></value>"
 # Enhanced by mp on 2022/05/12
--- a/cves/2018/CVE-2018-1000861.yaml
+++ b/cves/2018/CVE-2018-1000861.yaml
@ -1,13 +1,13 @@
 id: CVE-2018-1000861
 info:
-  name: Jenkins 2.138 Remote Command Execution
+  name: Jenkins - Remote Command Injection
  author: dhiyaneshDK,pikpikcu
  severity: critical
-  description: A code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allows
+  description: Jenkins 2.153 and earlier and LTS 2.138.3 and earlier are susceptible to a remote command injection via stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allows attackers to invoke some methods on Java objects by accessing crafted URLs that were not intended to be invoked this way.
    attackers to invoke some methods on Java objects by accessing crafted URLs that were not intended to be invoked this way.
  reference:
    - https://github.com/vulhub/vulhub/tree/master/jenkins/CVE-2018-1000861
    - https://nvd.nist.gov/vuln/detail/CVE-2018-1000861
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
@ -31,3 +31,5 @@ requests:
      - type: status
        status:
          - 200
 # Enhanced by mp on 2022/05/12
--- a/cves/2018/CVE-2018-10562.yaml
+++ b/cves/2018/CVE-2018-10562.yaml
@ -1,10 +1,10 @@
 id: CVE-2018-10562
 info:
-  name: Dasan GPON Devices - Remote Code Execution (Unauthenticated)
+  name: Dasan GPON Devices - Remote Code Execution
  author: gy741
  severity: critical
-  description: An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping
+  description: Dasan GPON home routers are susceptible to command injection which can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping
    results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to execute commands and retrieve their output.
  reference:
    - https://www.vpnmentor.com/blog/critical-vulnerability-gpon-router
@ -37,3 +37,5 @@ requests:
        part: interactsh_protocol # Confirms the HTTP Interaction
        words:
          - "http"
 # Enhanced by mp on 2022/05/12
--- a/cves/2018/CVE-2018-12031.yaml
+++ b/cves/2018/CVE-2018-12031.yaml
@ -4,11 +4,11 @@ info:
  name: Eaton Intelligent Power Manager 1.6 - Directory Traversal
  author: daffainfo
  severity: critical
-  description: Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file, it can lead to sensitive information disclosure, denial of service and code execution.
+  description: Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via directory traversal, which can lead to sensitive information disclosure, denial of service and code execution.
  reference:
    - https://github.com/EmreOvunc/Eaton-Intelligent-Power-Manager-Local-File-Inclusion
    - https://nvd.nist.gov/vuln/detail/CVE-2018-12031
    - https://www.exploit-db.com/exploits/48614
    - https://nvd.nist.gov/vuln/detail/CVE-2018-12031
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
@ -33,3 +33,5 @@ requests:
      - type: status
        status:
          - 200
 # Enhanced by mp on 2022/05/12
--- a/cves/2018/CVE-2018-1207.yaml
+++ b/cves/2018/CVE-2018-1207.yaml
@ -1,19 +1,17 @@
 id: CVE-2018-1207
 info:
-  name: Dell iDRAC7 and iDRAC8 Devices Code Injection/RCE
+  name: Dell iDRAC7/8 Devices - Remote Code Injection
  author: dwisiswant0
  severity: critical
  description: |
-    This template supports the detection part only.
+    Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain a CGI injection vulnerability
    Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain CGI injection vulnerability
    which could be used to execute remote code. A remote unauthenticated attacker may
    potentially be able to use CGI variables to execute remote code.
    https://github.com/KraudSecurity/Exploits/blob/master/CVE-2018-1207/CVE-2018-1207.py
  reference:
    - https://downloads.dell.com/solutions/dell-management-solution-resources/iDRAC_CVE%201207_1211_1000116.pdf
    - https://github.com/KraudSecurity/Exploits/blob/master/CVE-2018-1207/CVE-2018-1207.py
    - https://nvd.nist.gov/vuln/detail/CVE-2018-1207
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
@ -30,3 +28,5 @@ requests:
        words:
          - "calling init: /lib/"
        part: response
 # Enhanced by mp on 2022/05/12
--- a/cves/2018/CVE-2018-12300.yaml
+++ b/cves/2018/CVE-2018-12300.yaml
@ -1,7 +1,7 @@
 id: CVE-2018-12300
 info:
-  name: Seagate NAS OS 4.3.15.1 - Open redirect
+  name: Seagate NAS OS 4.3.15.1 - Open Redirect
  author: 0x_Akoko
  severity: medium
  description: Arbitrary Redirect in echo-server.html in Seagate NAS OS version 4.3.15.1 allows attackers to disclose information in the Referer header via the 'state' URL parameter.
--- a/cves/2018/CVE-2018-12634.yaml
+++ b/cves/2018/CVE-2018-12634.yaml
@ -1,12 +1,13 @@
 id: CVE-2018-12634
 info:
-  name: Exposed CirCarLife System Log
+  name: CirCarLife Scada <4.3 - System Log Exposure
  author: geeknik
  severity: critical
-  description: CirCarLife is an internet-connected electric vehicle charging station
+  description: CirCarLife Scada before 4.3 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI. CirCarLife is an internet-connected electric vehicle charging station.
  reference:
    - https://circontrol.com/
    - https://nvd.nist.gov/vuln/detail/CVE-2018-12634
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
@ -33,3 +34,5 @@ requests:
      - type: status
        status:
          - 200
 # Enhanced by mp on 2022/05/12
--- a/cves/2018/CVE-2018-1273.yaml
+++ b/cves/2018/CVE-2018-1273.yaml
@ -1,7 +1,7 @@
 id: CVE-2018-1273
 info:
-  name: Spring Data Commons Unauthenticated RCE
+  name: Spring Data Commons - Remote Code Execution
  author: dwisiswant0
  severity: critical
  description: |
@ -42,3 +42,5 @@ requests:
          - "\\[(font|extension|file)s\\]"
        condition: or
        part: body
 # Enhanced by mp on 2022/05/12
--- a/cves/2018/CVE-2018-13379.yaml
+++ b/cves/2018/CVE-2018-13379.yaml
@ -1,14 +1,14 @@
 id: CVE-2018-13379
 info:
-  name: FortiOS - Credentials Disclosure
+  name: Fortinet FortiOS - Credentials Disclosure
  author: organiccrap
  severity: critical
-  description: An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0
+  description: Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests due to improper limitation of a pathname to a restricted directory (path traversal).
    to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.
  reference:
    - https://fortiguard.com/advisory/FG-IR-18-384
    - https://www.fortiguard.com/psirt/FG-IR-20-233
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13379
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
@ -24,3 +24,5 @@ requests:
      - type: word
        words:
          - "var fgt_lang"
 # Enhanced by mp on 2022/05/12
--- a/cves/2018/CVE-2018-13980.yaml
+++ b/cves/2018/CVE-2018-13980.yaml
@ -1,7 +1,7 @@
 id: CVE-2018-13980
 info:
-  name: Zeta Producer Desktop CMS 14.2.0 - Local File Disclosure
+  name: Zeta Producer Desktop CMS 14.2.0 - Arbitrary File Retrieval
  author: wisnupramoedya
  severity: medium
  description: The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated file disclosure if the plugin "filebrowser" is installed, because of assets/php/filebrowser/filebrowser.main.php?file=../ directory traversal.
--- a/cves/2018/CVE-2018-14064.yaml
+++ b/cves/2018/CVE-2018-14064.yaml
@ -4,7 +4,7 @@ info:
  name: VelotiSmart Wifi - Directory Traversal
  author: 0x_Akoko
  severity: critical
-  description: The uc-http service 1.0.0 on VelotiSmart WiFi B-380 camera devices allows Directory Traversal, as demonstrated by /../../etc/passwd on TCP port 80.
+  description: VelotiSmart WiFi B-380 camera devices allow directory traversal via the uc-http service 1.0.0, as demonstrated by /../../etc/passwd on TCP port 80.
  reference:
    - https://medium.com/@s1kr10s/velotismart-0day-ca5056bcdcac
    - https://www.exploit-db.com/exploits/45030
@ -31,3 +31,5 @@ requests:
      - type: status
        status:
          - 200
 # Enhanced by mp on 2022/05/12
--- a/cves/2018/CVE-2018-14916.yaml
+++ b/cves/2018/CVE-2018-14916.yaml
@ -1,10 +1,10 @@
 id: CVE-2018-14916
 info:
-  name: Loytec LGATE-902 Directory Traversal
+  name: Loytec LGATE-902 <6.4.2 - Local File Inclusion
  author: 0x_Akoko
  severity: critical
-  description: Loytec LGATE-902 versions prior to 6.4.2 suffer from cross site scripting, arbitrary file deletion, and directory traversal vulnerabilities.
+  description: Loytec LGATE-902 versions prior to 6.4.2 suffers from a local file inclusion vulnerability.
  reference:
    - https://packetstormsecurity.com/files/152453/Loytec-LGATE-902-XSS-Traversal-File-Deletion.html
    - https://nvd.nist.gov/vuln/detail/CVE-2018-14916
@ -30,3 +30,5 @@ requests:
      - type: status
        status:
          - 200
 # Enhanced by mp on 2022/05/12
--- a/cves/2018/CVE-2018-15517.yaml
+++ b/cves/2018/CVE-2018-15517.yaml
@ -1,10 +1,10 @@
 id: CVE-2018-15517
 info:
-  name: D-LINK Central WifiManager Server-Side Request Forgery
+  name: D-Link Central WifiManager - Server-Side Request Forgery
  author: gy741
  severity: high
-  description: D-LINK Central WifiManager is susceptible to server-side request forgery. The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP
+  description: D-Link Central WifiManager is susceptible to server-side request forgery. The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP
    server but actually allows outbound TCP to any port on any IP address, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ URI. This can undermine accountability of where scan or
    connections actually came from and or bypass the FW etc. This can be automated via script or using a browser.
  reference:
--- a/cves/2018/CVE-2018-16167.yaml
+++ b/cves/2018/CVE-2018-16167.yaml
@ -1,7 +1,7 @@
 id: CVE-2018-16167
 info:
-  name: LogonTracer 1.2.0 - Remote Code Execution (Unauthenticated)
+  name: LogonTracer <=1.2.0 - Remote Command Injection
  author: gy741
  severity: critical
  description: LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.
@ -30,3 +30,5 @@ requests:
        part: interactsh_protocol # Confirms the HTTP Interaction
        words:
          - "http"
 # Enhanced by mp on 2022/05/12
--- a/cves/2018/CVE-2018-16763.yaml
+++ b/cves/2018/CVE-2018-16763.yaml
@ -1,14 +1,15 @@
 id: CVE-2018-16763
 info:
-  name: fuelCMS 1.4.1 - Remote Code Execution
+  name: FUEL CMS 1.4.1 - Remote Code Execution
  author: pikpikcu
  severity: critical
-  description: FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter. This can lead to Pre-Auth Remote Code Execution.
+  description: FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter.
  reference:
    - https://www.exploit-db.com/exploits/47138
    - https://www.getfuelcms.com/
    - https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.1
    - https://nvd.nist.gov/vuln/detail/CVE-2018-16763
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
@ -30,3 +31,5 @@ requests:
      - type: regex
        regex:
          - "root:.*:0:0:"
 # Enhanced by mp on 2022/05/12
--- a/cves/2018/CVE-2018-16836.yaml
+++ b/cves/2018/CVE-2018-16836.yaml
@ -1,13 +1,13 @@
 id: CVE-2018-16836
 info:
-  name: Rubedo CMS 3.4.0 - Directory Traversal
+  name: Rubedo CMS <=3.4.0 - Directory Traversal
  author: 0x_Akoko
  severity: critical
-  description: Rubedo through 3.4.0 contains a Directory Traversal vulnerability in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside of the service root path, as
+  description: Rubedo CMS through 3.4.0 contains a directory traversal vulnerability in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside of the service root path, as demonstrated by a /theme/default/img/%2e%2e/..//etc/passwd URI.
    demonstrated by a /theme/default/img/%2e%2e/..//etc/passwd URI.
  reference:
    - https://www.exploit-db.com/exploits/45385
    - https://nvd.nist.gov/vuln/detail/CVE-2018-16836
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
@ -29,3 +29,5 @@ requests:
      - type: status
        status:
          - 200
 # Enhanced by mp on 2022/05/13
--- a/cves/2018/CVE-2018-17246.yaml
+++ b/cves/2018/CVE-2018-17246.yaml
@ -1,14 +1,13 @@
 id: CVE-2018-17246
 info:
-  name: Kibana Local File Inclusion
+  name: Kibana - Local File Inclusion
  author: princechaddha
  severity: critical
-  description: Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to execute
+  description: Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to execute JavaScript which could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.
    javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2018-17246
    - https://github.com/vulhub/vulhub/blob/master/kibana/CVE-2018-17246/README.md
    - https://nvd.nist.gov/vuln/detail/CVE-2018-17246
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
@ -38,3 +37,5 @@ requests:
      - type: status
        status:
          - 500
 # Enhanced by mp on 2022/05/13
--- a/cves/2018/CVE-2018-17431.yaml
+++ b/cves/2018/CVE-2018-17431.yaml
@ -1,13 +1,14 @@
 id: CVE-2018-17431
 info:
-  name: Comodo Unified Threat Management Web Console 2.7.0 - RCE
+  name: Comodo Unified Threat Management Web Console - Remote Code Execution
  author: dwisiswant0
  severity: critical
-  description: Comodo Firewall & Central Manager (UTM) All Release before 2.7.0 & 1.5.0 Remote Code Execution (Web Shell based)
+  description: Comodo Firewall & Central Manager (UTM) All Release before 2.7.0 & 1.5.0 are susceptible to a web shell based remote code execution vulnerability.
  reference:
    - https://www.exploit-db.com/exploits/48825
    - https://secure.comodo.com/home/purchase.php?pid=106&license=try&track=9276&af=9276
    - https://nvd.nist.gov/vuln/detail/CVE-2018-17431
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
@ -36,3 +37,5 @@ requests:
      - type: status
        status:
          - 200
 # Enhanced by mp on 2022/05/13
--- a/cves/2018/CVE-2018-18925.yaml
+++ b/cves/2018/CVE-2018-18925.yaml
@ -1,11 +1,10 @@
 id: CVE-2018-18925
 info:
-  name: Gogs - Remote Code Execution (CVE-2018-18925)
+  name: Gogs (Go Git Service) 0.11.66 - Remote Code Execution
  author: princechaddha
  severity: critical
-  description: Gogs 0.11.66 allows remote code execution because it does not properly validate session IDs, as demonstrated by a ".." session-file forgery in the file session provider in file.go. This is related
+  description: Gogs 0.11.66 allows remote code execution because it does not properly validate session IDs, as demonstrated by a ".." session-file forgery in the file session provider in file.go. This is related to session ID handling in the go-macaron/session code for Macaron.
    to session ID handling in the go-macaron/session code for Macaron.
  reference:
    - https://www.anquanke.com/post/id/163575
    - https://github.com/vulhub/vulhub/tree/master/gogs/CVE-2018-18925
@ -15,7 +14,7 @@ info:
    cvss-score: 9.8
    cve-id: CVE-2018-18925
    cwe-id: CWE-384
-  remediation: This issue will be fixed by updating to the latest version of Gogs
+  remediation: This issue will be fixed by updating to the latest version of Gogs.
  tags: cve,cve2018,gogs,lfi,rce
 requests:
@ -35,3 +34,5 @@ requests:
      - type: dsl
        dsl:
          - 'status_code_1 == 500 && status_code_2 == 200 && contains(body_2, "<meta name=\"author\" content=\"Gogs\" />")'
 # Enhanced by mp on 2022/05/13
--- a/cves/2018/CVE-2018-20985.yaml
+++ b/cves/2018/CVE-2018-20985.yaml
@ -1,13 +1,13 @@
 id: CVE-2018-20985
 info:
-  name: WordPress Plugin WP Payeezy Pay 2.97 - Local File Inclusion
+  name: WordPress Payeezy Pay <=2.97 - Local File Inclusion
  author: daffainfo
  severity: critical
-  description: WordPress Plugin WP Payeezy Pay is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive
+  description: WordPress Plugin WP Payeezy Pay is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin WP Payeezy Pay version 2.97 is vulnerable; prior versions are also affected.
    information that could aid in further attacks. WordPress Plugin WP Payeezy Pay version 2.97 is vulnerable; prior versions are also affected.
  reference:
    - https://www.pluginvulnerabilities.com/2018/12/06/our-improved-proactive-monitoring-has-now-caught-a-local-file-inclusion-lfi-vulnerability-as-well/
    - https://wordpress.org/plugins/wp-payeezy-pay/#developers
    - https://www.cvedetails.com/cve/CVE-2018-20985/
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
@ -35,3 +35,6 @@ requests:
      - type: status
        status:
          - 200
 # Enhanced by mp on 2022/05/13
--- a/cves/2018/CVE-2018-2894.yaml
+++ b/cves/2018/CVE-2018-2894.yaml
@ -1,13 +1,15 @@
 id: CVE-2018-2894
 info:
-  name: Oracle WebLogic RCE
+  name: Oracle WebLogic Server - Remote Code Execution
  author: geeknik,pdteam
  severity: critical
-  description: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server.
+  description: |
    The Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services) is susceptible to a remote code execution vulnerability that is easily exploitable and could allow unauthenticated attackers with network access via HTTP to compromise the server. Supported versions that are affected are 12.1.3.0, 12.2.1.2 and 12.2.1.3.
  reference:
    - https://blog.detectify.com/2018/11/14/technical-explanation-of-cve-2018-2894-oracle-weblogic-rce/
    - https://github.com/vulhub/vulhub/tree/fda47b97c7d2809660a4471539cd0e6dbf8fac8c/weblogic/CVE-2018-2894
    - https://nvd.nist.gov/vuln/detail/CVE-2018-2894
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
@ -90,3 +92,5 @@ requests:
      - type: word
        words:
          - "26ec00a3a03f6bfc5226fd121567bb58" # MD5 (CVE-2018-2894)
 # Enhanced by mp on 2022/05/13
--- a/cves/2018/CVE-2018-3810.yaml
+++ b/cves/2018/CVE-2018-3810.yaml
@ -1,14 +1,13 @@
 id: CVE-2018-3810
 info:
-  name: WordPress Smart Google Code Inserter Authentication Bypass
+  name: Oturia WordPress Smart Google Code Inserter <3.5 - Authentication Bypass
  author: princechaddha
  severity: critical
-  description: Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code (via the sgcgoogleanalytic
+  description: Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code (via the sgcgoogleanalytic parameter) that runs on all pages served by WordPress. The saveGoogleCode() function in smartgooglecode.php does not check if the current request is made by an authorized user, thus allowing any unauthenticated user to successfully update the inserted code.
    parameter) that runs on all pages served by WordPress. The saveGoogleCode() function in smartgooglecode.php does not check if the current request is made by an authorized user, thus allowing any unauthenticated
    user to successfully update the inserted code.
  reference:
    - https://www.exploit-db.com/exploits/43420
    - https://nvd.nist.gov/vuln/detail/CVE-2018-3810
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
@ -44,3 +43,6 @@ requests:
      - type: status
        status:
          - 200
 # Enhanced by mp on 2022/05/13
--- a/cves/2018/CVE-2018-6008.yaml
+++ b/cves/2018/CVE-2018-6008.yaml
@ -1,10 +1,10 @@
 id: CVE-2018-6008
 info:
-  name: Joomla! Component Jtag Members Directory 5.3.7 - Arbitrary File Download
+  name: Joomla! Component Jtag Members Directory 5.3.7 - Arbitrary File Retrieval
  author: daffainfo
  severity: high
-  description: Arbitrary File Download exists in the Jtag Members Directory 5.3.7 component for Joomla! via the download_file parameter.
+  description: Arbitrary file retrieval exists in the Jtag Members Directory 5.3.7 component for Joomla! via the download_file parameter.
  reference:
    - https://www.exploit-db.com/exploits/43913
    - https://www.cvedetails.com/cve/CVE-2018-6008
--- a/cves/2018/CVE-2018-7600.yaml
+++ b/cves/2018/CVE-2018-7600.yaml
@ -1,13 +1,13 @@
 id: CVE-2018-7600
 info:
-  name: Drupal Drupalgeddon 2 RCE
+  name: Drupal - Remote Code Execution
  author: pikpikcu
  severity: critical
-  description: Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or
+  description: Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
    common module configurations.
  reference:
    - https://github.com/vulhub/vulhub/tree/master/drupal/CVE-2018-7600
    - https://nvd.nist.gov/vuln/detail/CVE-2018-7600
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
@ -60,3 +60,5 @@ requests:
      - type: status
        status:
          - 200
 # Enhanced by mp on 2022/05/13
--- a/cves/2018/CVE-2018-7602.yaml
+++ b/cves/2018/CVE-2018-7602.yaml
@ -1,11 +1,10 @@
 id: CVE-2018-7602
 info:
-  name: Drupal Remote Code Execution Vulnerability
+  name: Drupal - Remote Code Execution
  author: princechaddha
  severity: critical
-  description: A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result
+  description: Drupal 7.x and 8.x contain a remote code execution vulnerability that exists within multiple subsystems. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild.
    in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild.
  reference:
    - https://github.com/vulhub/vulhub/blob/master/drupal/CVE-2018-7602/drupa7-CVE-2018-7602.py
    - https://nvd.nist.gov/vuln/detail/CVE-2018-7602
@ -74,3 +73,5 @@ requests:
        group: 1
        regex:
          - '<input type="hidden" name="form_build_id" value="(.*)" />'
 # Enhanced by mp on 2022/05/13
--- a/cves/2018/CVE-2018-7662.yaml
+++ b/cves/2018/CVE-2018-7662.yaml
@ -1,7 +1,7 @@
 id: CVE-2018-7662
 info:
-  name: CouchCMS <= 2.0 - Full Path Disclosure
+  name: CouchCMS <= 2.0 - Path Disclosure
  author: ritikchaddha
  severity: medium
  description: CouchCMS <= 2.0 allows remote attackers to discover the full path via a direct request to includes/mysql2i/mysql2i.func.php or addons/phpmailer/phpmailer.php.
--- a/cves/2018/CVE-2018-9161.yaml
+++ b/cves/2018/CVE-2018-9161.yaml
@ -4,8 +4,7 @@ info:
  name: PrismaWEB - Credentials Disclosure
  author: gy741
  severity: critical
-  description: The vulnerability exists due to the disclosure of hard-coded credentials allowing an attacker to effectively bypass authentication of PrismaWEB with administrator privileges. The credentials can be
+  description: PrismaWEB is susceptible to credential disclosure. The vulnerability exists due to the disclosure of hard-coded credentials allowing an attacker to effectively bypass authentication of PrismaWEB with administrator privileges. The credentials can be disclosed by simply navigating to the login_par.js JavaScript page that holds the username and password for the management interface that are being used via the Login() function in /scripts/functions_cookie.js script.
    disclosed by simply navigating to the login_par.js JavaScript page that holds the username and password for the management interface that are being used via the Login() function in /scripts/functions_cookie.js script.
  reference:
    - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5453.php
    - https://nvd.nist.gov/vuln/detail/CVE-2018-9161
@ -33,3 +32,5 @@ requests:
      - type: status
        status:
          - 200
 # Enhanced by mp on 2022/05/13
--- a/cves/2018/CVE-2018-9205.yaml
+++ b/cves/2018/CVE-2018-9205.yaml
@ -1,7 +1,7 @@
 id: CVE-2018-9205
 info:
-  name: Drupal avatar_uploader v7.x-1.0-beta8 Local File Inclusion
+  name: Drupal avatar_uploader v7.x-1.0-beta8 - Local File Inclusion
  author: daffainfo
  severity: high
  description: In avatar_uploader v7.x-1.0-beta8 the view.php program doesn't restrict file paths, allowing unauthenticated users to retrieve arbitrary files.
--- a/cves/2019/CVE-2019-16123.yaml
+++ b/cves/2019/CVE-2019-16123.yaml
@ -1,7 +1,7 @@
 id: CVE-2019-16123
 info:
-  name: PilusCart <= 1.4.1 - Local File Disclosure
+  name: PilusCart <= 1.4.1 - Arbitrary File Retrieval
  author: 0x_Akoko
  severity: high
  description: PilusCart versions 1.4.1 and below suffers from a file disclosure vulnerability.
--- a/cves/2019/CVE-2019-16759.yaml
+++ b/cves/2019/CVE-2019-16759.yaml
@ -1,7 +1,7 @@
 id: CVE-2019-16759
 info:
-  name: vBulletin v5.0.0-v5.5.4 Remote Command Execution
+  name: vBulletin v5.0.0-v5.5.4 - Remote Command Execution
  author: madrobot
  severity: critical
  description: vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.
--- a/cves/2019/CVE-2019-17506.yaml
+++ b/cves/2019/CVE-2019-17506.yaml
@ -1,11 +1,10 @@
 id: CVE-2019-17506
 info:
-  name: DLINK DIR-868L & DIR-817LW Info Leak
+  name: D-Link DIR-868L & DIR-817LW - Information Disclosure
  author: pikpikcu
  severity: critical
-  description: There are some web interfaces without authentication requirements on D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 routers. An attacker can get the router's username and password (and other information)
+  description: There are some web interfaces without authentication requirements on D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 routers. An attacker can get the router's username and password (and other information) via a DEVICE.ACCOUNT value for SERVICES in conjunction with AUTHORIZED_GROUP=1%0a to getcfg.php. This could be used to control the router remotely.
    via a DEVICE.ACCOUNT value for SERVICES in conjunction with AUTHORIZED_GROUP=1%0a to getcfg.php. This could be used to control the router remotely.
  reference:
    - https://github.com/dahua966/Routers-vuls/blob/master/DIR-868/name%26passwd.py
  classification:
--- a/cves/2019/CVE-2019-19908.yaml
+++ b/cves/2019/CVE-2019-19908.yaml
@ -1,10 +1,10 @@
 id: CVE-2019-19908
 info:
-  name: phpMyChat-Plus XSS
+  name: phpMyChat-Plus - Cross-Site Scripting
  author: madrobot
  severity: medium
-  description: phpMyChat-Plus 1.98 is vulnerable to reflected XSS via JavaScript injection into the password reset URL. In the URL, the pmc_username parameter to pass_reset.php is vulnerable.
+  description: phpMyChat-Plus 1.98 is vulnerable to reflected cross-site scripting (XSS) via JavaScript injection into the password reset URL. In the URL, the pmc_username parameter to pass_reset.php is vulnerable.
  reference:
    - https://cinzinga.github.io/CVE-2019-19908/
  classification:
--- a/cves/2019/CVE-2019-19985.yaml
+++ b/cves/2019/CVE-2019-19985.yaml
@ -1,10 +1,10 @@
 id: CVE-2019-19985
 info:
-  name: WordPress Plugin Email Subscribers & Newsletters 4.2.2 - Unauthenticated File Download
+  name: WordPress Email Subscribers & Newsletters <4.2.2 - Arbitrary File Retrieval
  author: KBA@SOGETI_ESEC,madrobot,dwisiswant0
  severity: medium
-  description: The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed unauthenticated file download with user information disclosure.
+  description: The WordPress plugin Email Subscribers & Newsletters before 4.2.3 contains a flaw that allows unauthenticated file download and user information disclosure.
  reference:
    - https://www.exploit-db.com/exploits/48698
  classification:
--- a/cves/2019/CVE-2019-20141.yaml
+++ b/cves/2019/CVE-2019-20141.yaml
@ -1,7 +1,7 @@
 id: CVE-2019-20141
 info:
-  name: Neon Dashboard - XSS Reflected
+  name: Neon Dashboard - Cross-Site Scripting
  author: knassar702
  severity: medium
  description: An XSS issue was discovered in the Laborator Neon theme 2.0 for WordPress via the data/autosuggest-remote.php q parameter.
--- a/cves/2019/CVE-2019-3912.yaml
+++ b/cves/2019/CVE-2019-3912.yaml
@ -1,7 +1,7 @@
 id: CVE-2019-3912
 info:
-  name: LabKey Server < 18.3.0 - Open redirect
+  name: LabKey Server < 18.3.0 - Open Redirect
  author: 0x_Akoko
  severity: medium
  description: An open redirect vulnerability in LabKey Server Community Edition before 18.3.0-61806.763 via the /__r1/ returnURL parameter allows an unauthenticated remote attacker to redirect users to arbitrary web sites.
--- a/cves/2019/CVE-2019-9955.yaml
+++ b/cves/2019/CVE-2019-9955.yaml
@ -1,7 +1,7 @@
 id: CVE-2019-9955
 info:
-  name: Zyxel Reflected Cross-site Scripting
+  name: Zyxel - Reflected Cross-site Scripting
  author: pdteam
  severity: medium
  description: On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices, the security
--- a/cves/2020/CVE-2020-18268.yaml
+++ b/cves/2020/CVE-2020-18268.yaml
@ -1,7 +1,7 @@
 id: CVE-2020-18268
 info:
-  name: Z-BlogPHP 1.5.2 Open redirect
+  name: Z-BlogPHP 1.5.2 - Open Redirect
  author: 0x_Akoko
  severity: medium
  description: Open Redirect in Z-BlogPHP v1.5.2 and earlier allows remote attackers to obtain sensitive information via the "redirect" parameter in the component "zb_system/cmd.php."
--- a/cves/2020/CVE-2020-22840.yaml
+++ b/cves/2020/CVE-2020-22840.yaml
@ -1,7 +1,7 @@
 id: CVE-2020-22840
 info:
-  name: b2evolution CMS Open redirect
+  name: b2evolution CMS - Open Redirect
  author: geeknik
  severity: medium
  description: Open redirect vulnerability in b2evolution CMS version prior to 6.11.6 allows an attacker to perform malicious open redirects to an attacker controlled resource via redirect_to parameter in email_passthrough.php.
--- a/cves/2020/CVE-2020-24391.yaml
+++ b/cves/2020/CVE-2020-24391.yaml
@ -1,11 +1,10 @@
 id: CVE-2020-24391
 info:
-  name: Mongo-Express Remote Code Execution
+  name: Mongo-Express - Remote Code Execution
  author: leovalcante
  severity: critical
-  description: Mongo-Express before 1.0.0 is susceptible to remote code execution because it uses safer-eval to validate user supplied javascript. Unfortunately safer-eval sandboxing capabilities are easily bypassed
+  description: Mongo-Express before 1.0.0 is susceptible to remote code execution because it uses safer-eval to validate user supplied javascript. Unfortunately safer-eval sandboxing capabilities are easily bypassed leading to remote code execution in the context of the node server.
    leading to remote code execution in the context of the node server.
  reference:
    - https://securitylab.github.com/advisories/GHSL-2020-131-mongo-express/
    - https://github.com/mongo-express/mongo-express/commit/3a26b079e7821e0e209c3ee0cc2ae15ad467b91a
--- a/cves/2020/CVE-2020-24550.yaml
+++ b/cves/2020/CVE-2020-24550.yaml
@ -1,7 +1,7 @@
 id: CVE-2020-24550
 info:
-  name: CVE-2020-24550
+  name: EpiServer <13.2.7 - Open Redirect
  author: dhiyaneshDK
  severity: medium
  description: An Open Redirect vulnerability in EpiServer Find before 13.2.7 allows an attacker to redirect users to untrusted websites via the _t_redirect parameter in a crafted URL, such as a /find_v2/_click URL.
--- a/cves/2020/CVE-2020-24579.yaml
+++ b/cves/2020/CVE-2020-24579.yaml
@ -1,7 +1,7 @@
 id: CVE-2020-24579
 info:
-  name: DLINK DSL 2888a RCE
+  name: D-Link DSL 2888a - Remote Command Execution
  author: pikpikcu
  severity: high
  description: An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. An unauthenticated attacker could bypass authentication to access authenticated pages and functionality.
--- a/cves/2020/CVE-2020-25495.yaml
+++ b/cves/2020/CVE-2020-25495.yaml
@ -1,10 +1,10 @@
 id: CVE-2020-25495
 info:
-  name: SCO Openserver 5.0.7 - 'section' Reflected XSS
+  name: SCO Openserver 5.0.7 - 'section' Cross-Site scripting
  author: 0x_Akoko
  severity: medium
-  description: A reflected Cross-site scripting (XSS) vulnerability in Xinuo (formerly SCO) Openserver version 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section'.
+  description: A reflected cross-site scripting (XSS) vulnerability in Xinuo (formerly SCO) Openserver version 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section'.
  reference:
    - https://www.exploit-db.com/exploits/49300
  classification:
--- a/cves/2020/CVE-2020-29453.yaml
+++ b/cves/2020/CVE-2020-29453.yaml
@ -1,7 +1,7 @@
 id: CVE-2020-29453
 info:
-  name: Jira Server Pre-Auth Limited Arbitrary File Read
+  name: Jira Server Pre-Auth - Arbitrary File Retrieval (WEB-INF, META-INF)
  author: dwisiswant0
  severity: medium
  description: The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check.
--- a/cves/2020/CVE-2020-3452.yaml
+++ b/cves/2020/CVE-2020-3452.yaml
@ -1,7 +1,7 @@
 id: CVE-2020-3452
 info:
-  name: CVE-2020-3452
+  name: Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) - Arbitrary File Retrieval
  author: pdteam
  severity: high
  description: |
--- a/cves/2020/CVE-2020-35736.yaml
+++ b/cves/2020/CVE-2020-35736.yaml
@ -1,10 +1,10 @@
 id: CVE-2020-35736
 info:
-  name: GateOne Arbitrary File Download
+  name: GateOne 1.1 - Arbitrary File Retrieval
  author: pikpikcu
  severity: high
-  description: GateOne 1.1 allows arbitrary file download without authentication via /downloads/.. directory traversal because os.path.join is misused.
+  description: GateOne 1.1 allows arbitrary file retrieval without authentication via /downloads/.. directory traversal because os.path.join is incorrectly used.
  reference:
    - https://github.com/liftoff/GateOne/issues/747
    - https://nvd.nist.gov/vuln/detail/CVE-2020-35736
--- a/cves/2020/CVE-2020-35749.yaml
+++ b/cves/2020/CVE-2020-35749.yaml
@ -1,7 +1,7 @@
 id: CVE-2020-35749
 info:
-  name: Simple Job Board < 2.9.4 - Authenticated Path Traversal Leading to Arbitrary File Download
+  name: Simple Job Board < 2.9.4 -Arbitrary File Retrieval (Authenticated)
  author: cckuailong
  severity: high
  description: The plugin does not validate the sjb_file parameter when viewing a resume, allowing authenticated user with the download_resume capability (such as HR users) to download arbitrary files from the web-server
--- a/cves/2020/CVE-2020-36365.yaml
+++ b/cves/2020/CVE-2020-36365.yaml
@ -1,7 +1,7 @@
 id: CVE-2020-36365
 info:
-  name: Smartstore < 4.1.0 - Open redirect
+  name: Smartstore < 4.1.0 - Open Redirect
  author: 0x_Akoko
  severity: medium
  description: Smartstore (aka SmartStoreNET) before 4.1.0 allows CommonController.ClearCache, ClearDatabaseCache, RestartApplication, and ScheduleTaskController.Edit open redirect.
--- a/cves/2020/CVE-2020-36510.yaml
+++ b/cves/2020/CVE-2020-36510.yaml
@ -5,7 +5,7 @@ info:
  author: veshraj
  severity: medium
  description: |
-    The theme does not sanitise and escape the cbi parameter before outputing it back in the response via the cb_s_a AJAX action, leading to a Reflected Cross-Site Scripting
+    The 15Zine Wordpress theme does not sanitize the cbi parameter before including it in the HTTP response via the cb_s_a AJAX action, leading to a reflected cross-site scripting.
  reference:
    - https://wpscan.com/vulnerability/d1dbc6d7-7488-40c2-bc38-0674ea5b3c95
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36510
--- a/cves/2020/CVE-2020-9054.yaml
+++ b/cves/2020/CVE-2020-9054.yaml
@ -1,10 +1,10 @@
 id: CVE-2020-9054
 info:
-  name: ZyXEL NAS Firmware 5.21- Remote Code Execution
+  name: Zyxel NAS Firmware 5.21- Remote Code Execution
  author: dhiyaneshDk
  severity: critical
-  description: "Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the ZyXEL device. Although the web server does not run as the root user, ZyXEL devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges. By sending a specially-crafted HTTP POST or GET request to a vulnerable ZyXEL device, a remote, unauthenticated attacker may be able to execute arbitrary code on the device. This may happen by directly connecting to a device if it is directly exposed to an attacker.   However, there are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable devices. For example, simply visiting a website can result in the compromise of any ZyXEL device that is reachable from the client system. Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 NAS520 before firmware V5.21(AASZ.3)C0 NAS540 before firmware V5.21(AATB.4)C0 NAS542 before firmware V5.21(ABAG.4)C0 ZyXEL has made firmware updates available for NAS326, NAS520, NAS540, and NAS542 devices. Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2."
+  description: "Multiple Zyxel network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. Zyxel NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the Zyxel device. Although the web server does not run as the root user, Zyyxel devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges. By sending a specially-crafted HTTP POST or GET request to a vulnerable Zyyxel device, a remote, unauthenticated attacker may be able to execute arbitrary code on the device. This may happen by directly connecting to a device if it is directly exposed to an attacker.   However, there are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable devices. For example, simply visiting a website can result in the compromise of any Zyyxel device that is reachable from the client system. Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 NAS520 before firmware V5.21(AASZ.3)C0 NAS540 before firmware V5.21(AATB.4)C0 NAS542 before firmware V5.21(ABAG.4)C0 Zyyxel has made firmware updates available for NAS326, NAS520, NAS540, and NAS542 devices. Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2."
  reference:
    - https://krebsonsecurity.com/2020/02/zyxel-fixes-0day-in-network-storage-devices/
    - https://www.zyxel.com/support/remote-code-execution-vulnerability-of-NAS-products.shtml
--- a/cves/2020/CVE-2020-9490.yaml
+++ b/cves/2020/CVE-2020-9490.yaml
@ -1,11 +1,10 @@
 id: CVE-2020-9490
 info:
-  name: CVE-2020-9490
+  name: Apache HTTP Server 2.4.20-2.4.43 - HTTP/2 Cache-Digest DoS
  author: philippedelteil
  severity: high
-  description: Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource
+  description: Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for unpatched servers.
    afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for unpatched servers.
  reference:
    - https://httpd.apache.org/security/vulnerabilities_24.html
    - https://bugs.chromium.org/p/project-zero/issues/detail?id=2030
--- a/cves/2021/CVE-2021-21816.yaml
+++ b/cves/2021/CVE-2021-21816.yaml
@ -1,10 +1,10 @@
 id: CVE-2021-21816
 info:
-  name: D-LINK DIR-3040 - Syslog Information Disclosure
+  name: D-Link DIR-3040 - Syslog Information Disclosure
  author: gy741
  severity: medium
-  description: An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attacker
+  description: An information disclosure vulnerability exists in the Syslog functionality of D-Link DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attacker
    can send an HTTP request to trigger this vulnerability.
  reference:
    - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1281
--- a/cves/2021/CVE-2021-24997.yaml
+++ b/cves/2021/CVE-2021-24997.yaml
@ -1,10 +1,9 @@
 id: CVE-2021-24997
 info:
-  name: CVE-2021-24997
+  name: Wordpress Guppy <=1.1 - User ID Disclosure
  author: Evan Rubinstein
-  description: Instances of the Guppy Wordpress extension up to 1.1 are vulnerable to an API disclosure vulnerability which allows remote unauthenticated attackrs to obtain all user IDs, and then use that information
+  description: Instances of the Guppy Wordpress extension up to 1.1 are vulnerable to an API disclosure vulnerability which allows remote unauthenticated attackrs to obtain all user IDs, and then use that information to make API requests to either get messages sent between users, or send messages posing as one user to another.
    to make API requests to either get messages sent between users, or send messages posing as one user to another.
  reference:
    - https://www.exploit-db.com/exploits/50540
    - https://patchstack.com/database/vulnerability/wp-guppy/wordpress-wp-guppy-plugin-1-2-sensitive-information-disclosure-vulnerability
--- a/cves/2021/CVE-2021-25118.yaml
+++ b/cves/2021/CVE-2021-25118.yaml
@ -1,7 +1,7 @@
 id: CVE-2021-25118
 info:
-  name: Yoast SEO < 17.3 - Unauthenticated Full Path Disclosure
+  name: Yoast SEO < 17.3 - Path Disclosure
  author: DhiyaneshDK
  severity: medium
  description: The plugin discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities.
--- a/cves/2021/CVE-2021-30151.yaml
+++ b/cves/2021/CVE-2021-30151.yaml
@ -1,7 +1,7 @@
 id: CVE-2021-30151
 info:
-  name: CVE-2021-30151
+  name: Sidekiq 5.1.3 and 6.x-6.2.0 - Cross-Site Scripting
  author: DhiyaneshDk
  severity: medium
  description: Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used.
--- a/cves/2021/CVE-2021-39316.yaml
+++ b/cves/2021/CVE-2021-39316.yaml
@ -1,11 +1,10 @@
 id: CVE-2021-39316
 info:
-  name: DZS Zoomsounds < 6.50 - Unauthenticated Arbitrary File Download
+  name: Wordpress DZS Zoomsounds <= 6.50 - Arbitrary File Retrieval
  author: daffainfo
  severity: high
-  description: The Zoomsounds plugin <= 6.45 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the `dzsap_download` action using directory traversal
+  description: The Zoomsounds plugin <= 6.45 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the `dzsap_download` action using a directory traversal in the `link` parameter.
    in the `link` parameter.
  reference:
    - https://wpscan.com/vulnerability/d2d60cf7-e4d3-42b6-8dfe-7809f87547bd
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39316
--- a/cves/2021/CVE-2021-41293.yaml
+++ b/cves/2021/CVE-2021-41293.yaml
@ -1,7 +1,7 @@
 id: CVE-2021-41293
 info:
-  name: ECOA Building Automation System - Local File Disclosure
+  name: ECOA Building Automation System - Arbitrary File Retrieval
  author: 0x_Akoko
  severity: high
  description: The ECOA BAS controller suffers from an arbitrary file disclosure vulnerability. Using the 'fname' POST parameter in viewlog.jsp, attackers can disclose arbitrary files on the affected device and disclose
--- a/cves/2022/CVE-2022-0540.yaml
+++ b/cves/2022/CVE-2022-0540.yaml
@ -1,7 +1,7 @@
 id: CVE-2022-0540
 info:
-  name: Atlassian Jira - Authentication bypass in Seraph
+  name: Atlassian Jira Seraph- Authentication Bypass
  author: DhiyaneshDK
  severity: critical
  description: |
--- a/cves/2022/CVE-2022-1119.yaml
+++ b/cves/2022/CVE-2022-1119.yaml
@ -1,11 +1,11 @@
 id: CVE-2022-1119
 info:
-  name: WordPress Simple File List < 3.2.8 - Unauthenticated Arbitrary File Download
+  name: WordPress Simple File List < 3.2.8 - Arbitrary File Retrieval
  author: random-robbie
  severity: high
  description: |
-    The plugin is vulnerable to Arbitrary File Download via the eeFile parameter found in the ~/includes/ee-downloader.php file due to missing controls which makes it possible unauthenticated attackers to supply a path to a file that will subsequently be downloaded
+    The Wordpress plugin is vulnerable to arbitrary file retrieval via the eeFile parameter found in the ~/includes/ee-downloader.php file due to missing controls which make it possible for unauthenticated attackers retrieve arbitrary files.
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2022-1119
    - https://wpscan.com/vulnerability/5551038f-64fb-44d8-bea0-d2f00f04877e
--- a/cves/2022/CVE-2022-1221.yaml
+++ b/cves/2022/CVE-2022-1221.yaml
@ -5,10 +5,12 @@ info:
  author: veshraj
  severity: medium
  description: |
-    The plugin does not sanitise and escape some parameters before outputting them back in attributes, leading to a Reflected Cross-Site Scripting.
+    The Gwyn's Imagemap Selector Wordpresss plugin does not sanitize the id and class parameters before returning them back in attributes, leading to a Reflected Cross-Site Scripting.
  reference:
    - https://wpscan.com/vulnerability/641be9f6-2f74-4386-b16e-4b9488f0d2a9
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1221
  classification:
    cve-id: CVE-2022-1221
  metadata:
    verified: true
  tags: xss,wordpress,wp-plugin,wp,cve,cve2022
--- a/exposed-panels/gogs-login.yaml
+++ b/exposed-panels/gogs-login.yaml
@ -1,7 +1,7 @@
 id: gogs-login
 info:
-  name: Sign In - Gogs
+  name: Gogs (Go Git Service) - Sign In Page
  author: dhiyaneshDK
  severity: info
  metadata:
--- a/exposed-panels/zyxel/zyxel-vmg1312b10d-login.yaml
+++ b/exposed-panels/zyxel/zyxel-vmg1312b10d-login.yaml
@ -1,7 +1,7 @@
 id: zyxel-vmg1312b10d-login
 info:
-  name: ZYXEL VMG1312-B10D Login Detect
+  name: Zyxel VMG1312-B10D - Login Detection
  author: princechaddha
  severity: info
  metadata:
--- a/exposed-panels/zyxel/zyxel-vsg1432b101-login.yaml
+++ b/exposed-panels/zyxel/zyxel-vsg1432b101-login.yaml
@ -1,7 +1,7 @@
 id: zyxel-vsg1432b101-login
 info:
-  name: ZYXEL VSG1432-B101 Login Detect
+  name: Zyxel VSG1432-B101 - Login Detection
  author: princechaddha
  severity: info
  metadata:
--- a/exposures/files/gogs-install-exposure.yaml
+++ b/exposures/files/gogs-install-exposure.yaml
@ -1,7 +1,7 @@
 id: gogs-install-exposure
 info:
-  name: Gogs install exposure
+  name: Gogs (Go Git Service) - Install Exposure
  author: dhiyaneshDk
  severity: high
  tags: gogs,exposure
--- a/headless/window-name-domxss.yaml
+++ b/headless/window-name-domxss.yaml
@ -1,7 +1,7 @@
 id: window-name-domxss
 info:
-  name: window.name DOM XSS
+  name: window.name - DOM Cross-Site Scripting
  author: pdteam
  severity: medium
  reference:
--- a/misconfiguration/aem/aem-setpreferences-xss.yaml
+++ b/misconfiguration/aem/aem-setpreferences-xss.yaml
@ -1,7 +1,7 @@
 id: aem-setpreferences-xss
 info:
-  name: AEM setPreferences XSS
+  name: AEM setPreferences - Cross-Site Scripting
  author: zinminphy0,dhiyaneshDK
  severity: medium
  reference:
--- a/misconfiguration/akamai-arl-xss.yaml
+++ b/misconfiguration/akamai-arl-xss.yaml
@ -1,7 +1,7 @@
 id: akamai-arl-xss
 info:
-  name: Open Akamai ARL XSS
+  name: Open Akamai ARL - Cross-Site Scripting
  author: pdteam
  severity: medium
  reference:
--- a/misconfiguration/ampps-dirlisting.yaml
+++ b/misconfiguration/ampps-dirlisting.yaml
@ -1,7 +1,7 @@
 id: ampps-dirlisting
 info:
-  name: AMPPS by Softaculous - Directory Listing Enabled
+  name: AMPPS by Softaculous - Directory Listing
  author: deFr0ggy
  severity: info
  tags: panel,ampps,softaculous,misconfig
--- a/misconfiguration/d-link-arbitary-fileread.yaml
+++ b/misconfiguration/d-link-arbitary-fileread.yaml
@ -1,7 +1,7 @@
 id: dlink-file-read
 info:
-  name: D-Link Arbitrary File Read
+  name: D-Link - Arbitrary File Retrieval
  author: dhiyaneshDK
  severity: high
  reference:
--- a/vulnerabilities/moodle/moodle-filter-jmol-xss.yaml
+++ b/vulnerabilities/moodle/moodle-filter-jmol-xss.yaml
@ -1,7 +1,7 @@
 id: moodle-filter-jmol-xss
 info:
-  name: Moodle filter_jmol - XSS
+  name: Moodle filter_jmol - Cross-Site Scripting
  author: madrobot
  severity: medium
  description: Cross-site scripting on Moodle.
--- a/vulnerabilities/moodle/moodle-xss.yaml
+++ b/vulnerabilities/moodle/moodle-xss.yaml
@ -1,7 +1,7 @@
 id: moodle-xss
 info:
-  name: Moodle redirect_uri Reflected XSS
+  name: Moodle redirect_uri - Cross-Site Scripting
  author: hackergautam
  severity: medium
  description: XSS in moodle via redirect_uri parameter
--- a/vulnerabilities/netsweeper/netsweeper-rxss.yaml
+++ b/vulnerabilities/netsweeper/netsweeper-rxss.yaml
@ -1,7 +1,7 @@
 id: netsweeper-rxss
 info:
-  name: Netsweeper 4.0.9 - Cross Site Scripting Injection
+  name: Netsweeper 4.0.9 - Cross-Site Scripting
  author: daffainfo
  severity: medium
  reference:
--- a/vulnerabilities/oracle/oracle-ebs-xss.yaml
+++ b/vulnerabilities/oracle/oracle-ebs-xss.yaml
@ -1,7 +1,7 @@
 id: oracle-ebs-xss
 info:
-  name: Oracle EBS XSS
+  name: Oracle EBS - Cross-Site Scripting
  author: dhiyaneshDk
  severity: medium
  reference:
--- a/vulnerabilities/other/bems-api-lfi.yaml
+++ b/vulnerabilities/other/bems-api-lfi.yaml
@ -1,10 +1,10 @@
 id: bems-api-lfi
 info:
-  name: Longjing Technology BEMS API 1.21 - Remote Arbitrary File Download
+  name: Longjing Technology BEMS API 1.21 - Arbitrary File Retrieval
  author: gy741
  severity: high
-  description: The application suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks.
+  description: The application suffers from an unauthenticated arbitrary file retrieval vulnerability. Input passed through the fileName parameter through the downloads API endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks.
  reference:
    - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5657.php
  tags: lfi
--- a/vulnerabilities/other/ecsimagingpacs-rce.yaml
+++ b/vulnerabilities/other/ecsimagingpacs-rce.yaml
@ -1,14 +1,16 @@
 id: ecsimagingpacs-rce
 info:
-  name: ECSIMAGING PACS 6.21.5 - Remote code execution
+  name: ECSIMAGING PACS <= 6.21.5 - Command Execution and Local File Inclusion
  author: ritikchaddha
  severity: critical
-  description: ECSIMAGING PACS Application in 6.21.5 and bellow suffers from a OS Injection vulnerability. The parameter `file` on the webpage /showfile.php can be exploited with simple OS injection to gain root access. www-data user has sudo NOPASSWD access
+  description: ECSIMAGING PACS Application 6.21.5 and below suffer from a command injection vulnerability and a local file include vulnerability. The 'file' parameter on the page /showfile.php can be exploited to perform command execution or local file inclusion. Often on ECSIMAGING PACS, the www-data user has sudo NOPASSWD access.
  reference: https://www.exploit-db.com/exploits/49388
  metadata:
    verified: false
  tags: ecsimagingpacs,rce
  classification:
    cwe-id: CWE-78
 requests:
  - method: GET
@ -24,3 +26,5 @@ requests:
      - type: status
        status:
          - 200
 # Enhanced by cs 05/12/2022
--- a/vulnerabilities/other/eyelock-nano-lfd.yaml
+++ b/vulnerabilities/other/eyelock-nano-lfd.yaml
@ -1,10 +1,10 @@
 id: eyelock-nano-lfd
 info:
-  name: EyeLock nano NXT 3.5 - Local File Disclosure
+  name: EyeLock nano NXT 3.5 - Arbitrary File Retrieval
  author: geeknik
  severity: high
-  description: EyeLock nano NXT suffers from a file disclosure vulnerability when input passed through the 'path' parameter to 'logdownload.php' script is not properly verified before being used to read files. This
+  description: EyeLock nano NXT suffers from a file retrieval vulnerability when input passed through the 'path' parameter to 'logdownload.php' script is not properly verified before being used to read files. This
    can be exploited to disclose contents of files from local resources.
  reference:
    - https://www.zeroscience.mk/codes/eyelock_lfd.txt
--- a/vulnerabilities/other/java-melody-xss.yaml
+++ b/vulnerabilities/other/java-melody-xss.yaml
@ -1,7 +1,7 @@
 id: java-melody-xss
 info:
-  name: JavaMelody Monitoring XSS
+  name: JavaMelody Monitoring - Cross-Site Scripting
  author: kailashbohara
  severity: medium
  description: Reflected cross site scripting (XSS) in JavaMelody monitoring.
--- a/vulnerabilities/other/kafdrop-xss.yaml
+++ b/vulnerabilities/other/kafdrop-xss.yaml
@ -1,10 +1,10 @@
 id: kafdrop-xss
 info:
-  name: KafDrop XSS
+  name: KafDrop - Cross-Site Scripting
  author: dhiyaneshDk
  severity: medium
-  description: A vulnerability in KafDrop allows remote unauthenticated attackers to inject arbitrary HTML and/or Javascript into the response returned by the server.
+  description: A vulnerability in KafDrop allows remote unauthenticated attackers to inject arbitrary HTML and/or JavaScript into the response returned by the server.
  reference:
    - https://github.com/HomeAdvisor/Kafdrop/issues/12
  tags: kafdrop,xss
--- a/vulnerabilities/other/kyocera-m2035dn-lfi.yaml
+++ b/vulnerabilities/other/kyocera-m2035dn-lfi.yaml
@ -1,10 +1,10 @@
 id: kyocera-m2035dn-lfi
 info:
-  name: Kyocera Command Center RX ECOSYS M2035dn - Directory Traversal File Disclosure (Unauthenticated)
+  name: Kyocera Command Center RX ECOSYS M2035dn - Arbitrary File Retrieval
  author: 0x_Akoko
  severity: high
-  description: Kyocera Command Center RX ECOSYS M2035dn - Directory Traversal File Disclosure (Unauthenticated)
+  description: Kyocera Command Center RX ECOSYS M2035dn - Unauthenticated arbitrary file retrieval.
  reference:
    - https://www.exploit-db.com/exploits/50738
    - https://www.kyoceradocumentsolutions.com/asia/en/products/business-application/command-center-rx.html
--- a/vulnerabilities/other/microstrategy-ssrf.yaml
+++ b/vulnerabilities/other/microstrategy-ssrf.yaml
@ -1,10 +1,10 @@
 id: microstrategy-ssrf
 info:
-  name: MicroStrategy tinyurl - BSSRF
+  name: MicroStrategy tinyurl - Server-Side Request Forgery (Blind)
  author: organiccrap
  severity: high
-  description: Blind server-side request forgery vulnerability on MicroStrategy URL shortener.
+  description: Blind server-side (SSRF) request forgery vulnerability on MicroStrategy URL shortener.
  reference:
    - https://medium.com/@win3zz/how-i-made-31500-by-submitting-a-bug-to-facebook-d31bb046e204
  tags: microstrategy,ssrf
--- a/vulnerabilities/other/nginx-module-vts-xss.yaml
+++ b/vulnerabilities/other/nginx-module-vts-xss.yaml
@ -1,7 +1,7 @@
 id: nginx-module-vts-xss
 info:
-  name: Nginx virtual host traffic status module XSS
+  name: Nginx Virtual Host Traffic Status Module - Cross-Site Scripting
  author: madrobot
  severity: medium
  tags: nginx,xss,status
--- a/Show More
+++ b/Show More