Merge pull request #10724 from projectdiscovery/missing-cpe-tag

Add missing cpes, vendor and product information

http/cnvd/2020/CNVD-2020-63964.yaml

@@ -8,8 +8,12 @@ info:
     jshERP that can reveal sensitive information including system credentials without credentials.
   reference:
     - https://cn-sec.com/archives/1798444.html
+  classification:
+    cpe: cpe:2.3:a:jishenghua:jsherp:*:*:*:*:*:*:*:*
   metadata:
     max-request: 1
+    vendor: jishenghua
+    product: jsherp
     shodan-query: http.favicon.hash:-1298131932
     fofa-query: jshERP-boot
   tags: cnvd,cnvd2020,jsherp,disclosure
@@ -36,4 +40,5 @@ http:
       - type: status
         status:
           - 200
+
 # digest: 490a00463044022001094e317be5b989e3d7461dd099453f1237356ce28affa5ee58239edd6affa502205957345e5569e5b78bc928736bd415c0445ca550661c57cd1e27f9d66d6520a3:922c64590222798bb761d5b6d8e72950

http/cnvd/2021/CNVD-2021-14536.yaml

@@ -11,9 +11,12 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
     cvss-score: 8.3
     cwe-id: CWE-522
+    cpe: cpe:2.3:h:ruijie:rg-uac:*:*:*:*:*:*:*:*
   metadata:
     max-request: 1
     fofa-query: title="RG-UAC登录页面"
+    product: rg-uac
+    vendor: ruijie
   tags: cnvd2021,cnvd,ruijie,disclosure
 
 http:
@@ -42,4 +45,4 @@ http:
         group: 1
         regex:
           - '"role":"super_admin",(["a-z:,0-9]+),"lastpwdtime":'
-# digest: 490a00463044022046fa27ed559165bee99e3f0591f1ca5ee488637fb236c6b1c81fe49ee2c93865022045c885a0df3ac7a1fbada587a1785a09b40212dc68eeb662117a4e7bccac59d5:922c64590222798bb761d5b6d8e72950
+# digest: 490a00463044022046fa27ed559165bee99e3f0591f1ca5ee488637fb236c6b1c81fe49ee2c93865022045c885a0df3ac7a1fbada587a1785a09b40212dc68eeb662117a4e7bccac59d5:922c64590222798bb761d5b6d8e72950

http/cnvd/2021/CNVD-2021-15822.yaml

@@ -8,9 +8,13 @@ info:
     ShopXO is an open source enterprise-level open source e-commerce system. ShopXO has an arbitrary file reading vulnerability, which can be used by attackers to obtain sensitive information.
   reference:
     - https://mp.weixin.qq.com/s/69cDWCDoVXRhehqaHPgYog
+  classification:
+    cpe: cpe:2.3:a:shopxo:shopxo:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
+    vendor: shopxo
+    product: shopxo
     shodan-query: title:"ShopXO企业级B2C电商系统提供商"
     fofa-query: app="ShopXO企业级B2C电商系统提供商"
   tags: cnvd2021,cnvd,shopxo,lfi
@@ -31,4 +35,5 @@ http:
       - type: status
         status:
           - 200
+
 # digest: 490a0046304402206735e750a62b437583ca1e1cae33666b4c2ce3b8a8310c3d1212a98fcb018a69022066c8a339f06f76b3df20a5c624b054d356f219e1e77661921c541dc2d7ee4dc5:922c64590222798bb761d5b6d8e72950

http/cnvd/2021/CNVD-2021-28277.yaml

@@ -12,9 +12,12 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
     cvss-score: 8.6
     cwe-id: CWE-22
+    cpe: cpe:2.3:a:landray:landray_office_automation:*:*:*:*:*:*:*:*
   metadata:
     max-request: 2
     fofa-query: app="Landray OA system"
+    product: landray_office_automation
+    vendor: landray
   tags: cnvd,cnvd2021,landray,lfi
 
 http:
@@ -47,4 +50,4 @@ http:
       - type: status
         status:
           - 200
-# digest: 4b0a00483046022100b98b4479ab9f48943be02a1d2b3a0cebe9d3d5389705d58d3d7ca1f306dcdebc022100d07fed00db3b41b001193fcbaf37522bdd576917c02364b840beb62c96d46a32:922c64590222798bb761d5b6d8e72950
+# digest: 4b0a00483046022100b98b4479ab9f48943be02a1d2b3a0cebe9d3d5389705d58d3d7ca1f306dcdebc022100d07fed00db3b41b001193fcbaf37522bdd576917c02364b840beb62c96d46a32:922c64590222798bb761d5b6d8e72950

http/cnvd/2021/CNVD-2021-33202.yaml

@@ -9,11 +9,16 @@ info:
   reference:
     - https://github.com/PeiQi0/PeiQi-WIKI-Book/blob/main/docs/wiki/oa/%E6%B3%9B%E5%BE%AEOA/%E6%B3%9B%E5%BE%AEOA%20E-Cology%20LoginSSO.jsp%20SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E%20CNVD-2021-33202.md
     - https://www.cnblogs.com/0day-li/p/14637680.html
+  classification:
+    cpe: cpe:2.3:a:weaver:e-cology:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     fofa-query: app="泛微-协同办公OA"
+    product: e-cology
+    vendor: weaver
   tags: cnvd2021,cnvd,e-cology,sqli
+
 variables:
   num: "999999999"
 
@@ -33,4 +38,4 @@ http:
       - type: status
         status:
           - 200
-# digest: 4a0a0047304502202c3b8ac764f980a41094f1c98193a9080c65ceaff64975f42b69ef53477bb196022100bb0b3e66abdc94f608aefecaf03255af930789468009df696c1eedb8dff2d283:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a0047304502202c3b8ac764f980a41094f1c98193a9080c65ceaff64975f42b69ef53477bb196022100bb0b3e66abdc94f608aefecaf03255af930789468009df696c1eedb8dff2d283:922c64590222798bb761d5b6d8e72950

http/cnvd/2022/CNVD-2022-42853.yaml

@@ -13,11 +13,14 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
     cvss-score: 10
     cwe-id: CWE-89
+    cpe: cpe:2.3:a:easycorp:zentao:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     shodan-query: http.title:"zentao"
     fofa-query: "Zentao"
+    product: zentao
+    vendor: easycorp
   tags: cnvd,cnvd2022,zentao,sqli
 variables:
   num: "999999999"

http/cnvd/2022/CNVD-2022-43245.yaml

@@ -6,9 +6,13 @@ info:
   severity: high
   description: |
     e-office is a standard collaborative mobile office platform. Ltd. e-office has an arbitrary file reading vulnerability, which can be exploited by attackers to obtain sensitive information.
+  classification:
+    cpe: cpe:2.3:a:weaver:e-office:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
+    vendor: weaver
+    product: e-office
     fofa-query: app="泛微-协同办公OA"
   tags: cnvd,cnvd2022,weaver,e-office,oa,lfi
 
@@ -40,4 +44,4 @@ http:
         status:
           - 200
 
-# digest: 490a004630440220409f4c0eb8fc6b1d328944400c499675e5df4db2478f76a4855474ade6b0f01c02201cf7cb9d1eac68921863599f86b3360bf2d1c81bfc642de585a9bb41a2b006ff:922c64590222798bb761d5b6d8e72950
+# digest: 490a004630440220409f4c0eb8fc6b1d328944400c499675e5df4db2478f76a4855474ade6b0f01c02201cf7cb9d1eac68921863599f86b3360bf2d1c81bfc642de585a9bb41a2b006ff:922c64590222798bb761d5b6d8e72950

http/cnvd/2024/CNVD-2024-15077.yaml

@@ -9,9 +9,13 @@ info:
   reference:
     - https://github.com/wy876/POC/blob/main/AJ-Report%E5%BC%80%E6%BA%90%E6%95%B0%E6%8D%AE%E5%A4%A7%E5%B1%8F%E5%AD%98%E5%9C%A8%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E.md
     - https://github.com/vulhub/vulhub/blob/master/aj-report/CNVD-2024-15077/README.md
+  classification:
+    cpe: cpe:2.3:a:anji-plus:aj-report:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
+    vendor: anji-plus
+    product: aj-report
     fofa-query: title="AJ-Report"
   tags: cnvd,cnvd2024,aj-report,rce
 
@@ -42,4 +46,5 @@ http:
       - type: status
         status:
           - 200
+
 # digest: 4a0a00473045022100a0ad6d10ef5ed64fff1a44a4efb42b8c18de347907d77e68fec2a9f796030e8c022003c9c9bcfc6d56d3a3c7988f48874841753487e2ce57d91740ffbe99e3627448:922c64590222798bb761d5b6d8e72950

http/credential-stuffing/self-hosted/grafana-login-check.yaml

@@ -7,10 +7,14 @@ info:
   description: Checks for a valid login on self hosted Grafana instance.
   reference:
     - https://owasp.org/www-community/attacks/Credential_stuffing
+  classification:
+    cpe: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
   metadata:
     max-request: 1
     shodan-query: title:"Grafana"
     fofa-query: title="Grafana"
+    product: grafana
+    vendor: grafana
   tags: self-hosted,creds-stuffing,login-check,grafana
 variables:
   username: "{{username}}"
@@ -51,4 +55,4 @@ http:
       - type: status
         status:
           - 200
-# digest: 4b0a00483046022100a3f034e7179bdf079b1dc2684546e0aed572c531bfde778a670188f30ca5394d022100b2af74dbd182c70308b657aa3c1481e2b815a5c98dc49d5471f66cd4d4ccf527:922c64590222798bb761d5b6d8e72950
+# digest: 4b0a00483046022100a3f034e7179bdf079b1dc2684546e0aed572c531bfde778a670188f30ca5394d022100b2af74dbd182c70308b657aa3c1481e2b815a5c98dc49d5471f66cd4d4ccf527:922c64590222798bb761d5b6d8e72950

http/cves/2021/CVE-2021-27748.yaml

@@ -16,10 +16,13 @@ info:
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27748
   classification:
     cve-id: CVE-2021-27748
+    cpe: cpe:2.3:a:ibm:websphere:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 3
     shodan-query: http.html:"IBM WebSphere Portal"
+    product: websphere
+    vendor: ibm
   tags: cve2021,cve,hcl,ibm,ssrf,websphere
 
 flow: http(1) && http(2)
@@ -52,4 +55,4 @@ http:
         part: body
         words:
           - "Interactsh Server"
-# digest: 490a0046304402206c32c2de4201bdd15007eb3bf05d67820708447ab1c65ca0c81c782de9453dfb02202a678eb5d692039657fdff391b654c0bd3cb6c409e784102e62b31e77792bc22:922c64590222798bb761d5b6d8e72950
+# digest: 490a0046304402206c32c2de4201bdd15007eb3bf05d67820708447ab1c65ca0c81c782de9453dfb02202a678eb5d692039657fdff391b654c0bd3cb6c409e784102e62b31e77792bc22:922c64590222798bb761d5b6d8e72950

http/cves/2022/CVE-2022-29299.yaml

@@ -19,10 +19,13 @@ info:
     cve-id: CVE-2022-29299
     epss-score: 0.00175
     epss-percentile: 0.5456
+    cpe: cpe:2.3:o:contec:solarview_compact_firmware:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     shodan-query: http.favicon.hash:-244067125
+    product: solarview_compact_firmware
+    vendor: contec
   tags: cve2022,cve,xss,solarview,edb
 
 http:
@@ -47,4 +50,4 @@ http:
       - type: status
         status:
           - 200
-# digest: 4a0a0047304502207e67b78e313a0854050364c2e1cfe560e6122b0856e62f96e2084eef42c310af022100e7cf9ab5f3c28655a5ef30b6f0781cd53f721750c1efbe1ded28d9ef3c04ee03:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a0047304502207e67b78e313a0854050364c2e1cfe560e6122b0856e62f96e2084eef42c310af022100e7cf9ab5f3c28655a5ef30b6f0781cd53f721750c1efbe1ded28d9ef3c04ee03:922c64590222798bb761d5b6d8e72950

http/cves/2023/CVE-2023-1434.yaml

@@ -16,10 +16,13 @@ info:
   classification:
     cve-id: CVE-2023-1434
     cwe-id: CWE-79
+    cpe: cpe:2.3:a:odoo:odoo:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     shodan-query: title:"Odoo"
+    product: odoo
+    vendor: odoo
   tags: cve2023,cve,odoo,xss
 
 http:
@@ -45,4 +48,4 @@ http:
       - type: status
         status:
           - 200
-# digest: 4a0a004730450221009f88c973f15e82b4aad7aedc75098b0daca742aa8b6fe3cfb11e203d2306539b022050fd604d6227ce671990eaac0780f3c69d00cd07567190bf96d24b10177fddb3:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a004730450221009f88c973f15e82b4aad7aedc75098b0daca742aa8b6fe3cfb11e203d2306539b022050fd604d6227ce671990eaac0780f3c69d00cd07567190bf96d24b10177fddb3:922c64590222798bb761d5b6d8e72950

http/cves/2023/CVE-2023-24367.yaml

@@ -21,10 +21,13 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2023-24367
     cwe-id: CWE-79
+    cpe: cpe:2.3:a:temenos:t24:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     shodan-query: title:"T24 Sign in"
+    product: t24
+    vendor: temenos
   tags: cve,cve2023,xss,temenos
 
 http:
@@ -44,4 +47,4 @@ http:
       - type: status
         status:
           - 200
-# digest: 490a00463044022033b69b2049b77b79bff8923e0b2836cfb3bc43936f97dafe967844b6ed0b1e8202207725979487954c483e54d3ffe8efa55af50f0cab8fb65c02236cd81e27325c6e:922c64590222798bb761d5b6d8e72950
+# digest: 490a00463044022033b69b2049b77b79bff8923e0b2836cfb3bc43936f97dafe967844b6ed0b1e8202207725979487954c483e54d3ffe8efa55af50f0cab8fb65c02236cd81e27325c6e:922c64590222798bb761d5b6d8e72950

http/cves/2023/CVE-2023-32117.yaml

@@ -16,10 +16,13 @@ info:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
     cvss-score: 7.3
     cve-id: CVE-2023-32117
+    cpe: cpe:2.3:a:softlabbd:integrate_google_drive:*:*:*:*:wordpress:*:*:*
   metadata:
     verified: true
     max-request: 1
     publicwww-query: "/wp-content/plugins/integrate-google-drive/"
+    product: integrate_google_drive
+    vendor: softlabbd
   tags: cve,cve2023,wordpress,wpscan,wp-plugin,wp,integrate-google-drive
 
 http:
@@ -46,4 +49,4 @@ http:
       - type: status
         status:
           - 200
-# digest: 490a004630440220720cc9500eac10bd738c6689a1daa0de0eb4dc2a5c2f69d6dc28a5295eaf444302202d0f5786f6935f70b2633f6c4e75192c4ca7f04afc7ec34d4835dced5c34fbfe:922c64590222798bb761d5b6d8e72950
+# digest: 490a004630440220720cc9500eac10bd738c6689a1daa0de0eb4dc2a5c2f69d6dc28a5295eaf444302202d0f5786f6935f70b2633f6c4e75192c4ca7f04afc7ec34d4835dced5c34fbfe:922c64590222798bb761d5b6d8e72950

http/cves/2023/CVE-2023-34020.yaml

@@ -17,10 +17,13 @@ info:
     cwe-id: CWE-601
     epss-score: 0.00076
     epss-percentile: 0.32361
+    cpe: cpe:2.3:a:uncannyowl:uncanny_toolkit_for_learndash:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     publicwww-query: "/wp-content/plugins/uncanny-learndash-toolkit/"
+    product: uncanny_toolkit_for_learndash
+    vendor: uncannyowl
   tags: cve2023,cve,wordpress,uncanny-learndash-toolkit,wpscan,redirect
 
 http:
@@ -33,4 +36,4 @@ http:
         part: header
         regex:
           - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$'
-# digest: 4a0a0047304502201c291b8c777b1f2832181c0b177acec46e3a1864d8cda77bb5d56b7aabd0cf5d022100bb38f50f255d8d3fcea6bbe1d7bc2367500fee3c65ea13c990bc0c970a2f4934:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a0047304502201c291b8c777b1f2832181c0b177acec46e3a1864d8cda77bb5d56b7aabd0cf5d022100bb38f50f255d8d3fcea6bbe1d7bc2367500fee3c65ea13c990bc0c970a2f4934:922c64590222798bb761d5b6d8e72950

http/cves/2023/CVE-2023-42344.yaml

@@ -10,9 +10,13 @@ info:
   reference:
     - https://blog.qualys.com/product-tech/2023/12/08/opencms-unauthenticated-xxe-vulnerability-cve-2023-42344
     - https://labs.watchtowr.com/xxe-you-can-depend-on-me-opencms/
+  classification:
+    cpe: cpe:2.3:a:alkacon:opencms:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 2
+    vendor: alkacon
+    product: opencms
     fofa-query: "OpenCms-9.5.3"
   tags: cve,cve2023,xxe,opencms
 
@@ -21,13 +25,15 @@ http:
     path:
       - "{{BaseURL}}/opencms/cmisatom/cmis-online/query"
       - "{{BaseURL}}/cmisatom/cmis-online/query"
+
     headers:
       Content-Type: "application/xml;charset=UTF-8"
       Referer: "{{RootURL}}"
+
     body: |
       <?xml version='1.0' encoding='UTF-8'?><!DOCTYPE root [<!ENTITY test SYSTEM 'file:///etc/passwd'>]><cmis:query xmlns:cmis="<http://docs.oasis-open.org/ns/cmis/core/200908/>"><cmis:statement>&test;</cmis:statement><cmis:searchAllVersions>false</cmis:searchAllVersions><cmis:includeAllowableActions>false</cmis:includeAllowableActions><cmis:includeRelationships>none</cmis:includeRelationships><cmis:renditionFilter>cmis:none</cmis:renditionFilter><cmis:maxItems>100</cmis:maxItems><cmis:skipCount>0</cmis:skipCount></cmis:query>
-
     stop-at-first-match: true
+
     matchers-condition: and
     matchers:
       - type: regex
@@ -36,4 +42,5 @@ http:
           - "root:.*:0:0:"
           - "invalidArgument"
         condition: and
+
 # digest: 4b0a00483046022100f7dbfd49302b6ff73e5301cdb82e1fea60540cdbacb1e9a04069885d75bbc145022100c7ec2bc827d6116bdc018f12ea636664f6d8688600854967a7d4cc2734c100d4:922c64590222798bb761d5b6d8e72950

http/cves/2023/CVE-2023-47115.yaml

@@ -21,10 +21,13 @@ info:
     cvss-score: 7.1
     cve-id: CVE-2023-47115
     cwe-id: CWE-79
+    cpe: cpe:2.3:a:humansignal:label_studio:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 6
     shodan-query: http.favicon.hash:-1649949475
+    product: label_studio
+    vendor: humansignal
   tags: cve,cve2023,xss,authenticated,intrusive,label-studio
 
 http:
@@ -93,4 +96,4 @@ http:
           - "contains(header, 'text/html')"
           - 'contains(body, "<script>alert(document.domain)</script>")'
         condition: and
-# digest: 4a0a00473045022100aa945f4d7cfc24ccc7b7a8f60b7f6330657b9143527d8c1a0d1c30afb5798fd80220611e10519bf2fd4257bf6911993b35e94fcacb89b616f16f50b98606dda06dac:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a00473045022100aa945f4d7cfc24ccc7b7a8f60b7f6330657b9143527d8c1a0d1c30afb5798fd80220611e10519bf2fd4257bf6911993b35e94fcacb89b616f16f50b98606dda06dac:922c64590222798bb761d5b6d8e72950

http/cves/2023/CVE-2023-47218.yaml

@@ -19,10 +19,13 @@ info:
     cwe-id: CWE-77
     epss-score: 0.00305
     epss-percentile: 0.69699
+    cpe: cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 2
     shodan-query: ssl.cert.issuer.cn:"QNAP NAS",title:"QNAP Turbo NAS"
+    product: qts
+    vendor: qnap
   tags: cve,cve2023,qnap,qts,quts,rce,intrusive
 variables:
   file: '{{rand_base(6)}}'
@@ -53,4 +56,4 @@ http:
           - 'contains_all(body_2, "uid=", "gid=")'
           - 'status_code == 200'
         condition: and
-# digest: 4b0a00483046022100ec7d20f744003a1c2ed7444be98278cc629581cb5099e4b67f6e133003420223022100d3c72e77322b2b66a8cbdbb608afe345f84e1fb986d6f09ec3be65cb6654952c:922c64590222798bb761d5b6d8e72950
+# digest: 4b0a00483046022100ec7d20f744003a1c2ed7444be98278cc629581cb5099e4b67f6e133003420223022100d3c72e77322b2b66a8cbdbb608afe345f84e1fb986d6f09ec3be65cb6654952c:922c64590222798bb761d5b6d8e72950

http/cves/2023/CVE-2023-48777.yaml

@@ -17,11 +17,14 @@ info:
     cwe-id: CWE-434
     epss-score: 0.00054
     epss-percentile: 0.21518
+    cpe: cpe:2.3:a:elementor:website_builder:*:*:*:*:wordpress:*:*:*
   metadata:
     verified: true
     max-request: 4
     framework: wordpress
     publicwww-query: "/wp-content/plugins/elementor/"
+    product: website_builder
+    vendor: elementor
   tags: cve,cve2023,elementor,file-upload,intrusive,rce,wpscan,wordpress,wp-plugin,authenticated
 variables:
   filename: "{{rand_base(6)}}"
@@ -66,4 +69,4 @@ http:
         group: 1
         regex:
           - 'admin\\\/admin\-ajax\.php","nonce":"([0-9a-z]+)"'
-# digest: 4b0a004830460221008bf58aa24ddd3c56ea97495962a5596e8fb115ff791e778f798822b880762953022100e12cc588c2b1eb10312f7c33f124907aaea0088092f98148f02bb2622e8bd232:922c64590222798bb761d5b6d8e72950
+# digest: 4b0a004830460221008bf58aa24ddd3c56ea97495962a5596e8fb115ff791e778f798822b880762953022100e12cc588c2b1eb10312f7c33f124907aaea0088092f98148f02bb2622e8bd232:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-1071.yaml

@@ -20,6 +20,7 @@ info:
     cwe-id: CWE-89
     epss-score: 0.00063
     epss-percentile: 0.26569
+    cpe: cpe:2.3:a:ultimatemember:ultimate_member:*:*:*:*:wordpress:*:*:*
   metadata:
     verified: true
     max-request: 2
@@ -27,6 +28,8 @@ info:
     fofa-query: body="/wp-content/plugins/ultimate-member"
     publicwww-query: "/wp-content/plugins/ultimate-member/"
     zoomeye-query: app:"WordPress Ultimate Member Plugin"
+    product: ultimate_member
+    vendor: ultimatemember
   tags: cve,cve2024,ultimate-member,wpscan,wordpress,wp-plugin,sqli
 
 http:
@@ -61,4 +64,4 @@ http:
         regex:
           - '"nonce":"([0-9a-z]+)"'
         internal: true
-# digest: 490a0046304402204dce0d46e23a96c4332c7141fb7eebb00ac6384853aaf8343276fe89d847988a022015a2c24b11feaf9425e5dd850e00a5ccff4ee8901419f9226029090d885ac9b9:922c64590222798bb761d5b6d8e72950
+# digest: 490a0046304402204dce0d46e23a96c4332c7141fb7eebb00ac6384853aaf8343276fe89d847988a022015a2c24b11feaf9425e5dd850e00a5ccff4ee8901419f9226029090d885ac9b9:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-1183.yaml

@@ -16,10 +16,13 @@ info:
     cwe-id: CWE-601
     epss-score: 0.00076
     epss-percentile: 0.32361
+    cpe: cpe:2.3:a:gradio_project:gradio:*:*:*:*:python:*:*:*
   metadata:
     verified: true
     max-request: 1
     shodan-query: html:"__gradio_mode__"
+    product: gradio
+    vendor: gradio_project
   tags: cve,cve2024,ssrf,oast,gradio
 
 http:
@@ -33,4 +36,4 @@ http:
         regex:
           - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)oast\.pro.*$'
         part: header
-# digest: 4b0a004830460221008f8114233dc93d6f7f8756ef02b1f03954696a215009b10c4052a06421fe4250022100e565921ef3de19b35c2af7550b0d98f911333848805b11ad398ff151d6e4ce17:922c64590222798bb761d5b6d8e72950
+# digest: 4b0a004830460221008f8114233dc93d6f7f8756ef02b1f03954696a215009b10c4052a06421fe4250022100e565921ef3de19b35c2af7550b0d98f911333848805b11ad398ff151d6e4ce17:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-1380.yaml

@@ -17,10 +17,13 @@ info:
     cve-id: CVE-2024-1380
     epss-score: 0.00043
     epss-percentile: 0.0866
+    cpe: cpe:2.3:a:relevanssi:relevanssi:*:*:*:*:wordpress:*:*:*
   metadata:
     verified: true
     max-request: 1
     fofa-query: "/wp-content/plugins/relevanssi/"
+    product: relevanssi
+    vendor: relevanssi
   tags: cve,cve2024,wp,wordpress,wp-plugin,relevanssi,exposure
 
 http:
@@ -39,4 +42,4 @@ http:
           - 'contains_all(header, "filename=relevanssi_log.csv", "application/download")'
           - 'contains_all(body, "user_id", "session_id")'
         condition: and
-# digest: 4a0a00473045022100fdca94211d49feac7affb79d5d4723404f97a0eec77a19696bfa855f008e7dd1022072ff0b48f53ad24ed15f081f510ce1875c489798ee413e581239d13760f79e45:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a00473045022100fdca94211d49feac7affb79d5d4723404f97a0eec77a19696bfa855f008e7dd1022072ff0b48f53ad24ed15f081f510ce1875c489798ee413e581239d13760f79e45:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-1561.yaml

@@ -24,10 +24,13 @@ info:
     cwe-id: CWE-29
     epss-score: 0.00087
     epss-percentile: 0.36659
+    cpe: cpe:2.3:a:gradio_project:gradio:*:*:*:*:python:*:*:*
   metadata:
     verified: true
     max-request: 2
     shodan-query: html:"__gradio_mode__"
+    product: gradio
+    vendor: gradio_project
   tags: cve,cve2024,intrusive,unauth,gradio,lfi,lfr
 
 http:
@@ -75,4 +78,4 @@ http:
       - type: status
         status:
           - 200
-# digest: 4b0a00483046022100d26a144630e68bc8d64abcccd82c53e14154407cbcf7058289120c90ce084843022100ad2abb54f6a71476ef38fc22bad77ecafebbd737a9c4e6ee6393d9b248ac30cb:922c64590222798bb761d5b6d8e72950
+# digest: 4b0a00483046022100d26a144630e68bc8d64abcccd82c53e14154407cbcf7058289120c90ce084843022100ad2abb54f6a71476ef38fc22bad77ecafebbd737a9c4e6ee6393d9b248ac30cb:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-1698.yaml

@@ -18,10 +18,13 @@ info:
     cve-id: CVE-2024-1698
     epss-score: 0.00045
     epss-percentile: 0.12615
+    cpe: cpe:2.3:a:wpdeveloper:notificationx:*:*:*:*:wordpress:*:*:*
   metadata:
     verified: true
     max-request: 1
     fofa-query: body="/wp-content/plugins/notificationx"
+    product: notificationx
+    vendor: wpdeveloper
   tags: cve,cve2024,wpscan,wordpress,wp-plugin,notificationx,sqli
 
 http:
@@ -42,4 +45,4 @@ http:
           - 'contains(body, "{\"success\":true}")'
           - 'contains(header, "application/json")'
         condition: and
-# digest: 4b0a00483046022100c540c6618eec71e1ca2bfe0390511862cb1406910ae47308d1ac8e5ed4ac970d022100a17afc37ddb9e3def3f0dded90b0c6c2568bf12a2dc434ac2df90c467935de4f:922c64590222798bb761d5b6d8e72950
+# digest: 4b0a00483046022100c540c6618eec71e1ca2bfe0390511862cb1406910ae47308d1ac8e5ed4ac970d022100a17afc37ddb9e3def3f0dded90b0c6c2568bf12a2dc434ac2df90c467935de4f:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-20767.yaml

@@ -19,10 +19,13 @@ info:
     cwe-id: CWE-284
     epss-score: 0.08221
     epss-percentile: 0.94345
+    cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 2
     shodan-query: http.component:"Adobe ColdFusion"
+    product: coldfusion
+    vendor: adobe
   tags: cve,cve2024,adobe,coldfusion,lfr
 
 http:
@@ -53,4 +56,4 @@ http:
         regex:
           - "<var name='uuid'><string>(.*)</string>"
         internal: true
-# digest: 4a0a004730450220203c669fae6e243c8b45e754f6caba7ed4706fef525376c00d09efea9698b787022100ada2f1608d93dcf71799ce34f986e34f83dcd70a2d7ffa05f89dbec7fd0f7b0f:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a004730450220203c669fae6e243c8b45e754f6caba7ed4706fef525376c00d09efea9698b787022100ada2f1608d93dcf71799ce34f986e34f83dcd70a2d7ffa05f89dbec7fd0f7b0f:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-21683.yaml

@@ -19,10 +19,13 @@ info:
     cwe-id: CWE-78
     epss-score: 0.00043
     epss-percentile: 0.0866
+    cpe: cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 3
     fofa-query: "app=\"ATLASSIAN-Confluence\""
+    product: confluence_data_center
+    vendor: atlassian
   tags: cve,cve2024,atlassian,confluence,rce,authenticated,intrusive
 variables:
   username: "{{username}}"
@@ -69,4 +72,4 @@ http:
           - contains(interactsh_protocol, 'dns')
           - contains(body_3, "confluence")
         condition: and
-# digest: 4b0a00483046022100c28962a7e265cc6de6b2f4ff178c62e7cf092b4f48154a8007dbd880ce7ebb64022100c14be3544d81d99ae0f2196c504637e743b2148ad6f655ef7c311cbb8f7419a5:922c64590222798bb761d5b6d8e72950
+# digest: 4b0a00483046022100c28962a7e265cc6de6b2f4ff178c62e7cf092b4f48154a8007dbd880ce7ebb64022100c14be3544d81d99ae0f2196c504637e743b2148ad6f655ef7c311cbb8f7419a5:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-23163.yaml

@@ -16,12 +16,14 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2024-23163
     cwe-id: CWE-287
+    cpe: cpe:2.3:a:gestsup:gestsup:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     vendor: gestsup
     fofa-query: title="GestSup"
     shodan-query: http.favicon.hash:-283003760
+    product: gestsup
   tags: cve,cve2024,account-takeover,gestsup
 
 variables:
@@ -58,4 +60,4 @@ http:
         dsl:
           - '"Firstname: "+ firstname'
           - '"Lastname: "+ lastname'
-# digest: 490a0046304402205e651225d6d683e62d175bbb93774c7608f54620faf0ea3301776bbb76b043790220374db3481988b620d8025f3cf128c9f5bceb7e3d304460bd868c53518df3f050:922c64590222798bb761d5b6d8e72950
+# digest: 490a0046304402205e651225d6d683e62d175bbb93774c7608f54620faf0ea3301776bbb76b043790220374db3481988b620d8025f3cf128c9f5bceb7e3d304460bd868c53518df3f050:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-24809.yaml

@@ -17,10 +17,13 @@ info:
     cwe-id: CWE-27
     epss-score: 0.00043
     epss-percentile: 0.09551
+    cpe: cpe:2.3:a:traccar:traccar:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     shodan-query: html:"Traccar"
+    product: traccar
+    vendor: traccar
   tags: cve,cve2024,traccar,rce,intrusive,file-upload
 
 variables:
@@ -158,4 +161,4 @@ http:
       - type: dsl
         dsl:
           - status_code == 200
-# digest: 4a0a004730450221009ea2576a2d60c30f0a45644e909ded239208a5bcc14d8de34343b264c0f1fee3022038cb35e1781ab439d0da65360a05b976673d71905790779eccab1077d3e0b6c3:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a004730450221009ea2576a2d60c30f0a45644e909ded239208a5bcc14d8de34343b264c0f1fee3022038cb35e1781ab439d0da65360a05b976673d71905790779eccab1077d3e0b6c3:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-27199.yaml

@@ -13,10 +13,13 @@ info:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
     cvss-score: 7.3
     cwe-id: CWE-23
+    cpe: cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 3
     shodan-query: http.component:"TeamCity"
+    product: teamcity
+    vendor: jetbrains
   tags: cve,cve2024,teamcity,jetbrains,auth-bypass
 
 http:
@@ -34,4 +37,4 @@ http:
           - 'contains(header, "text/html")'
           - 'contains_all(body, "Debug Logging", "CPU & Memory Usage")'
         condition: and
-# digest: 490a0046304402207d46ec6991f8498ff8c74ec6ebfe0f59f19210620cab88c23c7761c7701b640102201246e4baea4f5b436b45be21c4f66bbe35e8a5f3769b78de38ee94253f331fa7:922c64590222798bb761d5b6d8e72950
+# digest: 490a0046304402207d46ec6991f8498ff8c74ec6ebfe0f59f19210620cab88c23c7761c7701b640102201246e4baea4f5b436b45be21c4f66bbe35e8a5f3769b78de38ee94253f331fa7:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-27564.yaml

@@ -9,9 +9,13 @@ info:
   reference:
     - https://github.com/dirk1983/chatgpt/issues/114
     - https://nvd.nist.gov/vuln/detail/CVE-2024-27564
+  classification:
+    cpe: cpe:2.3:a:chanzhaoyu:chatgpt_web:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 2
+    vendor: chanzhaoyu
+    product: chatgpt_web
     fofa-query: "title=\"ChatGPT个人专用版\""
   tags: cve,cve2024,chatgpt,ssrf,oast,oos,lfi
 
@@ -38,4 +42,5 @@ http:
           - contains(header, "image/jpeg")
           - status_code == 200
         condition: and
+
 # digest: 490a0046304402205ae8c7b8e367577b1052683aa4b48d038bc2308c7299d24c0f6530b33b0ac9af022058dcc4c45ed777943b6e87ac9605afbd095f2bad41f6963d208ad6f85e702375:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-29269.yaml

@@ -18,9 +18,12 @@ info:
     cve-id: CVE-2024-29269
     epss-score: 0.00054
     epss-percentile: 0.21518
+    cpe: cpe:2.3:h:telesquare:tlr-2005ksh:*:*:*:*:*:*:*:*
   metadata:
     max-request: 1
     shodan-query: title:"Login to TLR-2005KSH"
+    product: tlr-2005ksh
+    vendor: telesquare
   tags: cve,cve2024,telesquare,tlr,rce
 
 http:
@@ -48,4 +51,4 @@ http:
       - type: status
         status:
           - 200
-# digest: 4a0a004730450221008b5117d474664154b7b9b2b8f2c14284599c81fcbe172df27d9793b3b4a8d65602206c4b5689c81e4a2e53e1e5917aa6e6dd97595c1d5a8c1313772ee7aea8d2473d:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a004730450221008b5117d474664154b7b9b2b8f2c14284599c81fcbe172df27d9793b3b4a8d65602206c4b5689c81e4a2e53e1e5917aa6e6dd97595c1d5a8c1313772ee7aea8d2473d:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-29868.yaml

@@ -18,10 +18,13 @@ info:
   classification:
     cve-id: CVE-2024-29868
     cwe-id: CWE-338
+    cpe: cpe:2.3:a:apache:streampipes:*:*:*:*:*:*:*:*
   metadata:
     max-request: 2
     shodan-query: http.title:"apache streampipes"
     fofa-query: title="apache streampipes"
+    product: streampipes
+    vendor: apache
   tags: cve,cve2024,apache,streampipes,account-takeover
 
 flow: http(1) && http(2)
@@ -63,4 +66,4 @@ http:
           - 'contains(settings, true)'
           - "compare_versions(version, '>= 0.69.0') && compare_versions(version, '<= 0.93.0')"
         condition: and
-# digest: 4a0a00473045022069750485c9d5e0f84f79ab49d9fa0e4a4f8c28e1d224257f2259524911fe7426022100cabd7a2903691f609ccd758c7bfe7273a823f2af6d0543cc8a2c68c3c477da5a:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a00473045022069750485c9d5e0f84f79ab49d9fa0e4a4f8c28e1d224257f2259524911fe7426022100cabd7a2903691f609ccd758c7bfe7273a823f2af6d0543cc8a2c68c3c477da5a:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-3136.yaml

@@ -21,10 +21,13 @@ info:
     cve-id: CVE-2024-3136
     epss-score: 0.00065
     epss-percentile: 0.28259
+    cpe: cpe:2.3:a:stylemixthemes:masterstudy_lms:*:*:*:*:wordpress:*:*:*
   metadata:
     verified: true
     max-request: 2
     publicwww-query: "/wp-content/plugins/masterstudy-lms-learning-management-system"
+    product: masterstudy_lms
+    vendor: stylemixthemes
   tags: cve,cve2024,wp,wordpress,unauth,lfi
 variables:
   randomstr: "{{randstr_1}}"
@@ -59,4 +62,4 @@ http:
         group: 1
         internal: true
         name: nonce
-# digest: 4a0a0047304502202b763dd72807cc252360a0934574e10db71e534d2dcb99664ef0d64f8e8a248002210097d5a1eaeb56e1c3c6b1f836e5c15a210596a30c9af148de0c5ee5b15b9e927f:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a0047304502202b763dd72807cc252360a0934574e10db71e534d2dcb99664ef0d64f8e8a248002210097d5a1eaeb56e1c3c6b1f836e5c15a210596a30c9af148de0c5ee5b15b9e927f:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-31850.yaml

@@ -17,10 +17,13 @@ info:
     cwe-id: CWE-22
     epss-score: 0.00053
     epss-percentile: 0.21091
+    cpe: cpe:2.3:a:cdata:arc:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 2
     shodan-query: "title:\"CData Arc\""
+    product: arc
+    vendor: cdata
   tags: cve,cve2024,cdata,lfi
 flow: http(1) && http(2)
 
@@ -59,4 +62,4 @@ http:
       - type: status
         status:
           - 200
-# digest: 4a0a004730450221008bbf300b0ea549282dc1258f3c481521e094057630ded471600235926cfb8aad022043e0add2cc98eeefeaed68b619c6ec62bd46e6d640ae65e66f49a5431c5fde93:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a004730450221008bbf300b0ea549282dc1258f3c481521e094057630ded471600235926cfb8aad022043e0add2cc98eeefeaed68b619c6ec62bd46e6d640ae65e66f49a5431c5fde93:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-32113.yaml

@@ -19,10 +19,13 @@ info:
     cve-id: CVE-2024-32113
     epss-score: 0.00115
     epss-percentile: 0.45112
+    cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     fofa-query: app="Apache_OFBiz"
+    product: ofbiz
+    vendor: apache
   tags: cve,cve2024,apache,obiz,rce
 
 http:
@@ -46,4 +49,4 @@ http:
       - type: status
         status:
           - 200
-# digest: 4b0a00483046022100b88041381f7eeda038aa86589d4e8abaa41ddf477aafea6cd9271bdafa02ebb6022100dfb966a119b54853c7b4d4ea44205600d7bf2227910f32cd964a08a2cf91571d:922c64590222798bb761d5b6d8e72950
+# digest: 4b0a00483046022100b88041381f7eeda038aa86589d4e8abaa41ddf477aafea6cd9271bdafa02ebb6022100dfb966a119b54853c7b4d4ea44205600d7bf2227910f32cd964a08a2cf91571d:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-32399.yaml

@@ -15,10 +15,13 @@ info:
   classification:
     epss-score: 0.00053
     epss-percentile: 0.21091
+    cpe: cpe:2.3:a:raidenmaild:raidenmaild:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     shodan-query: html:"RaidenMAILD"
+    product: raidenmaild
+    vendor: raidenmaild
   tags: cve,cve2024,lfi,raiden,mail,server
 
 http:
@@ -33,4 +36,4 @@ http:
           - 'contains(header, "application/octet-stream")'
           - 'status_code == 200'
         condition: and
-# digest: 4b0a00483046022100a4e4fec406f9745a3ec5ab8ef88a44a13b351b1b3c8a4148416cf83776e7632c022100a63559fdc8153e058c817e01043c453e8af311de120d56c15030608f4b5c5598:922c64590222798bb761d5b6d8e72950
+# digest: 4b0a00483046022100a4e4fec406f9745a3ec5ab8ef88a44a13b351b1b3c8a4148416cf83776e7632c022100a63559fdc8153e058c817e01043c453e8af311de120d56c15030608f4b5c5598:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-32709.yaml

@@ -18,10 +18,13 @@ info:
     cwe-id: CWE-89
     epss-score: 0.00043
     epss-percentile: 0.0866
+    cpe: cpe:2.3:a:plechevandrey:wp-recall:*:*:*:*:wordpress:*:*:*
   metadata:
     verified: true
     max-request: 1
     publicwww-query: "/wp-content/plugins/wp-recall/"
+    product: wp-recall
+    vendor: plechevandrey
   tags: cve,cve2024,wp-plugin,wp-recall,wordpress,wp,sqli
 
 variables:
@@ -43,4 +46,4 @@ http:
       - type: status
         status:
           - 200
-# digest: 490a004630440220133ca9cf2f1029c377a0637602b2f99279abe7bbcad1da1f3e66733f6563d26e02207da0cf317afc9c589b8a2c4e7551e7613d75b026f1d89f2fd06642435a38b96f:922c64590222798bb761d5b6d8e72950
+# digest: 490a004630440220133ca9cf2f1029c377a0637602b2f99279abe7bbcad1da1f3e66733f6563d26e02207da0cf317afc9c589b8a2c4e7551e7613d75b026f1d89f2fd06642435a38b96f:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-3274.yaml

@@ -17,10 +17,13 @@ info:
     cwe-id: CWE-200
     epss-score: 0.00045
     epss-percentile: 0.15047
+    cpe: cpe:2.3:h:dlink:dns-320l:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     fofa-query: body="Text:In order to access the ShareCenter"
+    product: dns-320l
+    vendor: dlink
   tags: cve,cve2024,dlink,exposure
 
 http:
@@ -35,4 +38,4 @@ http:
           - 'contains_all(body, "Model=", "Build=", "Macaddr=")'
           - 'status_code == 200'
         condition: and
-# digest: 490a004630440220637a70951ffd4c3d81671b37a51e678c922a409e791bdbb538ad6cce7bb84fad0220303256e098c2a99c41e54b1518da46ac7d1910401c97102c6afaa5f2490973d9:922c64590222798bb761d5b6d8e72950
+# digest: 490a004630440220637a70951ffd4c3d81671b37a51e678c922a409e791bdbb538ad6cce7bb84fad0220303256e098c2a99c41e54b1518da46ac7d1910401c97102c6afaa5f2490973d9:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-33113.yaml

@@ -12,10 +12,13 @@ info:
   classification:
     epss-score: 0.00043
     epss-percentile: 0.0866
+    cpe: cpe:2.3:h:dlink:dir-845l:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     shodan-query: "DIR-845L"
+    product: dir-845l
+    vendor: dlink
   tags: cve,cve2024,dlink,info-leak
 
 http:
@@ -35,4 +38,4 @@ http:
       - type: status
         status:
           - 200
-# digest: 4b0a00483046022100ec87c2ac5ca4f20e03f4124ceff0813f7c2781c40386a2e175833a94317fecfc0221008e60c37e890f1d57fc8e3ecaf060276b1800e9eefe727ed8c6713f027166613d:922c64590222798bb761d5b6d8e72950
+# digest: 4b0a00483046022100ec87c2ac5ca4f20e03f4124ceff0813f7c2781c40386a2e175833a94317fecfc0221008e60c37e890f1d57fc8e3ecaf060276b1800e9eefe727ed8c6713f027166613d:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-33288.yaml

@@ -9,9 +9,13 @@ info:
   reference:
     - https://en.0day.today/exploit/39610
     - https://www.sourcecodester.com/sql/17287/prison-management-system.html
+  classification:
+    cpe: cpe:2.3:a:prison_management_system_project:prison_management_system:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 2
+    vendor: prison_management_system_project
+    product: prison_management_system
     shodan-query: title:"Prison Management System"
   tags: cve,cve2024,cms,sqli
 
@@ -23,7 +27,6 @@ http:
         Content-Type: application/x-www-form-urlencoded
 
         txtusername=admin%27+or+%271%27+%3D%271&txtpassword={{randstr}}&btnlogin=
-
       - |
         GET /Admin/index.php HTTP/1.1
         Host: {{Hostname}}
@@ -40,4 +43,5 @@ http:
       - type: status
         status:
           - 200
+
 # digest: 4b0a00483046022100859ec311a5b87c8613179df918539075c5fd10a9d17a0273f0970d74ab5ea0e90221008c39c278e0ce4d1b08af7daa3356e7901998adf7c17a2919323d4a935efff082:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-33605.yaml

@@ -17,10 +17,13 @@ info:
     cvss-score: 7.5
     cve-id: CVE-2024-33605
     cwe-id: CWE-22
+    cpe: cpe:2.3:o:sharp:mx-3550v_firmware:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     shodan-query: "Set-Cookie: MFPSESSIONID="
+    product: mx-3550v_firmware
+    vendor: sharp
   tags: cve,cve2024,sharp,printer,traversal
 
 http:
@@ -45,4 +48,4 @@ http:
       - type: status
         status:
           - 200
-# digest: 4a0a00473045022100c5b2cbe816dd280d1fd71f4b2e8e9daa71993e7412bbc86d52ca19d19223684202202d01ae415d5fd8c3758945e17036e3d319cb90bac3eccf633c9f337e91b77272:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a00473045022100c5b2cbe816dd280d1fd71f4b2e8e9daa71993e7412bbc86d52ca19d19223684202202d01ae415d5fd8c3758945e17036e3d319cb90bac3eccf633c9f337e91b77272:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-34102.yaml

@@ -14,10 +14,13 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2024-34102
     cwe-id: CWE-611
+    cpe: cpe:2.3:a:adobe:magento:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     fofa-query: app="Adobe-Magento"
+    product: magento
+    vendor: adobe
   tags: cve,cve2024,adobe,magento,xxe
 
 http:
@@ -37,4 +40,4 @@ http:
           - 'contains_any(body, "log file", "cartId", "no Route")'
           - 'contains(body, "message")'
         condition: and
-# digest: 490a00463044022035eed0094dc5d29ccf8a1f92e54752fe27ed32cfb86432cf5fcfe0d49475e64702205f85521b014b47759d272853294a0865ed415e31e84c52f04f30236409676efe:922c64590222798bb761d5b6d8e72950
+# digest: 490a00463044022035eed0094dc5d29ccf8a1f92e54752fe27ed32cfb86432cf5fcfe0d49475e64702205f85521b014b47759d272853294a0865ed415e31e84c52f04f30236409676efe:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-34982.yaml

@@ -10,14 +10,16 @@ info:
     - https://github.com/n2ryx/CVE/blob/main/Lylme_pagev1.9.5.md
     - https://github.com/tanjiti/sec_profile
     - https://github.com/ATonysan/poc-exp/blob/main/60NavigationPage_CVE-2024-34982_ArbitraryFileUploads.py
+  classification:
+    cpe: cpe:2.3:a:lylme:lylme_spage:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
+    vendor: lylme
+    product: lylme_spage
     fofa-query: icon_hash="-282504889"
   tags: cve,cve2024,lylme-spage,rce,intrusive
-
 flow: http(1) && http(2)
-
 variables:
   string: "{{randstr}}"
   filename: "{{to_lower(rand_text_alpha(5))}}"
@@ -69,4 +71,5 @@ http:
           - 'contains(body, "{{string}}" )'
           - 'contains(header, "text/html")'
         condition: and
+
 # digest: 4a0a004730450220440784f1e1d309bfb1eee99fbcaf02afe7bfa185b48f07233df0f14cac9e9d9b0221009072b53098bb58d0d3efd14db1a3fc5f7b0b4593a0426fa060db0c42edd6f029:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-3552.yaml

@@ -10,16 +10,18 @@ info:
   reference:
     - https://vulners.com/wpvulndb/CVE-2024-3552
     - https://wpscan.com/vulnerability/34b03ee4-de81-4fec-9f3d-e1bd5b94d136/
+  classification:
+    cpe: cpe:2.3:a:salephpscripts:web_directory_free:*:*:*:*:wordpress:*:*:*
   metadata:
     verified: true
     max-request: 1
+    vendor: salephpscripts
+    product: web_directory_free
     publicwww-query: "/wp-content/plugins/web-directory-free"
   tags: cve,cve2024,wordpress,wp-plugin,wpscan,wp,web-directory-free
-
 flow: http(1) && http(2)
 
 http:
-
   - raw:
       - |
         GET / HTTP/1.1
@@ -47,4 +49,5 @@ http:
           - 'status_code == 200'
           - regex('^\[\]$', body)
         condition: and
+
 # digest: 4a0a0047304502205f1531596b6325ac2d986cd6245136e53aa97e8a3978b6a394bffeb78042691602210093b20af969ed64d70d37d6bcea2a4ea4e185ec3d9814c49ec0e4ed34262d6ba6:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-36104.yaml

@@ -19,10 +19,13 @@ info:
     cwe-id: CWE-22
     epss-score: 0.00045
     epss-percentile: 0.16306
+    cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     fofa-query: app="Apache_OFBiz"
+    product: ofbiz
+    vendor: apache
   tags: cve,cve2024,apache,obiz,lfi
 
 http:
@@ -49,4 +52,4 @@ http:
       - type: status
         status:
           - 200
-# digest: 4a0a00473045022100a7361b834830c3e7e20303ae457a8bfcfb5a839bc66596f1a477ccea42cd64f6022038ae35240f2b58a8bd83b199b3111f48d422267b67eac6cafa5f2b5241ef27b3:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a00473045022100a7361b834830c3e7e20303ae457a8bfcfb5a839bc66596f1a477ccea42cd64f6022038ae35240f2b58a8bd83b199b3111f48d422267b67eac6cafa5f2b5241ef27b3:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-36837.yaml

@@ -9,12 +9,15 @@ info:
   reference:
     - https://github.com/phtcloud-dev/CVE-2024-36837
     - https://nvd.nist.gov/vuln/detail/CVE-2024-36837
+  classification:
+    cpe: cpe:2.3:a:crmeb:crmeb:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
+    vendor: crmeb
+    product: crmeb
     fofa-query: title="CRMEB"
   tags: cve,cve2024,crmeb,sqli
-
 variables:
   num: "{{rand_int(9000000, 9999999)}}"
 
@@ -40,4 +43,5 @@ http:
       - type: status
         status:
           - 200
+
 # digest: 490a0046304402203044d17d81b224dafab0f052edc09852ae126401a2350dcbed817e3a8d32b6840220266a399dff53e7dd81a0eeea14d4f29ab5039fee825cd84700698d76b30c8e7f:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-37032.yaml

@@ -10,9 +10,13 @@ info:
     - https://www.wiz.io/blog/probllama-ollama-vulnerability-cve-2024-37032
     - https://nvd.nist.gov/vuln/detail/CVE-2024-37032
     - https://github.com/Bi0x/CVE-2024-37032
+  classification:
+    cpe: cpe:2.3:a:ollama:ollama:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
+    vendor: ollama
+    product: ollama
     shodan-query: ollama
   tags: cve,cve2024,ollama,rce
 
@@ -24,7 +28,6 @@ http:
         Content-Type: application/json
 
         {"name": "http://{{interactsh-url}}/rogue/{{randstr}}", "insecure": true}
-
       - |
         POST /api/push HTTP/1.1
         Host: {{Hostname}}
@@ -38,4 +41,5 @@ http:
           - contains(interactsh_protocol, 'http')
           - contains_all(header, 'application/x-ndjson') && contains(body_2, 'retrieving manifest')
         condition: and
+
 # digest: 4a0a00473045022100a5fa33a756b90484a6e38030d236f0441e68f5e0568a583ecbce5ccc179ec12e022067ed5562eb8a263a887821208641b1c7337d73b10359302495c184e4d1145db2:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-37152.yaml

@@ -9,9 +9,13 @@ info:
   reference:
     - https://github.com/argoproj/argo-cd/security/advisories/GHSA-87p9-x75h-p4j2
     - https://nvd.nist.gov/vuln/detail/CVE-2024-37152
+  classification:
+    cpe: cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
+    vendor: argoproj
+    product: argo_cd
     shodan-query: html:"Argo CD"
   tags: cve,cve2024,argo-cd,info-leak
 
@@ -38,4 +42,5 @@ http:
       - type: status
         status:
           - 200
+
 # digest: 4b0a00483046022100ff51e4d4de0176d7b75272c7382661952fa7f28124b1a6113d2d52675ba7d7ca022100dc729bfc997db746bf206fe0a1ae9ef36b3af92ebad27d690c90a41b636944aa:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-38288.yaml

@@ -12,10 +12,13 @@ info:
   classification:
     epss-score: 0.00043
     epss-percentile: 0.09357
+    cpe: cpe:2.3:a:rhubcom:turbomeeting:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 2
     shodan-query: html:"TurboMeeting"
+    product: turbomeeting
+    vendor: rhubcom
   tags: cve,cve2024,rce,turbomeeting,authenticated
 
 variables:
@@ -71,4 +74,4 @@ http:
         part: interactsh_protocol # Confirms the HTTP Interaction
         words:
           - "dns"
-# digest: 490a004630440220203de4258c77f0b3f46006707f45d197100eab841ddda3976bf550870b81c67d02205b75ab453b0008ab9bcc928e6784877017f3814bbaa8e6cf840548b94623316b:922c64590222798bb761d5b6d8e72950
+# digest: 490a004630440220203de4258c77f0b3f46006707f45d197100eab841ddda3976bf550870b81c67d02205b75ab453b0008ab9bcc928e6784877017f3814bbaa8e6cf840548b94623316b:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-38289.yaml

@@ -8,9 +8,13 @@ info:
     A Boolean-based SQL injection vulnerability in the "RHUB TurboMeeting" web application. This vulnerability could allow an attacker to execute arbitrary SQL commands on the database server, potentially allowing them to access sensitive data or compromise the server.
   reference:
     - https://github.com/google/security-research/security/advisories/GHSA-vx5j-8pgx-v42v
+  classification:
+    cpe: cpe:2.3:a:rhubcom:turbomeeting:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 2
+    vendor: rhubcom
+    product: turbomeeting
     shodan-query: html:"TurboMeeting"
   tags: cve,cve2024,sqli,turbomeeting
 
@@ -22,7 +26,6 @@ http:
         Content-Type: application/x-www-form-urlencoded
 
         meeting_id=1'/**/OR/**/1=1/**/UNION/**/select/**/password/**/from/**/employee/**/where/**/email='admin'/**/AND/**/substr(password,2,1)='b'/**
-
       - |
         POST /as/wapi/vmp HTTP/1.1
         Host: {{Hostname}}
@@ -41,4 +44,5 @@ http:
         part: body_2
         words:
           - '<__Status__>FAILED</__Status__>'
+
 # digest: 490a0046304402200529dc5c8778e012e9cbb7ffa30d733dc1c0587b432825bef1f5231c3e8986c30220102ab38598176c7395f39eb02a1ab74dc442f237b847feb8dc497b297446afa6:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-38856.yaml

@@ -15,10 +15,13 @@ info:
   classification:
     epss-score: 0.00045
     epss-percentile: 0.16306
+    cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     fofa-query: app="Apache_OFBiz"
+    product: ofbiz
+    vendor: apache
   tags: cve,cve2024,ofbiz,apache,rce,kev
 
 http:
@@ -45,4 +48,4 @@ http:
       - type: status
         status:
           - 200
-# digest: 490a0046304402206f35bcc3e276d91d4e1a05964d5c2544dded6826a8fb086b21e982b01c50548e02201954774503527bdb87c96c2d208ce0bbe1383893272f091ffcef7b5f14e74a5a:922c64590222798bb761d5b6d8e72950
+# digest: 490a0046304402206f35bcc3e276d91d4e1a05964d5c2544dded6826a8fb086b21e982b01c50548e02201954774503527bdb87c96c2d208ce0bbe1383893272f091ffcef7b5f14e74a5a:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-3922.yaml

@@ -13,12 +13,15 @@ info:
   reference:
     - https://dokan.co/docs/wordpress/changelog/
     - https://nvd.nist.gov/vuln/detail/CVE-2024-3922
+  classification:
+    cpe: cpe:2.3:a:wedevs:dokan:*:*:*:*:wordpress:*:*:*
   metadata:
     verified: true
     max-request: 2
+    vendor: wedevs
+    product: dokan
     publicwww-query: "/wp-content/plugins/dokan-pro/"
   tags: cve,cve2024,dokan,wp-plugin,wordpress,wp,dokan-pro,sqli
-
 flow: http(1) && http(2)
 
 http:
@@ -47,4 +50,5 @@ http:
           - 'duration>=6'
           - 'status_code == 302'
         condition: and
+
 # digest: 4a0a00473045022100dddd0ec4841ea543e8407a98030b788b48c7c9ed9dd3effa76716f9339223b8a022076cb03daa28b52dab09d0014ed45363b0db7d14951be1ec39218c42cc49ee34f:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-39907.yaml

@@ -15,10 +15,13 @@ info:
     cwe-id: CWE-89
     epss-score: 0.00043
     epss-percentile: 0.09387
+    cpe: cpe:2.3:a:fit2cloud:1panel:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 2
     fofa-query: icon_hash="1300107149" || icon_hash="1453309674" || cert.issuer.cn="1Panel Intermediate CA"
+    product: 1panel
+    vendor: fit2cloud
   tags: cve,cve2024,sqli,1panel,authenticated
 
 variables:
@@ -49,4 +52,4 @@ http:
           - contains_all(body_2, "SQL logic error","table exp already exists")
           - contains(header_1, 'psession')
         condition: and
-# digest: 4a0a0047304502207a2fc8ad9c41d36e76e2405dd372a3c3b1e23cdb7aae86fe21aa9395e37fc307022100a6abdb6d7d79e5715931d0216fa0a2f44d2adb4a35fe03b29b776e2fa9b2d5ae:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a0047304502207a2fc8ad9c41d36e76e2405dd372a3c3b1e23cdb7aae86fe21aa9395e37fc307022100a6abdb6d7d79e5715931d0216fa0a2f44d2adb4a35fe03b29b776e2fa9b2d5ae:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-41107.yaml

@@ -15,10 +15,13 @@ info:
   classification:
     epss-score: 0.00046
     epss-percentile: 0.16798
+    cpe: cpe:2.3:a:apache:cloudstack:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     fofa-query: app="APACHE-CloudStack"
+    product: cloudstack
+    vendor: apache
   tags: cve,cve2024,apache,cloudstack,auth-bypass
 
 variables:
@@ -44,4 +47,4 @@ http:
           - "contains(content_type,'text/xml')"
           - "status_code==302"
         condition: and
-# digest: 4a0a00473045022100bba4f9d8bd13d7f88a72d393233b2bf209b17e02fb2ecad69d9fba3e6177cb180220391703c38491fdb8803df18e2a2e06720d705bdaf7323909112ca37e6360ef73:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a00473045022100bba4f9d8bd13d7f88a72d393233b2bf209b17e02fb2ecad69d9fba3e6177cb180220391703c38491fdb8803df18e2a2e06720d705bdaf7323909112ca37e6360ef73:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-43425.yaml

@@ -14,10 +14,13 @@ info:
   classification:
     cvss-score: 9.8
     cve-id: CVE-2024-43425
+    cpe: cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     shodan-query: title:"Moodle"
+    product: moodle
+    vendor: moodle
   tags: cve,cve2024,moodile,rce,authenticated
 
 flow: http(1) && http(2) && http(3) && http(4) && http(5) && http(6)
@@ -124,4 +127,4 @@ http:
       - type: status
         status:
           - 200
-# digest: 490a0046304402206751ee480090a5e57009256b124a5b385fb35e0ad2c554e3e4e9081f07d433a602205a3c2bb69019ccd312411579022b8f9f0ffff59aebc705f23ef418df865ad97a:922c64590222798bb761d5b6d8e72950
+# digest: 490a0046304402206751ee480090a5e57009256b124a5b385fb35e0ad2c554e3e4e9081f07d433a602205a3c2bb69019ccd312411579022b8f9f0ffff59aebc705f23ef418df865ad97a:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-4348.yaml

@@ -19,10 +19,13 @@ info:
     cwe-id: CWE-79
     epss-score: 0.00065
     epss-percentile: 0.28259
+    cpe: cpe:2.3:a:oscommerce:oscommerce:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 2
     shodan-query: html:"osCommerce"
+    product: oscommerce
+    vendor: oscommerce
   tags: packetstorm,xss,rxss,oscommerce,cve2024,cve
 
 http:
@@ -49,4 +52,4 @@ http:
       - type: status
         status:
           - 200
-# digest: 490a0046304402206260c934d288615aaeb670fe5578235b6f88ea430cb576d396053d632dd1dc880220219844f51c66f70e35b91c1c9cebf6a80739618fe718297ec00954bcc77c4dbc:922c64590222798bb761d5b6d8e72950
+# digest: 490a0046304402206260c934d288615aaeb670fe5578235b6f88ea430cb576d396053d632dd1dc880220219844f51c66f70e35b91c1c9cebf6a80739618fe718297ec00954bcc77c4dbc:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-4358.yaml

@@ -12,10 +12,14 @@ info:
     - https://summoning.team/blog/progress-report-server-rce-cve-2024-4358-cve-2024-1800/
     - https://github.com/sinsinology/CVE-2024-4358
     - https://docs.telerik.com/report-server/knowledge-base/registration-auth-bypass-cve-2024-4358
+  classification:
+    cpe: cpe:2.3:a:progress:telerik_report_server:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 2
     shodan-query: title:"Log in | Telerik Report Server"
+    product: telerik_report_server
+    vendor: progress
   tags: cve,cve2024,telerik,progress,auth-bypass,instrusive
 variables:
   user: "{{rand_base(6)}}"
@@ -61,4 +65,4 @@ http:
         dsl:
           - '"Username: "+ user'
           - '"Password: "+ pass'
-# digest: 4b0a00483046022100b40c2678a88f956f4c6349fda05d4d83541374a2907b8731a90941505551b493022100f53a3591f5bd4a3fb03698db001d452302dd2217004277971fc01d9af5e9569f:922c64590222798bb761d5b6d8e72950
+# digest: 4b0a00483046022100b40c2678a88f956f4c6349fda05d4d83541374a2907b8731a90941505551b493022100f53a3591f5bd4a3fb03698db001d452302dd2217004277971fc01d9af5e9569f:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-4434.yaml

@@ -17,10 +17,13 @@ info:
     cve-id: CVE-2024-4434
     epss-score: 0.00063
     epss-percentile: 0.2659
+    cpe: cpe:2.3:a:thimpress:learnpress:*:*:*:*:wordpress:*:*:*
   metadata:
     verified: true
     max-request: 2
     publicwww-query: "/wp-content/plugins/learnpress"
+    product: learnpress
+    vendor: thimpress
   tags: cve,cve2024,wp,wp-plugin,wordpress,sqli,learnpress
 
 variables:
@@ -56,4 +59,4 @@ http:
         regex:
           - '"nonce":"([a-z0-9]+)","is_course_archive"'
         internal: true
-# digest: 4a0a00473045022100805a19beed0925918e48fe60dabee80e439f5ff19ca82f8de67f3ae2e519961002203b48fc2db31392293b96ed2bc9fd008e41f94a023be3e094412dd969f8b06752:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a00473045022100805a19beed0925918e48fe60dabee80e439f5ff19ca82f8de67f3ae2e519961002203b48fc2db31392293b96ed2bc9fd008e41f94a023be3e094412dd969f8b06752:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-4443.yaml

@@ -21,10 +21,13 @@ info:
     cve-id: CVE-2024-4443
     epss-score: 0.00063
     epss-percentile: 0.27036
+    cpe: cpe:2.3:a:businessdirectoryplugin:business_directory:*:*:*:*:wordpress:*:*:*
   metadata:
     verified: true
     max-request: 1
     publicwww-query: "/wp-content/plugins/business-directory-plugin/"
+    product: business_directory
+    vendor: businessdirectoryplugin
   tags: cve,cve2024,sqli,business-directory,wordpress,wp-plugin
 
 http:
@@ -41,4 +44,4 @@ http:
           - 'status_code == 200'
           - 'contains_all(body,"Business Directory","No listings found")'
         condition: and
-# digest: 4b0a00483046022100e04251201f1f578148c87851a0d69f7f4eee73c7f9d22c66c87ac3844b5cd1d8022100f7ca58462cb7d8fb264834a0e6477dc1cf7a0160dd2356e11573da802e5455ca:922c64590222798bb761d5b6d8e72950
+# digest: 4b0a00483046022100e04251201f1f578148c87851a0d69f7f4eee73c7f9d22c66c87ac3844b5cd1d8022100f7ca58462cb7d8fb264834a0e6477dc1cf7a0160dd2356e11573da802e5455ca:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-4885.yaml

@@ -20,10 +20,13 @@ info:
     cwe-id: CWE-22
     epss-score: 0.00066
     epss-percentile: 0.29461
+    cpe: cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     shodan-query: html:"WhatsUp Gold"
+    product: whatsup_gold
+    vendor: progress
   tags: cve,cve2024,rce,progress,whatsup,lfi
 
 http:
@@ -47,4 +50,4 @@ http:
         part: interactsh_request
         words:
           - "sPassword"
-# digest: 4a0a00473045022025e6631dabad4579c99709729fae229ea1e0c525a01676fac07451061cb1d8b4022100c5b5f8a3ff93eb00c43a7639075d79f0ada4374abed4f2ad227cf2a326b33661:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a00473045022025e6631dabad4579c99709729fae229ea1e0c525a01676fac07451061cb1d8b4022100c5b5f8a3ff93eb00c43a7639075d79f0ada4374abed4f2ad227cf2a326b33661:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-5315.yaml

@@ -18,10 +18,13 @@ info:
     cwe-id: CWE-89
     epss-score: 0.00043
     epss-percentile: 0.09367
+    cpe: cpe:2.3:a:dolibarr:dolibarr_erp\\/crm:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     shodan-query: http.title:"Dolibarr"
+    product: dolibarr_erp\\/crm
+    vendor: dolibarr
   tags: cve,cve2024,dolibarr,erp,sqli,authenticated
 
 variables:
@@ -57,4 +60,4 @@ http:
         part: body_1
         words:
           - SuperAdmin
-# digest: 4a0a0047304502205fa272f74338d860a6b47447f08017ae8c60735a051e74848b2cc6c2b2419b44022100bd49eb5ef5d7dbadb31d03259c9ad62c582e4ab4d90856c4421fd4c44a7fd2bd:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a0047304502205fa272f74338d860a6b47447f08017ae8c60735a051e74848b2cc6c2b2419b44022100bd49eb5ef5d7dbadb31d03259c9ad62c582e4ab4d90856c4421fd4c44a7fd2bd:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-5522.yaml

@@ -16,10 +16,13 @@ info:
     cve-id: CVE-2024-5522
     epss-score: 0.04
     epss-percentile: 9
+    cpe: cpe:2.3:a:bplugins:html5_video_player:*:*:*:*:wordpress:*:*:*
   metadata:
     verified: true
     max-request: 1
     publicwww-query: "/wp-content/plugins/html5-video-player"
+    product: html5_video_player
+    vendor: bplugins
   tags: wpscan,cve,cve2024,wordpress,wp-plugin,wp,sqli,html5-video-player
 
 variables:
@@ -40,4 +43,4 @@ http:
       - type: status
         status:
           - 200
-# digest: 4a0a00473045022100a7dc1f22e4c4cf656939c0f9bc502d05a891595332a3e83cf4cfd8ffd2e0d7a102200d946db71e2e8b7619b89fb20cfde7a02ba86c20f8087d397dd795a20e5c1187:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a00473045022100a7dc1f22e4c4cf656939c0f9bc502d05a891595332a3e83cf4cfd8ffd2e0d7a102200d946db71e2e8b7619b89fb20cfde7a02ba86c20f8087d397dd795a20e5c1187:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-6028.yaml

@@ -15,10 +15,13 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2024-6028
     cwe-id: CWE-89
+    cpe: cpe:2.3:a:ays-pro:quiz_maker:*:*:*:*:wordpress:*:*:*
   metadata:
     verified: true
     max-request: 1
     publicwww-query: "/wp-content/plugins/quiz-maker/"
+    product: quiz_maker
+    vendor: ays-pro
   tags: cve,cve2024,wordpress,wp,wp-plugin,quiz-maker,sqli
 
 http:
@@ -38,4 +41,4 @@ http:
           - 'status_code == 200'
           - 'contains_all(body,"status\":","scoreMessage","displayScore")'
         condition: and
-# digest: 490a00463044022069e5a049ef936612c26a43bcdfe2c8eb29ed3c1ff84d66a531d4215e98ca53a1022056ca1a712669b254a773d248d9f7c9edcfeeea7859b5995eb268a727a9fce0ac:922c64590222798bb761d5b6d8e72950
+# digest: 490a00463044022069e5a049ef936612c26a43bcdfe2c8eb29ed3c1ff84d66a531d4215e98ca53a1022056ca1a712669b254a773d248d9f7c9edcfeeea7859b5995eb268a727a9fce0ac:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-6396.yaml

@@ -11,10 +11,13 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2024-6396
     cwe-id: CWE-29
+    cpe: cpe:2.3:a:aimstack:aim:*:*:*:*:*:*:*:*
   metadata:
     max-request: 3
     verified: true
     fofa-query: icon_hash="-1047157256"
+    product: aim
+    vendor: aimstack
   tags: cve,cve2024,aim,aimhubio,file-write
 
 variables:
@@ -66,4 +69,4 @@ http:
         part: header_3
         words:
           - "text/plain"
-# digest: 4a0a0047304502210099850e1d327c893d635d886887be1e40781e8445214740edc611fb8a68e2533702206e55b076166d6c86edc822570a65c3ab7bdf8da82596df934cc65157141dcfb1:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a0047304502210099850e1d327c893d635d886887be1e40781e8445214740edc611fb8a68e2533702206e55b076166d6c86edc822570a65c3ab7bdf8da82596df934cc65157141dcfb1:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-6646.yaml

@@ -19,8 +19,11 @@ info:
     cwe-id: CWE-200
     epss-score: 0.00045
     epss-percentile: 0.16001
+    cpe: cpe:2.3:h:netgear:wn604:*:*:*:*:*:*:*:*
   metadata:
     fofa-query: title=="Netgear"
+    product: wn604
+    vendor: netgear
   tags: cve,cve2024,netgear
 
 http:
@@ -45,4 +48,4 @@ http:
       - type: status
         status:
           - 200
-# digest: 490a00463044022061dfd0175001443072f737684368faff9a2516c4009eff8165c3b03ce91ebc40022071c9cea2bee7a01701b51c5a707e033d359a8c8740a9340a62ac452c709bff82:922c64590222798bb761d5b6d8e72950
+# digest: 490a00463044022061dfd0175001443072f737684368faff9a2516c4009eff8165c3b03ce91ebc40022071c9cea2bee7a01701b51c5a707e033d359a8c8740a9340a62ac452c709bff82:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-6670.yaml

@@ -17,10 +17,13 @@ info:
     cwe-id: CWE-89
     epss-score: 0.00043
     epss-percentile: 0.09569
+    cpe: cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 4
     shodan-query: title:"WhatsUp Gold" http.favicon.hash:-2107233094
+    product: whatsup_gold
+    vendor: progress
   tags: cve,cve2024,whatsup-gold,auth-bypass,sqli,intrusive
 
 flow: |
@@ -133,4 +136,4 @@ http:
         dsl:
           - '"USER: "+ username'
           - '"PASS: "+ password'
-# digest: 4a0a00473045022100de094415e14c9a6e875c953b23b76c94d62cbc4da0a57db7ab65cc3db2ca652302207e6b8157dd2bdfc8fcba5f818575572d121cc61cfca0729455359ee19a788840:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a00473045022100de094415e14c9a6e875c953b23b76c94d62cbc4da0a57db7ab65cc3db2ca652302207e6b8157dd2bdfc8fcba5f818575572d121cc61cfca0729455359ee19a788840:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-6781.yaml

@@ -8,10 +8,14 @@ info:
     Arbitrary file read via Calibre’s content server in Calibre <= 7.14.0.
   reference:
     - https://starlabs.sg/advisories/24/24-6781/
+  classification:
+    cpe: cpe:2.3:a:calibre-ebook:calibre:*:*:*:*:*:*:*:*
   metadata:
+    verified: true
+    vendor: calibre-ebook
+    product: calibre
     shodan-query: html:"Calibre"
     fofa-query: "Server: calibre"
-    verified: true
     max-requeset: 1
   tags: cve,cve2024,calibre,lfi
 
@@ -53,4 +57,5 @@ http:
       - type: status
         status:
           - 200
+
 # digest: 490a0046304402202ca6fce004009bb7f0650dea15c513da500a417c0c88ac7b0e5e45f237a4e7db022076d6e09297483225abdcab453844dd78e248409367b78b3e4b02e80034988c3d:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-6782.yaml

@@ -8,8 +8,12 @@ info:
     Unauthenticated remote code execution via Calibre’s content server in Calibre <= 7.14.0.
   reference:
     - https://starlabs.sg/advisories/24/24-6781/
+  classification:
+    cpe: cpe:2.3:a:calibre-ebook:calibre:*:*:*:*:*:*:*:*
   metadata:
     verified: true
+    vendor: calibre-ebook
+    product: calibre
     shodan-query: html:"Calibre"
     fofa-query: "Server: calibre"
     max-requeset: 1
@@ -59,4 +63,5 @@ http:
       - type: status
         status:
           - 200
+
 # digest: 4b0a00483046022100ab0c6eb74bbcbd25752d1cb038e1250aae3a1ca7939f89b55c54300ce331fb7f022100e4d96a62a8a103243f43549987b0cbd496172100fa325a425975b072d0482332:922c64590222798bb761d5b6d8e72950

http/cves/2024/CVE-2024-6922.yaml

@@ -12,13 +12,18 @@ info:
     - https://www.automationanywhere.com/products/automation-360
     - https://www.rapid7.com/blog/post/2024/07/26/cve-2024-6922-automation-anywhere-automation-360-server-side-request-forgery/
     - https://nvd.nist.gov/vuln/detail/CVE-2024-6922
+  classification:
+    cpe: cpe:2.3:a:automationanywhere:automation_360:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     shodan-query: http.favicon.hash:-1005691603
     fofa-query: icon_hash="-1005691603"
+    product: automation_360
+    vendor: automationanywhere
   tags: cve,cve2024,ssrf,oast,automation,anywhere
 
+
 http:
   - raw:
       - |
@@ -48,4 +53,4 @@ http:
       - type: status
         status:
           - 400
-# digest: 490a0046304402203bd01e5954da7c9aebe29de80f6db1a0f4773bbea2ea88852f3409cf1bb4a95e02203a545a71cc78849cd6a55a562b98c038c5a370292ba9e6014e0333f665a5cd35:922c64590222798bb761d5b6d8e72950
+# digest: 490a0046304402203bd01e5954da7c9aebe29de80f6db1a0f4773bbea2ea88852f3409cf1bb4a95e02203a545a71cc78849cd6a55a562b98c038c5a370292ba9e6014e0333f665a5cd35:922c64590222798bb761d5b6d8e72950

http/default-logins/abb/cs141-default-login.yaml

@@ -9,9 +9,12 @@ info:
     - https://www.generex.de/media/pages/packages/documents/manuals/f65348d5b6-1628841637/manual_CS141_en.pdf
   classification:
     cwe-id: CWE-798
+    cpe: cpe:2.3:h:generex:cs141:*:*:*:*:*:*:*:*
   metadata:
     max-request: 3
     shodan-query: http.html:"CS141"
+    product: cs141
+    vendor: generex
   tags: hiawatha,iot,default-login
 
 http:
@@ -60,4 +63,4 @@ http:
       - type: kval
         kval:
           - accessToken
-# digest: 4a0a00473045022100adf8a4c12e354461e80b4a00ab99ae10c5b82fefee98c10029107b3d2063620f022060eb930abe08c48fa92c7e817046a6a999feabe76aff9b2e6052a78f877c6e9d:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a00473045022100adf8a4c12e354461e80b4a00ab99ae10c5b82fefee98c10029107b3d2063620f022060eb930abe08c48fa92c7e817046a6a999feabe76aff9b2e6052a78f877c6e9d:922c64590222798bb761d5b6d8e72950

http/default-logins/aem/aem-default-login.yaml

@@ -11,9 +11,12 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
     cvss-score: 8.3
     cwe-id: CWE-522
+    cpe: cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*
   metadata:
     max-request: 8
     shodan-query: http.component:"Adobe Experience Manager"
+    product: experience_manager
+    vendor: adobe
   tags: aem,default-login,adobe
 
 http:

http/default-logins/aem/aem-felix-console.yaml

@@ -12,11 +12,14 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
     cvss-score: 8.3
     cwe-id: CWE-522
+    cpe: cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*
   metadata:
     max-request: 2
     shodan-query:
       - http.title:"AEM Sign In"
       - http.component:"Adobe Experience Manager"
+    product: experience_manager_cloud_service
+    vendor: adobe
   tags: default-login,misconfig,aem,adobe
 
 http:

http/default-logins/apache/apache-apollo-default-login.yaml

@@ -4,12 +4,15 @@ info:
   name: Apache Apollo - Default Login
   author: ritikchaddha
   severity: high
+  classification:
+    cpe: cpe:2.3:a:apache:activemq_apollo:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
+    vendor: apache
+    product: activemq_apollo
     shodan-query: title:"Apache Apollo"
   tags: apache,apollo,default-login,misconfig
-
 variables:
   username: 'admin'
   password: 'admin'
@@ -22,7 +25,6 @@ http:
         Content-Type: application/x-www-form-urlencoded; charset=UTF-8
 
         username={{username}}&password={{password}}
-
       - |
         GET /console/index.html HTTP/1.1
         Host: {{Hostname}}
@@ -45,4 +47,5 @@ http:
       - type: status
         status:
           - 200
+
 # digest: 490a004630440220316d56568350165547ed1cb488565e14ecae67a775aea47af5d671124b563a5b022040877ad8cc3beae83a8717a9b7d014c5216d3b5acabd097d97d2cdeea26ee151:922c64590222798bb761d5b6d8e72950

http/default-logins/apache/cloudstack-default-login.yaml

@@ -6,9 +6,13 @@ info:
   severity: high
   description: |
     CloudStack instance discovered using weak default credentials, allows the attacker to gain admin privilege.
+  classification:
+    cpe: cpe:2.3:a:apache:cloudstack:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
+    vendor: apache
+    product: cloudstack
     shodan-query: http.title:"Apache CloudStack"
   tags: default-login,apache,cloudstack
 
@@ -23,13 +27,11 @@ http:
         command=login&username={{username}}&password={{password}}&domain=%2F&response=json
 
     attack: pitchfork
-
     payloads:
       username:
         - admin
       password:
         - password
-
     host-redirects: true
     matchers:
       - type: dsl
@@ -38,4 +40,5 @@ http:
           - "contains(content_type, 'application/json')"
           - "contains_all(body, 'sessionkey','domainid','userid')"
         condition: and
+
 # digest: 4a0a00473045022100e14781f645e94e9addfd689f626c0fd7410a4c6abab76c419506a12a7e77b3c702203e536f8fc02f29d3744e77e3403890bbb63998656b7582421280bb32f31466a9:922c64590222798bb761d5b6d8e72950

http/default-logins/apache/dolphinscheduler-default-login.yaml

@@ -11,9 +11,12 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
     cvss-score: 8.3
     cwe-id: CWE-522
+    cpe: cpe:2.3:a:apache:dolphinscheduler:*:*:*:*:*:*:*:*
   metadata:
     max-request: 1
     shodan-query: http.title:"DolphinScheduler"
+    product: dolphinscheduler
+    vendor: apache
   tags: apache,dolphinscheduler,default-login,oss
 
 http:

http/default-logins/apache/karaf-default-login.yaml

@@ -11,10 +11,13 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
     cvss-score: 8.3
     cwe-id: CWE-522
+    cpe: cpe:2.3:a:apache:karaf:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     shodan-query: realm="karaf"
+    product: karaf
+    vendor: apache
   tags: default-login,apache,karaf
 
 http:

http/default-logins/apache/kylin-default-login.yaml

@@ -9,9 +9,13 @@ info:
   reference:
     - https://github.com/hanc00l/pocGoby2Xray/blob/main/xraypoc/Apache_Kylin_Console_Default_password.yml
     - https://github.com/Wker666/Demo/blob/main/script/%E6%BC%8F%E6%B4%9E%E6%8E%A2%E6%B5%8B/Kylin/Apache%20Kylin%20Console%20%E6%8E%A7%E5%88%B6%E5%8F%B0%E5%BC%B1%E5%8F%A3%E4%BB%A4.wker
+  classification:
+    cpe: cpe:2.3:a:apache:kylin:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 6
+    vendor: apache
+    product: kylin
     fofa-query: app="APACHE-kylin"
   tags: kylin,default-login,apache
 
@@ -52,4 +56,4 @@ http:
         status:
           - 200
 
-# digest: 490a0046304402201fcf0b913c72b187052e4b5e7871e7d0e5b5df5339bb686cba1d688f6b12ab5702201e25e7c9eaedcea9be02d16d4759ab89f87e1bbd505c6144f94e671bc2b25db0:922c64590222798bb761d5b6d8e72950
+# digest: 490a0046304402201fcf0b913c72b187052e4b5e7871e7d0e5b5df5339bb686cba1d688f6b12ab5702201e25e7c9eaedcea9be02d16d4759ab89f87e1bbd505c6144f94e671bc2b25db0:922c64590222798bb761d5b6d8e72950

http/default-logins/apache/ranger-default-login.yaml

@@ -11,9 +11,12 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
     cvss-score: 8.3
     cwe-id: CWE-522
+    cpe: cpe:2.3:a:apache:ranger:*:*:*:*:*:*:*:*
   metadata:
     max-request: 1
     shodan-query: http.title:"Ranger - Sign In"
+    product: ranger
+    vendor: apache
   tags: apache,ranger,default-login
 
 http:

http/default-logins/apache/tomcat-default-login.yaml

@@ -8,8 +8,12 @@ info:
   reference:
     - https://www.rapid7.com/db/vulnerabilities/apache-tomcat-default-ovwebusr-password/
     - https://github.com/danielmiessler/SecLists/blob/master/Passwords/Default-Credentials/tomcat-betterdefaultpasslist.txt
+  classification:
+    cpe: cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
   metadata:
     max-request: 405
+    vendor: apache
+    product: tomcat
     shodan-query: title:"Apache Tomcat"
   tags: tomcat,apache,default-login
 
@@ -94,4 +98,4 @@ http:
         status:
           - 200
 
-# digest: 4a0a00473045022100e2f0325cd0d99bcd7a23cd738065048220ea18532e54ce329ccfb3bb44866d9602202efadadca274034c7078a8104fc4df513dba2c17d33d76d104490d8cd85db915:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a00473045022100e2f0325cd0d99bcd7a23cd738065048220ea18532e54ce329ccfb3bb44866d9602202efadadca274034c7078a8104fc4df513dba2c17d33d76d104490d8cd85db915:922c64590222798bb761d5b6d8e72950

http/default-logins/apollo/apollo-default-login.yaml

@@ -11,9 +11,12 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
     cvss-score: 8.3
     cwe-id: CWE-522
+    cpe: cpe:2.3:a:ctrip:apollo:*:*:*:*:*:*:*:*
   metadata:
     max-request: 2
     shodan-query: http.favicon.hash:11794165
+    product: apollo
+    vendor: ctrip
   tags: apollo,default-login
 
 http:

http/default-logins/asus/asus-rtn16-default-login.yaml

@@ -6,9 +6,13 @@ info:
   severity: high
   description: |
     ASUS RT-N16 contains a default login vulnerability. Default admin login password 'admin' was found.
+  classification:
+    cpe: cpe:2.3:h:asus:rt-n16:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
+    vendor: asus
+    product: rt-n16
     shodan-query: "RT-N16"
   tags: default-login,asus,rt-n16
 
@@ -40,4 +44,5 @@ http:
       - type: status
         status:
           - 200
+
 # digest: 4a0a0047304502200b8798bc6edb6d74920650e18ac885759f155e31874f0c2ae1ab825e5f9ab621022100ea2e7c324d3921ccc0dcb7436c5e57ae3aec0e3396d4c5cf1f7a010f6e688192:922c64590222798bb761d5b6d8e72950

http/default-logins/azkaban/azkaban-default-login.yaml

@@ -7,9 +7,12 @@ info:
   description: Azkaban is a batch workflow job scheduler created at LinkedIn to run Hadoop jobs.  Default web client credentials were discovered.
   classification:
     cwe-id: CWE-798
+    cpe: cpe:2.3:a:azkaban_project:azkaban:*:*:*:*:*:*:*:*
   metadata:
     max-request: 1
     shodan-query: http.title:"Azkaban Web Client"
+    product: azkaban
+    vendor: azkaban_project
   tags: default-login,azkaban
 
 http:

http/default-logins/barco-clickshare-default-login.yaml

@@ -6,8 +6,12 @@ info:
   severity: high
   description: |
     Barco ClickShare contains a default login vulnerability. Default login password 'admin' was found.
+  classification:
+    cpe: cpe:2.3:o:barco:clickshare_cs-100_huddle_firmware:*:*:*:*:*:*:*:*
   metadata:
     max-request: 3
+    vendor: barco
+    product: clickshare_cs-100_huddle_firmware
     shodan-query: "ClickShareSession"
   tags: default-login,barco,clickshare
 
@@ -16,14 +20,12 @@ http:
       - |
         GET /login HTTP/1.1
         Host: {{Hostname}}
-
       - |
         POST /login/log_me_in HTTP/1.1
         Host: {{Hostname}}
         Content-Type: application/x-www-form-urlencoded
 
         csrf_protection_token={{token}}&username={{username}}&password={{password}}&eula_accepted=true
-
       - |
         GET /configuration_wizard HTTP/1.1
         Host: {{Hostname}}
@@ -34,7 +36,6 @@ http:
         - admin
       password:
         - admin
-
     matchers:
       - type: dsl
         dsl:
@@ -51,4 +52,5 @@ http:
         regex:
           - '="csrf_protection_token" value="([0-9a-z]+)" \/>'
         internal: true
+
 # digest: 490a004630440220110d1053dd5b584c6b956c2a7dd5cab571c2d140f37443d9e2c36d2897de6278022019c145b0a677c04a818d1cf14b7150105adb9ad64809c40f071a61232af232ef:922c64590222798bb761d5b6d8e72950

http/default-logins/batflat/batflat-default-login.yaml

@@ -9,9 +9,13 @@ info:
   reference:
     - https://www.exploitalert.com/view-details.html?id=34749
     - https://cxsecurity.com/issue/WLB-2020010100
+  classification:
+    cpe: cpe:2.3:a:batflat:batflat:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
+    vendor: batflat
+    product: batflat
     google-query: intext:"Powered by Batflat."
   tags: default-login,batflat
 
@@ -39,4 +43,4 @@ http:
           - 'contains(body, "Batflat - Dashboard")'
         condition: and
 
-# digest: 490a0046304402201fd494d4a966f5e9588e9814d7f91e2b59c07416531b6f9c5656c76ea3ddcfef0220164999871087cfeb8221bedaf5d22d4aa2c452d80653fefac3c3032c89f443d0:922c64590222798bb761d5b6d8e72950
+# digest: 490a0046304402201fd494d4a966f5e9588e9814d7f91e2b59c07416531b6f9c5656c76ea3ddcfef0220164999871087cfeb8221bedaf5d22d4aa2c452d80653fefac3c3032c89f443d0:922c64590222798bb761d5b6d8e72950

http/default-logins/bloofoxcms-default-login.yaml

@@ -9,9 +9,13 @@ info:
   reference:
     - https://www.bloofox.com/automated_setup.113.html
     - https://www.bloofox.com
+  classification:
+    cpe: cpe:2.3:a:bloofox:bloofoxcms:*:*:*:*:*:*:*:*
   metadata:
     verified: "true"
     max-request: 1
+    vendor: bloofox
+    product: bloofoxcms
     fofa-query: "Powered by bloofoxCMS"
   tags: bloofox,cms,default-login
 
@@ -39,4 +43,4 @@ http:
           - status_code == 200
         condition: and
 
-# digest: 4b0a00483046022100b9ba4676dd13debd11f72527dcd0e4bc7cd120efb61658f9e7270fe85c3b9b9b022100d82c3493478c008849f179f16de4746febc9b91f6ee3c1bbadcff8652341c03f:922c64590222798bb761d5b6d8e72950
+# digest: 4b0a00483046022100b9ba4676dd13debd11f72527dcd0e4bc7cd120efb61658f9e7270fe85c3b9b9b022100d82c3493478c008849f179f16de4746febc9b91f6ee3c1bbadcff8652341c03f:922c64590222798bb761d5b6d8e72950

http/default-logins/cobbler/hue-default-credential.yaml

@@ -11,9 +11,12 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
     cvss-score: 8.3
     cwe-id: CWE-522
+    cpe: cpe:2.3:a:cloudera:hue:*:*:*:*:*:*:*:*
   metadata:
     max-request: 8
     shodan-query: title:"Hue - Welcome to Hue"
+    product: hue
+    vendor: cloudera
   tags: hue,default-login,oss,cloudera
 
 http:

http/default-logins/couchdb/couchdb-default-login.yaml

@@ -10,10 +10,13 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
     cvss-score: 8.3
     cwe-id: CWE-522
+    cpe: cpe:2.3:a:apache:couchdb:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 16
     fofa-query: app="APACHE-CouchDB"
+    product: couchdb
+    vendor: apache
   tags: default-login,couchdb,misconfig
 
 http:
@@ -59,4 +62,4 @@ http:
       - type: status
         status:
           - 200
-# digest: 4a0a00473045022100d8dc157d21a721b1e094764f7a1de53a740381d0a481d3f769ea9d3f64cb263802206ac7f06583abd7f54a71650d4717c3668c755c5d713ea00aab6fb2181391e9b2:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a00473045022100d8dc157d21a721b1e094764f7a1de53a740381d0a481d3f769ea9d3f64cb263802206ac7f06583abd7f54a71650d4717c3668c755c5d713ea00aab6fb2181391e9b2:922c64590222798bb761d5b6d8e72950

http/default-logins/crushftp/crushftp-anonymous-login.yaml

@@ -6,9 +6,13 @@ info:
   severity: high
   description: |
     CrushFTP Anonymous login credentials were discovered.
+  classification:
+    cpe: cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 2
+    vendor: crushftp
+    product: crushftp
     shodan-query: html:"CrushFTP"
   tags: default-logins,anonymous,crushftp,default-login
 
@@ -17,8 +21,6 @@ http:
       - |
         GET /WebInterface/ HTTP/1.1
         Host: {{Hostname}}
-
-
       - |
         POST /WebInterface/function/ HTTP/1.1
         Host: {{Hostname}}
@@ -38,7 +40,6 @@ http:
         words:
           - "text/xml"
 
-
     extractors:
       - type: regex
         name: auth
@@ -47,4 +48,5 @@ http:
         group: 1
         regex:
           - 'currentAuth=([0-9a-zA-Z]+)'
+
 # digest: 4a0a0047304502200c5a041237930d9a2d13bbdd1937389e71363cf051dc4e6811eaa132f7484060022100b71429de7b114bd8165650fc5ef949e6ab6138c5dd79e57fb16c60fa32c18ada:922c64590222798bb761d5b6d8e72950

http/default-logins/crushftp/crushftp-default-login.yaml

@@ -6,9 +6,13 @@ info:
   severity: high
   description: |
     CrushFTP default login credentials were discovered.
+  classification:
+    cpe: cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 2
+    vendor: crushftp
+    product: crushftp
     shodan-query: html:"CrushFTP"
   tags: default-login,crushftp
 
@@ -17,8 +21,6 @@ http:
       - |
         GET /WebInterface/ HTTP/1.1
         Host: {{Hostname}}
-
-
       - |
         POST /WebInterface/function/ HTTP/1.1
         Host: {{Hostname}}
@@ -27,15 +29,14 @@ http:
 
         command=login&username={{username}}&password={{password}}&encoded=true&language=en&random=0.34712915617878926
 
-
     attack: pitchfork
     payloads:
       username:
         - crushadmin
       password:
         - crushadmin
-
     stop-at-first-match: true
+
     matchers-condition: and
     matchers:
       - type: word
@@ -56,4 +57,5 @@ http:
         group: 1
         regex:
           - 'currentAuth=([0-9a-zA-Z]+)'
+
 # digest: 4a0a0047304502206cda74422b8792aa62859df68d922613d4db22ba6e374a674cc2896bb813426f0221008cd32f2eb5cdc98370da14ba0f39a260c3868ac8bd6bbc336c08d41f3122b9a4:922c64590222798bb761d5b6d8e72950

http/default-logins/dataease/dataease-default-login.yaml

@@ -9,9 +9,13 @@ info:
     As a result, many Dataease can log in with this built-in account.
   reference:
     - https://github.com/dataease/dataease/issues/5995
+  classification:
+    cpe: cpe:2.3:a:dataease_project:dataease:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
+    vendor: dataease_project
+    product: dataease
     shodan-query: html:"Dataease"
   tags: default-login,dataease
 
@@ -42,4 +46,5 @@ http:
       - type: status
         status:
           - 200
+
 # digest: 4a0a00473045022100f845a84ad7189dffccd1afea970ebb8f5e601b044da1562e014ab66c8f70e3a9022066c79ccdd3db85aae25fffd20633c098d785a2769347ea37c120f0fb36b1fc0e:922c64590222798bb761d5b6d8e72950

http/default-logins/datahub/datahub-metadata-default-login.yaml

@@ -11,10 +11,13 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
     cvss-score: 8.3
     cwe-id: CWE-522
+    cpe: cpe:2.3:a:datahub_project:datahub:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     shodan-query: http.title:"DataHub"
+    product: datahub
+    vendor: datahub_project
   tags: datahub,default-login
 
 http:

http/default-logins/dataiku/dataiku-default-login.yaml

@@ -11,10 +11,13 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
     cvss-score: 8.3
     cwe-id: CWE-522
+    cpe: cpe:2.3:a:dataiku:data_science_studio:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     shodan-query: title:"dataiku"
+    product: data_science_studio
+    vendor: dataiku
   tags: default-login,dataiku
 
 http:

http/default-logins/elasticsearch/elasticsearch-default-login.yaml

@@ -9,9 +9,13 @@ info:
   reference:
     - https://www.alibabacloud.com/blog/what-is-the-default-username-and-password-for-elasticsearch_599610
     - https://www.elastic.co/guide/en/elasticsearch/reference/current/built-in-users.html
+  classification:
+    cpe: cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
+    vendor: elastic
+    product: elasticsearch
     shodan-query: http.title:"Elastic" || http.favicon.hash:1328449667
   tags: default-login,elasticsearch
 
@@ -50,4 +54,4 @@ http:
         status:
           - 200
 
-# digest: 4b0a00483046022100a3408fad3b3714582be692b490de830c2bab27c538a3019730304baf29a3d925022100dedbe43013a6624ea26d84bfc6e3d742cb51405bcf8e14b5c137372eb72f7dd6:922c64590222798bb761d5b6d8e72950
+# digest: 4b0a00483046022100a3408fad3b3714582be692b490de830c2bab27c538a3019730304baf29a3d925022100dedbe43013a6624ea26d84bfc6e3d742cb51405bcf8e14b5c137372eb72f7dd6:922c64590222798bb761d5b6d8e72950

http/default-logins/esafenet-cdg-default-login.yaml

@@ -6,9 +6,13 @@ info:
   severity: high
   description: |
     Esafenet electronic document security management system default  credentials were discovered.
+  classification:
+    cpe: cpe:2.3:a:esafenet:cdg:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 32
+    vendor: esafenet
+    product: cdg
     fofa-query: esafenet
   tags: esafenet,cdg,default-login
 
@@ -53,4 +57,4 @@ http:
         status:
           - 200
 
-# digest: 4a0a00473045022100e6e8037638c7053279429fb10ae4c9c6af87bb9bdbad0ffe087b547602459da902202536491397bc2e5c2c80d4d23ec7e65a7710ebf3e14aa5bc223315c1363deaa6:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a00473045022100e6e8037638c7053279429fb10ae4c9c6af87bb9bdbad0ffe087b547602459da902202536491397bc2e5c2c80d4d23ec7e65a7710ebf3e14aa5bc223315c1363deaa6:922c64590222798bb761d5b6d8e72950

http/default-logins/eurotel/etl3100-default-login.yaml

@@ -9,9 +9,13 @@ info:
   reference:
     - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5782.php
     - https://www.exploit-db.com/exploits/51684
+  classification:
+    cpe: cpe:2.3:h:eurotel:etl3100:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 2
+    vendor: eurotel
+    product: etl3100
     shodan-query: html:"ETL3100"
     fofa-query: body="ETL3100"
   tags: misconfig,default-login,eurotel
@@ -42,4 +46,4 @@ http:
           - 'contains_all(body_2, "FM Exciter", "Summary", "/logout.php")'
         condition: and
 
-# digest: 4a0a00473045022100e1b485875e9a95c6bc7e5419031120cf28227436b5582be699663c9c6c30bc2a02204e3000fba07b11212721e1ffbfffdcc3b5aec852c2af6860eb564d491bc2f0e4:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a00473045022100e1b485875e9a95c6bc7e5419031120cf28227436b5582be699663c9c6c30bc2a02204e3000fba07b11212721e1ffbfffdcc3b5aec852c2af6860eb564d491bc2f0e4:922c64590222798bb761d5b6d8e72950

http/default-logins/feiyuxing/feiyuxing-default-login.yaml

@@ -8,9 +8,13 @@ info:
     Attackers can log in through admin:admin, check the system status, and configure the device.
   reference:
     - https://github.com/wushigudan/poc/blob/main/%E9%A3%9E%E9%B1%BC%E6%98%9F%E9%BB%98%E8%AE%A4%E5%AF%86%E7%A0%81.py
+  classification:
+    cpe: cpe:2.3:h:feiyuxing:vec40g:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
+    vendor: feiyuxing
+    product: vec40g
     fofa-query: title="飞鱼星企业级智能上网行为管理系统"
   tags: feiyuxing,default-login,iot
 
@@ -48,4 +52,4 @@ http:
         status:
           - 200
 
-# digest: 4a0a0047304502201fb4a76b318f9c3a0993dd312148f6a0823954ab3354a41be198c6917ee1c059022100ad6214108becac7c0bdcd5a523f67d04cde7b3efbfc1d4e1a9395c79f992af0f:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a0047304502201fb4a76b318f9c3a0993dd312148f6a0823954ab3354a41be198c6917ee1c059022100ad6214108becac7c0bdcd5a523f67d04cde7b3efbfc1d4e1a9395c79f992af0f:922c64590222798bb761d5b6d8e72950

http/default-logins/franklin-fueling-default-login.yaml

@@ -8,9 +8,13 @@ info:
     A default password vulnerability refers to a security flaw that arises when a system or device is shipped or set up with a pre-configured, default password that is commonly known or easily guessable.
   reference:
     - https://www.exploitalert.com/view-details.html?id=39466
+  classification:
+    cpe: cpe:2.3:o:franklinfueling:ts-550_evo_firmware:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
+    vendor: franklinfueling
+    product: ts-550_evo_firmware
     google-query: inurl:"relay_status.html"
   tags: default-login,franklin
 
@@ -40,4 +44,4 @@ http:
           - 'contains(body, "roleAdmin") || contains(body, "roleUser") || contains(body, "roleGuest")'
         condition: and
 
-# digest: 4b0a00483046022100d5fb1d6e90816511a5ca93642f672cdf7dac17f76021b2e075536aa8ff53569a022100b25f24690490e8a5c05269f473a92f475477111a20a37dfc80da558bd20ff70d:922c64590222798bb761d5b6d8e72950
+# digest: 4b0a00483046022100d5fb1d6e90816511a5ca93642f672cdf7dac17f76021b2e075536aa8ff53569a022100b25f24690490e8a5c05269f473a92f475477111a20a37dfc80da558bd20ff70d:922c64590222798bb761d5b6d8e72950

http/default-logins/fuji-xerox/fuji-xerox-default-login.yaml

@@ -8,10 +8,13 @@ info:
     This template checks for the default credentials (username: 11111, password: x-admin) on Fuji Xerox ApeosPort series printers. If the credentials are valid, the response will have a 200 HTTP status code. Tested on a Fuji Xerox ApeosPort-V C2275 T2.
   reference:
     - https://4it.com.au/kb/article/fuji-xerox-default-password/
+  classification:
+    cpe: cpe:2.3:h:fujixerox:apeosport-v_c3375:*:*:*:*:*:*:*:*
   metadata:
-    max-request: 1
     verified: true
-    vendor: fuji-xerox
+    max-request: 1
+    vendor: fujixerox
+    product: apeosport-v_c3375
     fofa-query: '"prop.htm" && "docucentre"'
   tags: default-login,fuji,fuji-xerox,printer
 
@@ -36,4 +39,5 @@ http:
       - type: status
         status:
           - 200
+
 # digest: 4a0a00473045022021dddab097e239a58636b5c6b839cb7e8e8217298f30238bc710a0d23916c515022100a53010047899140f9321c168495bd9117f6b5989d5a0c51d773d10034cfac106:922c64590222798bb761d5b6d8e72950

http/default-logins/geoserver/geoserver-default-login.yaml

@@ -11,10 +11,13 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
     cvss-score: 8.3
     cwe-id: CWE-522
+    cpe: cpe:2.3:a:geoserver:geoserver:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 2
     fofa-query: app="GeoServer"
+    product: geoserver
+    vendor: geoserver
   tags: geoserver,default-login
 
 http:

http/default-logins/gitblit/gitblit-default-login.yaml

@@ -8,9 +8,13 @@ info:
     Gitblit Default login credentials were discovered.
   reference:
     - https://www.gitblit.com/administration.html
+  classification:
+    cpe: cpe:2.3:a:gitblit:gitblit:*:*:*:*:*:*:*:*
   metadata:
-    max-request: 1
     verified: true
+    max-request: 1
+    vendor: gitblit
+    product: gitblit
     shodan-query: title:"Gitblit"
   tags: gitblit,default-login
 
@@ -46,4 +50,5 @@ http:
       - type: dsl
         dsl:
           - "len(body) == 0"
+
 # digest: 4a0a004730450220691d3ee89f1594b342246ca8ab8be803b73a21e02aba3351ad7b37b30b3f6212022100cc37beb5ccfc7c249f775ab36ff557cd283ed426c4481be17cf0ac8c03dd6307:922c64590222798bb761d5b6d8e72950