Merge pull request #10724 from projectdiscovery/missing-cpe-tag

Add missing cpes, vendor and product information
2024-09-12 12:11:52 +07:00 · 2024-09-12 12:11:52 +07:00 · 5df3467244
parent da50c1823e 7d276ebee0
commit 5df3467244
1077 changed files with 5438 additions and 1153 deletions
--- a/http/cnvd/2020/CNVD-2020-63964.yaml
+++ b/http/cnvd/2020/CNVD-2020-63964.yaml
@ -8,8 +8,12 @@ info:
    jshERP that can reveal sensitive information including system credentials without credentials.
  reference:
    - https://cn-sec.com/archives/1798444.html
  classification:
    cpe: cpe:2.3:a:jishenghua:jsherp:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: jishenghua
    product: jsherp
    shodan-query: http.favicon.hash:-1298131932
    fofa-query: jshERP-boot
  tags: cnvd,cnvd2020,jsherp,disclosure
@ -36,4 +40,5 @@ http:
      - type: status
        status:
          - 200
 # digest: 490a00463044022001094e317be5b989e3d7461dd099453f1237356ce28affa5ee58239edd6affa502205957345e5569e5b78bc928736bd415c0445ca550661c57cd1e27f9d66d6520a3:922c64590222798bb761d5b6d8e72950
--- a/http/cnvd/2021/CNVD-2021-14536.yaml
+++ b/http/cnvd/2021/CNVD-2021-14536.yaml
@ -11,9 +11,12 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
    cvss-score: 8.3
    cwe-id: CWE-522
    cpe: cpe:2.3:h:ruijie:rg-uac:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    fofa-query: title="RG-UAC登录页面"
    product: rg-uac
    vendor: ruijie
  tags: cnvd2021,cnvd,ruijie,disclosure
 http:
--- a/http/cnvd/2021/CNVD-2021-15822.yaml
+++ b/http/cnvd/2021/CNVD-2021-15822.yaml
@ -8,9 +8,13 @@ info:
    ShopXO is an open source enterprise-level open source e-commerce system. ShopXO has an arbitrary file reading vulnerability, which can be used by attackers to obtain sensitive information.
  reference:
    - https://mp.weixin.qq.com/s/69cDWCDoVXRhehqaHPgYog
  classification:
    cpe: cpe:2.3:a:shopxo:shopxo:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: shopxo
    product: shopxo
    shodan-query: title:"ShopXO企业级B2C电商系统提供商"
    fofa-query: app="ShopXO企业级B2C电商系统提供商"
  tags: cnvd2021,cnvd,shopxo,lfi
@ -31,4 +35,5 @@ http:
      - type: status
        status:
          - 200
 # digest: 490a0046304402206735e750a62b437583ca1e1cae33666b4c2ce3b8a8310c3d1212a98fcb018a69022066c8a339f06f76b3df20a5c624b054d356f219e1e77661921c541dc2d7ee4dc5:922c64590222798bb761d5b6d8e72950
--- a/http/cnvd/2021/CNVD-2021-28277.yaml
+++ b/http/cnvd/2021/CNVD-2021-28277.yaml
@ -12,9 +12,12 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
    cvss-score: 8.6
    cwe-id: CWE-22
    cpe: cpe:2.3:a:landray:landray_office_automation:*:*:*:*:*:*:*:*
  metadata:
    max-request: 2
    fofa-query: app="Landray OA system"
    product: landray_office_automation
    vendor: landray
  tags: cnvd,cnvd2021,landray,lfi
 http:
--- a/http/cnvd/2021/CNVD-2021-33202.yaml
+++ b/http/cnvd/2021/CNVD-2021-33202.yaml
@ -9,11 +9,16 @@ info:
  reference:
    - https://github.com/PeiQi0/PeiQi-WIKI-Book/blob/main/docs/wiki/oa/%E6%B3%9B%E5%BE%AEOA/%E6%B3%9B%E5%BE%AEOA%20E-Cology%20LoginSSO.jsp%20SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E%20CNVD-2021-33202.md
    - https://www.cnblogs.com/0day-li/p/14637680.html
  classification:
    cpe: cpe:2.3:a:weaver:e-cology:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    fofa-query: app="泛微-协同办公OA"
    product: e-cology
    vendor: weaver
  tags: cnvd2021,cnvd,e-cology,sqli
 variables:
  num: "999999999"
--- a/http/cnvd/2022/CNVD-2022-42853.yaml
+++ b/http/cnvd/2022/CNVD-2022-42853.yaml
@ -13,11 +13,14 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10
    cwe-id: CWE-89
    cpe: cpe:2.3:a:easycorp:zentao:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    shodan-query: http.title:"zentao"
    fofa-query: "Zentao"
    product: zentao
    vendor: easycorp
  tags: cnvd,cnvd2022,zentao,sqli
 variables:
  num: "999999999"
--- a/http/cnvd/2022/CNVD-2022-43245.yaml
+++ b/http/cnvd/2022/CNVD-2022-43245.yaml
@ -6,9 +6,13 @@ info:
  severity: high
  description: |
    e-office is a standard collaborative mobile office platform. Ltd. e-office has an arbitrary file reading vulnerability, which can be exploited by attackers to obtain sensitive information.
  classification:
    cpe: cpe:2.3:a:weaver:e-office:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: weaver
    product: e-office
    fofa-query: app="泛微-协同办公OA"
  tags: cnvd,cnvd2022,weaver,e-office,oa,lfi
--- a/http/cnvd/2024/CNVD-2024-15077.yaml
+++ b/http/cnvd/2024/CNVD-2024-15077.yaml
@ -9,9 +9,13 @@ info:
  reference:
    - https://github.com/wy876/POC/blob/main/AJ-Report%E5%BC%80%E6%BA%90%E6%95%B0%E6%8D%AE%E5%A4%A7%E5%B1%8F%E5%AD%98%E5%9C%A8%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E.md
    - https://github.com/vulhub/vulhub/blob/master/aj-report/CNVD-2024-15077/README.md
  classification:
    cpe: cpe:2.3:a:anji-plus:aj-report:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: anji-plus
    product: aj-report
    fofa-query: title="AJ-Report"
  tags: cnvd,cnvd2024,aj-report,rce
@ -42,4 +46,5 @@ http:
      - type: status
        status:
          - 200
 # digest: 4a0a00473045022100a0ad6d10ef5ed64fff1a44a4efb42b8c18de347907d77e68fec2a9f796030e8c022003c9c9bcfc6d56d3a3c7988f48874841753487e2ce57d91740ffbe99e3627448:922c64590222798bb761d5b6d8e72950
--- a/http/credential-stuffing/self-hosted/grafana-login-check.yaml
+++ b/http/credential-stuffing/self-hosted/grafana-login-check.yaml
@ -7,10 +7,14 @@ info:
  description: Checks for a valid login on self hosted Grafana instance.
  reference:
    - https://owasp.org/www-community/attacks/Credential_stuffing
  classification:
    cpe: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    shodan-query: title:"Grafana"
    fofa-query: title="Grafana"
    product: grafana
    vendor: grafana
  tags: self-hosted,creds-stuffing,login-check,grafana
 variables:
  username: "{{username}}"
--- a/http/cves/2021/CVE-2021-27748.yaml
+++ b/http/cves/2021/CVE-2021-27748.yaml
@ -16,10 +16,13 @@ info:
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27748
  classification:
    cve-id: CVE-2021-27748
    cpe: cpe:2.3:a:ibm:websphere:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 3
    shodan-query: http.html:"IBM WebSphere Portal"
    product: websphere
    vendor: ibm
  tags: cve2021,cve,hcl,ibm,ssrf,websphere
 flow: http(1) && http(2)
--- a/http/cves/2022/CVE-2022-29299.yaml
+++ b/http/cves/2022/CVE-2022-29299.yaml
@ -19,10 +19,13 @@ info:
    cve-id: CVE-2022-29299
    epss-score: 0.00175
    epss-percentile: 0.5456
    cpe: cpe:2.3:o:contec:solarview_compact_firmware:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    shodan-query: http.favicon.hash:-244067125
    product: solarview_compact_firmware
    vendor: contec
  tags: cve2022,cve,xss,solarview,edb
 http:
--- a/http/cves/2023/CVE-2023-1434.yaml
+++ b/http/cves/2023/CVE-2023-1434.yaml
@ -16,10 +16,13 @@ info:
  classification:
    cve-id: CVE-2023-1434
    cwe-id: CWE-79
    cpe: cpe:2.3:a:odoo:odoo:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    shodan-query: title:"Odoo"
    product: odoo
    vendor: odoo
  tags: cve2023,cve,odoo,xss
 http:
--- a/http/cves/2023/CVE-2023-24367.yaml
+++ b/http/cves/2023/CVE-2023-24367.yaml
@ -21,10 +21,13 @@ info:
    cvss-score: 6.1
    cve-id: CVE-2023-24367
    cwe-id: CWE-79
    cpe: cpe:2.3:a:temenos:t24:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    shodan-query: title:"T24 Sign in"
    product: t24
    vendor: temenos
  tags: cve,cve2023,xss,temenos
 http:
--- a/http/cves/2023/CVE-2023-32117.yaml
+++ b/http/cves/2023/CVE-2023-32117.yaml
@ -16,10 +16,13 @@ info:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
    cvss-score: 7.3
    cve-id: CVE-2023-32117
    cpe: cpe:2.3:a:softlabbd:integrate_google_drive:*:*:*:*:wordpress:*:*:*
  metadata:
    verified: true
    max-request: 1
    publicwww-query: "/wp-content/plugins/integrate-google-drive/"
    product: integrate_google_drive
    vendor: softlabbd
  tags: cve,cve2023,wordpress,wpscan,wp-plugin,wp,integrate-google-drive
 http:
--- a/http/cves/2023/CVE-2023-34020.yaml
+++ b/http/cves/2023/CVE-2023-34020.yaml
@ -17,10 +17,13 @@ info:
    cwe-id: CWE-601
    epss-score: 0.00076
    epss-percentile: 0.32361
    cpe: cpe:2.3:a:uncannyowl:uncanny_toolkit_for_learndash:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    publicwww-query: "/wp-content/plugins/uncanny-learndash-toolkit/"
    product: uncanny_toolkit_for_learndash
    vendor: uncannyowl
  tags: cve2023,cve,wordpress,uncanny-learndash-toolkit,wpscan,redirect
 http:
--- a/http/cves/2023/CVE-2023-42344.yaml
+++ b/http/cves/2023/CVE-2023-42344.yaml
@ -10,9 +10,13 @@ info:
  reference:
    - https://blog.qualys.com/product-tech/2023/12/08/opencms-unauthenticated-xxe-vulnerability-cve-2023-42344
    - https://labs.watchtowr.com/xxe-you-can-depend-on-me-opencms/
  classification:
    cpe: cpe:2.3:a:alkacon:opencms:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 2
    vendor: alkacon
    product: opencms
    fofa-query: "OpenCms-9.5.3"
  tags: cve,cve2023,xxe,opencms
@ -21,13 +25,15 @@ http:
    path:
      - "{{BaseURL}}/opencms/cmisatom/cmis-online/query"
      - "{{BaseURL}}/cmisatom/cmis-online/query"
    headers:
      Content-Type: "application/xml;charset=UTF-8"
      Referer: "{{RootURL}}"
    body: |
      <?xml version='1.0' encoding='UTF-8'?><!DOCTYPE root [<!ENTITY test SYSTEM 'file:///etc/passwd'>]><cmis:query xmlns:cmis="<http://docs.oasis-open.org/ns/cmis/core/200908/>"><cmis:statement>&test;</cmis:statement><cmis:searchAllVersions>false</cmis:searchAllVersions><cmis:includeAllowableActions>false</cmis:includeAllowableActions><cmis:includeRelationships>none</cmis:includeRelationships><cmis:renditionFilter>cmis:none</cmis:renditionFilter><cmis:maxItems>100</cmis:maxItems><cmis:skipCount>0</cmis:skipCount></cmis:query>
    stop-at-first-match: true
    matchers-condition: and
    matchers:
      - type: regex
@ -36,4 +42,5 @@ http:
          - "root:.*:0:0:"
          - "invalidArgument"
        condition: and
 # digest: 4b0a00483046022100f7dbfd49302b6ff73e5301cdb82e1fea60540cdbacb1e9a04069885d75bbc145022100c7ec2bc827d6116bdc018f12ea636664f6d8688600854967a7d4cc2734c100d4:922c64590222798bb761d5b6d8e72950
--- a/http/cves/2023/CVE-2023-47115.yaml
+++ b/http/cves/2023/CVE-2023-47115.yaml
@ -21,10 +21,13 @@ info:
    cvss-score: 7.1
    cve-id: CVE-2023-47115
    cwe-id: CWE-79
    cpe: cpe:2.3:a:humansignal:label_studio:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 6
    shodan-query: http.favicon.hash:-1649949475
    product: label_studio
    vendor: humansignal
  tags: cve,cve2023,xss,authenticated,intrusive,label-studio
 http:
--- a/http/cves/2023/CVE-2023-47218.yaml
+++ b/http/cves/2023/CVE-2023-47218.yaml
@ -19,10 +19,13 @@ info:
    cwe-id: CWE-77
    epss-score: 0.00305
    epss-percentile: 0.69699
    cpe: cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 2
    shodan-query: ssl.cert.issuer.cn:"QNAP NAS",title:"QNAP Turbo NAS"
    product: qts
    vendor: qnap
  tags: cve,cve2023,qnap,qts,quts,rce,intrusive
 variables:
  file: '{{rand_base(6)}}'
--- a/http/cves/2023/CVE-2023-48777.yaml
+++ b/http/cves/2023/CVE-2023-48777.yaml
@ -17,11 +17,14 @@ info:
    cwe-id: CWE-434
    epss-score: 0.00054
    epss-percentile: 0.21518
    cpe: cpe:2.3:a:elementor:website_builder:*:*:*:*:wordpress:*:*:*
  metadata:
    verified: true
    max-request: 4
    framework: wordpress
    publicwww-query: "/wp-content/plugins/elementor/"
    product: website_builder
    vendor: elementor
  tags: cve,cve2023,elementor,file-upload,intrusive,rce,wpscan,wordpress,wp-plugin,authenticated
 variables:
  filename: "{{rand_base(6)}}"
--- a/http/cves/2024/CVE-2024-1071.yaml
+++ b/http/cves/2024/CVE-2024-1071.yaml
@ -20,6 +20,7 @@ info:
    cwe-id: CWE-89
    epss-score: 0.00063
    epss-percentile: 0.26569
    cpe: cpe:2.3:a:ultimatemember:ultimate_member:*:*:*:*:wordpress:*:*:*
  metadata:
    verified: true
    max-request: 2
@ -27,6 +28,8 @@ info:
    fofa-query: body="/wp-content/plugins/ultimate-member"
    publicwww-query: "/wp-content/plugins/ultimate-member/"
    zoomeye-query: app:"WordPress Ultimate Member Plugin"
    product: ultimate_member
    vendor: ultimatemember
  tags: cve,cve2024,ultimate-member,wpscan,wordpress,wp-plugin,sqli
 http:
--- a/http/cves/2024/CVE-2024-1183.yaml
+++ b/http/cves/2024/CVE-2024-1183.yaml
@ -16,10 +16,13 @@ info:
    cwe-id: CWE-601
    epss-score: 0.00076
    epss-percentile: 0.32361
    cpe: cpe:2.3:a:gradio_project:gradio:*:*:*:*:python:*:*:*
  metadata:
    verified: true
    max-request: 1
    shodan-query: html:"__gradio_mode__"
    product: gradio
    vendor: gradio_project
  tags: cve,cve2024,ssrf,oast,gradio
 http:
--- a/http/cves/2024/CVE-2024-1380.yaml
+++ b/http/cves/2024/CVE-2024-1380.yaml
@ -17,10 +17,13 @@ info:
    cve-id: CVE-2024-1380
    epss-score: 0.00043
    epss-percentile: 0.0866
    cpe: cpe:2.3:a:relevanssi:relevanssi:*:*:*:*:wordpress:*:*:*
  metadata:
    verified: true
    max-request: 1
    fofa-query: "/wp-content/plugins/relevanssi/"
    product: relevanssi
    vendor: relevanssi
  tags: cve,cve2024,wp,wordpress,wp-plugin,relevanssi,exposure
 http:
--- a/http/cves/2024/CVE-2024-1561.yaml
+++ b/http/cves/2024/CVE-2024-1561.yaml
@ -24,10 +24,13 @@ info:
    cwe-id: CWE-29
    epss-score: 0.00087
    epss-percentile: 0.36659
    cpe: cpe:2.3:a:gradio_project:gradio:*:*:*:*:python:*:*:*
  metadata:
    verified: true
    max-request: 2
    shodan-query: html:"__gradio_mode__"
    product: gradio
    vendor: gradio_project
  tags: cve,cve2024,intrusive,unauth,gradio,lfi,lfr
 http:
--- a/http/cves/2024/CVE-2024-1698.yaml
+++ b/http/cves/2024/CVE-2024-1698.yaml
@ -18,10 +18,13 @@ info:
    cve-id: CVE-2024-1698
    epss-score: 0.00045
    epss-percentile: 0.12615
    cpe: cpe:2.3:a:wpdeveloper:notificationx:*:*:*:*:wordpress:*:*:*
  metadata:
    verified: true
    max-request: 1
    fofa-query: body="/wp-content/plugins/notificationx"
    product: notificationx
    vendor: wpdeveloper
  tags: cve,cve2024,wpscan,wordpress,wp-plugin,notificationx,sqli
 http:
--- a/http/cves/2024/CVE-2024-20767.yaml
+++ b/http/cves/2024/CVE-2024-20767.yaml
@ -19,10 +19,13 @@ info:
    cwe-id: CWE-284
    epss-score: 0.08221
    epss-percentile: 0.94345
    cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 2
    shodan-query: http.component:"Adobe ColdFusion"
    product: coldfusion
    vendor: adobe
  tags: cve,cve2024,adobe,coldfusion,lfr
 http:
--- a/http/cves/2024/CVE-2024-21683.yaml
+++ b/http/cves/2024/CVE-2024-21683.yaml
@ -19,10 +19,13 @@ info:
    cwe-id: CWE-78
    epss-score: 0.00043
    epss-percentile: 0.0866
    cpe: cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 3
    fofa-query: "app=\"ATLASSIAN-Confluence\""
    product: confluence_data_center
    vendor: atlassian
  tags: cve,cve2024,atlassian,confluence,rce,authenticated,intrusive
 variables:
  username: "{{username}}"
--- a/http/cves/2024/CVE-2024-23163.yaml
+++ b/http/cves/2024/CVE-2024-23163.yaml
@ -16,12 +16,14 @@ info:
    cvss-score: 9.8
    cve-id: CVE-2024-23163
    cwe-id: CWE-287
    cpe: cpe:2.3:a:gestsup:gestsup:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: gestsup
    fofa-query: title="GestSup"
    shodan-query: http.favicon.hash:-283003760
    product: gestsup
  tags: cve,cve2024,account-takeover,gestsup
 variables:
--- a/http/cves/2024/CVE-2024-24809.yaml
+++ b/http/cves/2024/CVE-2024-24809.yaml
@ -17,10 +17,13 @@ info:
    cwe-id: CWE-27
    epss-score: 0.00043
    epss-percentile: 0.09551
    cpe: cpe:2.3:a:traccar:traccar:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    shodan-query: html:"Traccar"
    product: traccar
    vendor: traccar
  tags: cve,cve2024,traccar,rce,intrusive,file-upload
 variables:
--- a/http/cves/2024/CVE-2024-27199.yaml
+++ b/http/cves/2024/CVE-2024-27199.yaml
@ -13,10 +13,13 @@ info:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
    cvss-score: 7.3
    cwe-id: CWE-23
    cpe: cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 3
    shodan-query: http.component:"TeamCity"
    product: teamcity
    vendor: jetbrains
  tags: cve,cve2024,teamcity,jetbrains,auth-bypass
 http:
--- a/http/cves/2024/CVE-2024-27564.yaml
+++ b/http/cves/2024/CVE-2024-27564.yaml
@ -9,9 +9,13 @@ info:
  reference:
    - https://github.com/dirk1983/chatgpt/issues/114
    - https://nvd.nist.gov/vuln/detail/CVE-2024-27564
  classification:
    cpe: cpe:2.3:a:chanzhaoyu:chatgpt_web:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 2
    vendor: chanzhaoyu
    product: chatgpt_web
    fofa-query: "title=\"ChatGPT个人专用版\""
  tags: cve,cve2024,chatgpt,ssrf,oast,oos,lfi
@ -38,4 +42,5 @@ http:
          - contains(header, "image/jpeg")
          - status_code == 200
        condition: and
 # digest: 490a0046304402205ae8c7b8e367577b1052683aa4b48d038bc2308c7299d24c0f6530b33b0ac9af022058dcc4c45ed777943b6e87ac9605afbd095f2bad41f6963d208ad6f85e702375:922c64590222798bb761d5b6d8e72950
--- a/http/cves/2024/CVE-2024-29269.yaml
+++ b/http/cves/2024/CVE-2024-29269.yaml
@ -18,9 +18,12 @@ info:
    cve-id: CVE-2024-29269
    epss-score: 0.00054
    epss-percentile: 0.21518
    cpe: cpe:2.3:h:telesquare:tlr-2005ksh:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    shodan-query: title:"Login to TLR-2005KSH"
    product: tlr-2005ksh
    vendor: telesquare
  tags: cve,cve2024,telesquare,tlr,rce
 http:
--- a/http/cves/2024/CVE-2024-29868.yaml
+++ b/http/cves/2024/CVE-2024-29868.yaml
@ -18,10 +18,13 @@ info:
  classification:
    cve-id: CVE-2024-29868
    cwe-id: CWE-338
    cpe: cpe:2.3:a:apache:streampipes:*:*:*:*:*:*:*:*
  metadata:
    max-request: 2
    shodan-query: http.title:"apache streampipes"
    fofa-query: title="apache streampipes"
    product: streampipes
    vendor: apache
  tags: cve,cve2024,apache,streampipes,account-takeover
 flow: http(1) && http(2)
--- a/http/cves/2024/CVE-2024-3136.yaml
+++ b/http/cves/2024/CVE-2024-3136.yaml
@ -21,10 +21,13 @@ info:
    cve-id: CVE-2024-3136
    epss-score: 0.00065
    epss-percentile: 0.28259
    cpe: cpe:2.3:a:stylemixthemes:masterstudy_lms:*:*:*:*:wordpress:*:*:*
  metadata:
    verified: true
    max-request: 2
    publicwww-query: "/wp-content/plugins/masterstudy-lms-learning-management-system"
    product: masterstudy_lms
    vendor: stylemixthemes
  tags: cve,cve2024,wp,wordpress,unauth,lfi
 variables:
  randomstr: "{{randstr_1}}"
--- a/http/cves/2024/CVE-2024-31850.yaml
+++ b/http/cves/2024/CVE-2024-31850.yaml
@ -17,10 +17,13 @@ info:
    cwe-id: CWE-22
    epss-score: 0.00053
    epss-percentile: 0.21091
    cpe: cpe:2.3:a:cdata:arc:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 2
    shodan-query: "title:\"CData Arc\""
    product: arc
    vendor: cdata
  tags: cve,cve2024,cdata,lfi
 flow: http(1) && http(2)
--- a/http/cves/2024/CVE-2024-32113.yaml
+++ b/http/cves/2024/CVE-2024-32113.yaml
@ -19,10 +19,13 @@ info:
    cve-id: CVE-2024-32113
    epss-score: 0.00115
    epss-percentile: 0.45112
    cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    fofa-query: app="Apache_OFBiz"
    product: ofbiz
    vendor: apache
  tags: cve,cve2024,apache,obiz,rce
 http:
--- a/http/cves/2024/CVE-2024-32399.yaml
+++ b/http/cves/2024/CVE-2024-32399.yaml
@ -15,10 +15,13 @@ info:
  classification:
    epss-score: 0.00053
    epss-percentile: 0.21091
    cpe: cpe:2.3:a:raidenmaild:raidenmaild:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    shodan-query: html:"RaidenMAILD"
    product: raidenmaild
    vendor: raidenmaild
  tags: cve,cve2024,lfi,raiden,mail,server
 http:
--- a/http/cves/2024/CVE-2024-32709.yaml
+++ b/http/cves/2024/CVE-2024-32709.yaml
@ -18,10 +18,13 @@ info:
    cwe-id: CWE-89
    epss-score: 0.00043
    epss-percentile: 0.0866
    cpe: cpe:2.3:a:plechevandrey:wp-recall:*:*:*:*:wordpress:*:*:*
  metadata:
    verified: true
    max-request: 1
    publicwww-query: "/wp-content/plugins/wp-recall/"
    product: wp-recall
    vendor: plechevandrey
  tags: cve,cve2024,wp-plugin,wp-recall,wordpress,wp,sqli
 variables:
--- a/http/cves/2024/CVE-2024-3274.yaml
+++ b/http/cves/2024/CVE-2024-3274.yaml
@ -17,10 +17,13 @@ info:
    cwe-id: CWE-200
    epss-score: 0.00045
    epss-percentile: 0.15047
    cpe: cpe:2.3:h:dlink:dns-320l:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    fofa-query: body="Text:In order to access the ShareCenter"
    product: dns-320l
    vendor: dlink
  tags: cve,cve2024,dlink,exposure
 http:
--- a/http/cves/2024/CVE-2024-33113.yaml
+++ b/http/cves/2024/CVE-2024-33113.yaml
@ -12,10 +12,13 @@ info:
  classification:
    epss-score: 0.00043
    epss-percentile: 0.0866
    cpe: cpe:2.3:h:dlink:dir-845l:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    shodan-query: "DIR-845L"
    product: dir-845l
    vendor: dlink
  tags: cve,cve2024,dlink,info-leak
 http:
--- a/http/cves/2024/CVE-2024-33288.yaml
+++ b/http/cves/2024/CVE-2024-33288.yaml
@ -9,9 +9,13 @@ info:
  reference:
    - https://en.0day.today/exploit/39610
    - https://www.sourcecodester.com/sql/17287/prison-management-system.html
  classification:
    cpe: cpe:2.3:a:prison_management_system_project:prison_management_system:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 2
    vendor: prison_management_system_project
    product: prison_management_system
    shodan-query: title:"Prison Management System"
  tags: cve,cve2024,cms,sqli
@ -23,7 +27,6 @@ http:
        Content-Type: application/x-www-form-urlencoded
        txtusername=admin%27+or+%271%27+%3D%271&txtpassword={{randstr}}&btnlogin=
      - |
        GET /Admin/index.php HTTP/1.1
        Host: {{Hostname}}
@ -40,4 +43,5 @@ http:
      - type: status
        status:
          - 200
 # digest: 4b0a00483046022100859ec311a5b87c8613179df918539075c5fd10a9d17a0273f0970d74ab5ea0e90221008c39c278e0ce4d1b08af7daa3356e7901998adf7c17a2919323d4a935efff082:922c64590222798bb761d5b6d8e72950
--- a/http/cves/2024/CVE-2024-33605.yaml
+++ b/http/cves/2024/CVE-2024-33605.yaml
@ -17,10 +17,13 @@ info:
    cvss-score: 7.5
    cve-id: CVE-2024-33605
    cwe-id: CWE-22
    cpe: cpe:2.3:o:sharp:mx-3550v_firmware:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    shodan-query: "Set-Cookie: MFPSESSIONID="
    product: mx-3550v_firmware
    vendor: sharp
  tags: cve,cve2024,sharp,printer,traversal
 http:
--- a/http/cves/2024/CVE-2024-34102.yaml
+++ b/http/cves/2024/CVE-2024-34102.yaml
@ -14,10 +14,13 @@ info:
    cvss-score: 9.8
    cve-id: CVE-2024-34102
    cwe-id: CWE-611
    cpe: cpe:2.3:a:adobe:magento:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    fofa-query: app="Adobe-Magento"
    product: magento
    vendor: adobe
  tags: cve,cve2024,adobe,magento,xxe
 http:
--- a/http/cves/2024/CVE-2024-34982.yaml
+++ b/http/cves/2024/CVE-2024-34982.yaml
@ -10,14 +10,16 @@ info:
    - https://github.com/n2ryx/CVE/blob/main/Lylme_pagev1.9.5.md
    - https://github.com/tanjiti/sec_profile
    - https://github.com/ATonysan/poc-exp/blob/main/60NavigationPage_CVE-2024-34982_ArbitraryFileUploads.py
  classification:
    cpe: cpe:2.3:a:lylme:lylme_spage:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: lylme
    product: lylme_spage
    fofa-query: icon_hash="-282504889"
  tags: cve,cve2024,lylme-spage,rce,intrusive
 flow: http(1) && http(2)
 variables:
  string: "{{randstr}}"
  filename: "{{to_lower(rand_text_alpha(5))}}"
@ -69,4 +71,5 @@ http:
          - 'contains(body, "{{string}}" )'
          - 'contains(header, "text/html")'
        condition: and
 # digest: 4a0a004730450220440784f1e1d309bfb1eee99fbcaf02afe7bfa185b48f07233df0f14cac9e9d9b0221009072b53098bb58d0d3efd14db1a3fc5f7b0b4593a0426fa060db0c42edd6f029:922c64590222798bb761d5b6d8e72950
--- a/http/cves/2024/CVE-2024-3552.yaml
+++ b/http/cves/2024/CVE-2024-3552.yaml
@ -10,16 +10,18 @@ info:
  reference:
    - https://vulners.com/wpvulndb/CVE-2024-3552
    - https://wpscan.com/vulnerability/34b03ee4-de81-4fec-9f3d-e1bd5b94d136/
  classification:
    cpe: cpe:2.3:a:salephpscripts:web_directory_free:*:*:*:*:wordpress:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: salephpscripts
    product: web_directory_free
    publicwww-query: "/wp-content/plugins/web-directory-free"
  tags: cve,cve2024,wordpress,wp-plugin,wpscan,wp,web-directory-free
 flow: http(1) && http(2)
 http:
  - raw:
      - |
        GET / HTTP/1.1
@ -47,4 +49,5 @@ http:
          - 'status_code == 200'
          - regex('^\[\]$', body)
        condition: and
 # digest: 4a0a0047304502205f1531596b6325ac2d986cd6245136e53aa97e8a3978b6a394bffeb78042691602210093b20af969ed64d70d37d6bcea2a4ea4e185ec3d9814c49ec0e4ed34262d6ba6:922c64590222798bb761d5b6d8e72950
--- a/http/cves/2024/CVE-2024-36104.yaml
+++ b/http/cves/2024/CVE-2024-36104.yaml
@ -19,10 +19,13 @@ info:
    cwe-id: CWE-22
    epss-score: 0.00045
    epss-percentile: 0.16306
    cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    fofa-query: app="Apache_OFBiz"
    product: ofbiz
    vendor: apache
  tags: cve,cve2024,apache,obiz,lfi
 http:
--- a/http/cves/2024/CVE-2024-36837.yaml
+++ b/http/cves/2024/CVE-2024-36837.yaml
@ -9,12 +9,15 @@ info:
  reference:
    - https://github.com/phtcloud-dev/CVE-2024-36837
    - https://nvd.nist.gov/vuln/detail/CVE-2024-36837
  classification:
    cpe: cpe:2.3:a:crmeb:crmeb:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: crmeb
    product: crmeb
    fofa-query: title="CRMEB"
  tags: cve,cve2024,crmeb,sqli
 variables:
  num: "{{rand_int(9000000, 9999999)}}"
@ -40,4 +43,5 @@ http:
      - type: status
        status:
          - 200
 # digest: 490a0046304402203044d17d81b224dafab0f052edc09852ae126401a2350dcbed817e3a8d32b6840220266a399dff53e7dd81a0eeea14d4f29ab5039fee825cd84700698d76b30c8e7f:922c64590222798bb761d5b6d8e72950
--- a/http/cves/2024/CVE-2024-37032.yaml
+++ b/http/cves/2024/CVE-2024-37032.yaml
@ -10,9 +10,13 @@ info:
    - https://www.wiz.io/blog/probllama-ollama-vulnerability-cve-2024-37032
    - https://nvd.nist.gov/vuln/detail/CVE-2024-37032
    - https://github.com/Bi0x/CVE-2024-37032
  classification:
    cpe: cpe:2.3:a:ollama:ollama:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: ollama
    product: ollama
    shodan-query: ollama
  tags: cve,cve2024,ollama,rce
@ -24,7 +28,6 @@ http:
        Content-Type: application/json
        {"name": "http://{{interactsh-url}}/rogue/{{randstr}}", "insecure": true}
      - |
        POST /api/push HTTP/1.1
        Host: {{Hostname}}
@ -38,4 +41,5 @@ http:
          - contains(interactsh_protocol, 'http')
          - contains_all(header, 'application/x-ndjson') && contains(body_2, 'retrieving manifest')
        condition: and
 # digest: 4a0a00473045022100a5fa33a756b90484a6e38030d236f0441e68f5e0568a583ecbce5ccc179ec12e022067ed5562eb8a263a887821208641b1c7337d73b10359302495c184e4d1145db2:922c64590222798bb761d5b6d8e72950
--- a/http/cves/2024/CVE-2024-37152.yaml
+++ b/http/cves/2024/CVE-2024-37152.yaml
@ -9,9 +9,13 @@ info:
  reference:
    - https://github.com/argoproj/argo-cd/security/advisories/GHSA-87p9-x75h-p4j2
    - https://nvd.nist.gov/vuln/detail/CVE-2024-37152
  classification:
    cpe: cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: argoproj
    product: argo_cd
    shodan-query: html:"Argo CD"
  tags: cve,cve2024,argo-cd,info-leak
@ -38,4 +42,5 @@ http:
      - type: status
        status:
          - 200
 # digest: 4b0a00483046022100ff51e4d4de0176d7b75272c7382661952fa7f28124b1a6113d2d52675ba7d7ca022100dc729bfc997db746bf206fe0a1ae9ef36b3af92ebad27d690c90a41b636944aa:922c64590222798bb761d5b6d8e72950
--- a/http/cves/2024/CVE-2024-38288.yaml
+++ b/http/cves/2024/CVE-2024-38288.yaml
@ -12,10 +12,13 @@ info:
  classification:
    epss-score: 0.00043
    epss-percentile: 0.09357
    cpe: cpe:2.3:a:rhubcom:turbomeeting:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 2
    shodan-query: html:"TurboMeeting"
    product: turbomeeting
    vendor: rhubcom
  tags: cve,cve2024,rce,turbomeeting,authenticated
 variables:
--- a/http/cves/2024/CVE-2024-38289.yaml
+++ b/http/cves/2024/CVE-2024-38289.yaml
@ -8,9 +8,13 @@ info:
    A Boolean-based SQL injection vulnerability in the "RHUB TurboMeeting" web application. This vulnerability could allow an attacker to execute arbitrary SQL commands on the database server, potentially allowing them to access sensitive data or compromise the server.
  reference:
    - https://github.com/google/security-research/security/advisories/GHSA-vx5j-8pgx-v42v
  classification:
    cpe: cpe:2.3:a:rhubcom:turbomeeting:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 2
    vendor: rhubcom
    product: turbomeeting
    shodan-query: html:"TurboMeeting"
  tags: cve,cve2024,sqli,turbomeeting
@ -22,7 +26,6 @@ http:
        Content-Type: application/x-www-form-urlencoded
        meeting_id=1'/**/OR/**/1=1/**/UNION/**/select/**/password/**/from/**/employee/**/where/**/email='admin'/**/AND/**/substr(password,2,1)='b'/**
      - |
        POST /as/wapi/vmp HTTP/1.1
        Host: {{Hostname}}
@ -41,4 +44,5 @@ http:
        part: body_2
        words:
          - '<__Status__>FAILED</__Status__>'
 # digest: 490a0046304402200529dc5c8778e012e9cbb7ffa30d733dc1c0587b432825bef1f5231c3e8986c30220102ab38598176c7395f39eb02a1ab74dc442f237b847feb8dc497b297446afa6:922c64590222798bb761d5b6d8e72950
--- a/http/cves/2024/CVE-2024-38856.yaml
+++ b/http/cves/2024/CVE-2024-38856.yaml
@ -15,10 +15,13 @@ info:
  classification:
    epss-score: 0.00045
    epss-percentile: 0.16306
    cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    fofa-query: app="Apache_OFBiz"
    product: ofbiz
    vendor: apache
  tags: cve,cve2024,ofbiz,apache,rce,kev
 http:
--- a/http/cves/2024/CVE-2024-3922.yaml
+++ b/http/cves/2024/CVE-2024-3922.yaml
@ -13,12 +13,15 @@ info:
  reference:
    - https://dokan.co/docs/wordpress/changelog/
    - https://nvd.nist.gov/vuln/detail/CVE-2024-3922
  classification:
    cpe: cpe:2.3:a:wedevs:dokan:*:*:*:*:wordpress:*:*:*
  metadata:
    verified: true
    max-request: 2
    vendor: wedevs
    product: dokan
    publicwww-query: "/wp-content/plugins/dokan-pro/"
  tags: cve,cve2024,dokan,wp-plugin,wordpress,wp,dokan-pro,sqli
 flow: http(1) && http(2)
 http:
@ -47,4 +50,5 @@ http:
          - 'duration>=6'
          - 'status_code == 302'
        condition: and
 # digest: 4a0a00473045022100dddd0ec4841ea543e8407a98030b788b48c7c9ed9dd3effa76716f9339223b8a022076cb03daa28b52dab09d0014ed45363b0db7d14951be1ec39218c42cc49ee34f:922c64590222798bb761d5b6d8e72950
--- a/http/cves/2024/CVE-2024-39907.yaml
+++ b/http/cves/2024/CVE-2024-39907.yaml
@ -15,10 +15,13 @@ info:
    cwe-id: CWE-89
    epss-score: 0.00043
    epss-percentile: 0.09387
    cpe: cpe:2.3:a:fit2cloud:1panel:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 2
    fofa-query: icon_hash="1300107149" || icon_hash="1453309674" || cert.issuer.cn="1Panel Intermediate CA"
    product: 1panel
    vendor: fit2cloud
  tags: cve,cve2024,sqli,1panel,authenticated
 variables:
--- a/http/cves/2024/CVE-2024-41107.yaml
+++ b/http/cves/2024/CVE-2024-41107.yaml
@ -15,10 +15,13 @@ info:
  classification:
    epss-score: 0.00046
    epss-percentile: 0.16798
    cpe: cpe:2.3:a:apache:cloudstack:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    fofa-query: app="APACHE-CloudStack"
    product: cloudstack
    vendor: apache
  tags: cve,cve2024,apache,cloudstack,auth-bypass
 variables:
--- a/http/cves/2024/CVE-2024-43425.yaml
+++ b/http/cves/2024/CVE-2024-43425.yaml
@ -14,10 +14,13 @@ info:
  classification:
    cvss-score: 9.8
    cve-id: CVE-2024-43425
    cpe: cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    shodan-query: title:"Moodle"
    product: moodle
    vendor: moodle
  tags: cve,cve2024,moodile,rce,authenticated
 flow: http(1) && http(2) && http(3) && http(4) && http(5) && http(6)
--- a/http/cves/2024/CVE-2024-4348.yaml
+++ b/http/cves/2024/CVE-2024-4348.yaml
@ -19,10 +19,13 @@ info:
    cwe-id: CWE-79
    epss-score: 0.00065
    epss-percentile: 0.28259
    cpe: cpe:2.3:a:oscommerce:oscommerce:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 2
    shodan-query: html:"osCommerce"
    product: oscommerce
    vendor: oscommerce
  tags: packetstorm,xss,rxss,oscommerce,cve2024,cve
 http:
--- a/http/cves/2024/CVE-2024-4358.yaml
+++ b/http/cves/2024/CVE-2024-4358.yaml
@ -12,10 +12,14 @@ info:
    - https://summoning.team/blog/progress-report-server-rce-cve-2024-4358-cve-2024-1800/
    - https://github.com/sinsinology/CVE-2024-4358
    - https://docs.telerik.com/report-server/knowledge-base/registration-auth-bypass-cve-2024-4358
  classification:
    cpe: cpe:2.3:a:progress:telerik_report_server:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 2
    shodan-query: title:"Log in | Telerik Report Server"
    product: telerik_report_server
    vendor: progress
  tags: cve,cve2024,telerik,progress,auth-bypass,instrusive
 variables:
  user: "{{rand_base(6)}}"
--- a/http/cves/2024/CVE-2024-4434.yaml
+++ b/http/cves/2024/CVE-2024-4434.yaml
@ -17,10 +17,13 @@ info:
    cve-id: CVE-2024-4434
    epss-score: 0.00063
    epss-percentile: 0.2659
    cpe: cpe:2.3:a:thimpress:learnpress:*:*:*:*:wordpress:*:*:*
  metadata:
    verified: true
    max-request: 2
    publicwww-query: "/wp-content/plugins/learnpress"
    product: learnpress
    vendor: thimpress
  tags: cve,cve2024,wp,wp-plugin,wordpress,sqli,learnpress
 variables:
--- a/http/cves/2024/CVE-2024-4443.yaml
+++ b/http/cves/2024/CVE-2024-4443.yaml
@ -21,10 +21,13 @@ info:
    cve-id: CVE-2024-4443
    epss-score: 0.00063
    epss-percentile: 0.27036
    cpe: cpe:2.3:a:businessdirectoryplugin:business_directory:*:*:*:*:wordpress:*:*:*
  metadata:
    verified: true
    max-request: 1
    publicwww-query: "/wp-content/plugins/business-directory-plugin/"
    product: business_directory
    vendor: businessdirectoryplugin
  tags: cve,cve2024,sqli,business-directory,wordpress,wp-plugin
 http:
--- a/http/cves/2024/CVE-2024-4885.yaml
+++ b/http/cves/2024/CVE-2024-4885.yaml
@ -20,10 +20,13 @@ info:
    cwe-id: CWE-22
    epss-score: 0.00066
    epss-percentile: 0.29461
    cpe: cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    shodan-query: html:"WhatsUp Gold"
    product: whatsup_gold
    vendor: progress
  tags: cve,cve2024,rce,progress,whatsup,lfi
 http:
--- a/http/cves/2024/CVE-2024-5315.yaml
+++ b/http/cves/2024/CVE-2024-5315.yaml
@ -18,10 +18,13 @@ info:
    cwe-id: CWE-89
    epss-score: 0.00043
    epss-percentile: 0.09367
    cpe: cpe:2.3:a:dolibarr:dolibarr_erp\\/crm:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    shodan-query: http.title:"Dolibarr"
    product: dolibarr_erp\\/crm
    vendor: dolibarr
  tags: cve,cve2024,dolibarr,erp,sqli,authenticated
 variables:
--- a/http/cves/2024/CVE-2024-5522.yaml
+++ b/http/cves/2024/CVE-2024-5522.yaml
@ -16,10 +16,13 @@ info:
    cve-id: CVE-2024-5522
    epss-score: 0.04
    epss-percentile: 9
    cpe: cpe:2.3:a:bplugins:html5_video_player:*:*:*:*:wordpress:*:*:*
  metadata:
    verified: true
    max-request: 1
    publicwww-query: "/wp-content/plugins/html5-video-player"
    product: html5_video_player
    vendor: bplugins
  tags: wpscan,cve,cve2024,wordpress,wp-plugin,wp,sqli,html5-video-player
 variables:
--- a/http/cves/2024/CVE-2024-6028.yaml
+++ b/http/cves/2024/CVE-2024-6028.yaml
@ -15,10 +15,13 @@ info:
    cvss-score: 9.8
    cve-id: CVE-2024-6028
    cwe-id: CWE-89
    cpe: cpe:2.3:a:ays-pro:quiz_maker:*:*:*:*:wordpress:*:*:*
  metadata:
    verified: true
    max-request: 1
    publicwww-query: "/wp-content/plugins/quiz-maker/"
    product: quiz_maker
    vendor: ays-pro
  tags: cve,cve2024,wordpress,wp,wp-plugin,quiz-maker,sqli
 http:
--- a/http/cves/2024/CVE-2024-6396.yaml
+++ b/http/cves/2024/CVE-2024-6396.yaml
@ -11,10 +11,13 @@ info:
    cvss-score: 9.8
    cve-id: CVE-2024-6396
    cwe-id: CWE-29
    cpe: cpe:2.3:a:aimstack:aim:*:*:*:*:*:*:*:*
  metadata:
    max-request: 3
    verified: true
    fofa-query: icon_hash="-1047157256"
    product: aim
    vendor: aimstack
  tags: cve,cve2024,aim,aimhubio,file-write
 variables:
--- a/http/cves/2024/CVE-2024-6646.yaml
+++ b/http/cves/2024/CVE-2024-6646.yaml
@ -19,8 +19,11 @@ info:
    cwe-id: CWE-200
    epss-score: 0.00045
    epss-percentile: 0.16001
    cpe: cpe:2.3:h:netgear:wn604:*:*:*:*:*:*:*:*
  metadata:
    fofa-query: title=="Netgear"
    product: wn604
    vendor: netgear
  tags: cve,cve2024,netgear
 http:
--- a/http/cves/2024/CVE-2024-6670.yaml
+++ b/http/cves/2024/CVE-2024-6670.yaml
@ -17,10 +17,13 @@ info:
    cwe-id: CWE-89
    epss-score: 0.00043
    epss-percentile: 0.09569
    cpe: cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 4
    shodan-query: title:"WhatsUp Gold" http.favicon.hash:-2107233094
    product: whatsup_gold
    vendor: progress
  tags: cve,cve2024,whatsup-gold,auth-bypass,sqli,intrusive
 flow: |
--- a/http/cves/2024/CVE-2024-6781.yaml
+++ b/http/cves/2024/CVE-2024-6781.yaml
@ -8,10 +8,14 @@ info:
    Arbitrary file read via Calibre’s content server in Calibre <= 7.14.0.
  reference:
    - https://starlabs.sg/advisories/24/24-6781/
  classification:
    cpe: cpe:2.3:a:calibre-ebook:calibre:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    vendor: calibre-ebook
    product: calibre
    shodan-query: html:"Calibre"
    fofa-query: "Server: calibre"
    verified: true
    max-requeset: 1
  tags: cve,cve2024,calibre,lfi
@ -53,4 +57,5 @@ http:
      - type: status
        status:
          - 200
 # digest: 490a0046304402202ca6fce004009bb7f0650dea15c513da500a417c0c88ac7b0e5e45f237a4e7db022076d6e09297483225abdcab453844dd78e248409367b78b3e4b02e80034988c3d:922c64590222798bb761d5b6d8e72950
--- a/http/cves/2024/CVE-2024-6782.yaml
+++ b/http/cves/2024/CVE-2024-6782.yaml
@ -8,8 +8,12 @@ info:
    Unauthenticated remote code execution via Calibre’s content server in Calibre <= 7.14.0.
  reference:
    - https://starlabs.sg/advisories/24/24-6781/
  classification:
    cpe: cpe:2.3:a:calibre-ebook:calibre:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    vendor: calibre-ebook
    product: calibre
    shodan-query: html:"Calibre"
    fofa-query: "Server: calibre"
    max-requeset: 1
@ -59,4 +63,5 @@ http:
      - type: status
        status:
          - 200
 # digest: 4b0a00483046022100ab0c6eb74bbcbd25752d1cb038e1250aae3a1ca7939f89b55c54300ce331fb7f022100e4d96a62a8a103243f43549987b0cbd496172100fa325a425975b072d0482332:922c64590222798bb761d5b6d8e72950
--- a/http/cves/2024/CVE-2024-6922.yaml
+++ b/http/cves/2024/CVE-2024-6922.yaml
@ -12,13 +12,18 @@ info:
    - https://www.automationanywhere.com/products/automation-360
    - https://www.rapid7.com/blog/post/2024/07/26/cve-2024-6922-automation-anywhere-automation-360-server-side-request-forgery/
    - https://nvd.nist.gov/vuln/detail/CVE-2024-6922
  classification:
    cpe: cpe:2.3:a:automationanywhere:automation_360:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    shodan-query: http.favicon.hash:-1005691603
    fofa-query: icon_hash="-1005691603"
    product: automation_360
    vendor: automationanywhere
  tags: cve,cve2024,ssrf,oast,automation,anywhere
 http:
  - raw:
      - |
--- a/http/default-logins/abb/cs141-default-login.yaml
+++ b/http/default-logins/abb/cs141-default-login.yaml
@ -9,9 +9,12 @@ info:
    - https://www.generex.de/media/pages/packages/documents/manuals/f65348d5b6-1628841637/manual_CS141_en.pdf
  classification:
    cwe-id: CWE-798
    cpe: cpe:2.3:h:generex:cs141:*:*:*:*:*:*:*:*
  metadata:
    max-request: 3
    shodan-query: http.html:"CS141"
    product: cs141
    vendor: generex
  tags: hiawatha,iot,default-login
 http:
--- a/http/default-logins/aem/aem-default-login.yaml
+++ b/http/default-logins/aem/aem-default-login.yaml
@ -11,9 +11,12 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
    cvss-score: 8.3
    cwe-id: CWE-522
    cpe: cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*
  metadata:
    max-request: 8
    shodan-query: http.component:"Adobe Experience Manager"
    product: experience_manager
    vendor: adobe
  tags: aem,default-login,adobe
 http:
--- a/http/default-logins/aem/aem-felix-console.yaml
+++ b/http/default-logins/aem/aem-felix-console.yaml
@ -12,11 +12,14 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
    cvss-score: 8.3
    cwe-id: CWE-522
    cpe: cpe:2.3:a:adobe:experience_manager_cloud_service:*:*:*:*:*:*:*:*
  metadata:
    max-request: 2
    shodan-query:
      - http.title:"AEM Sign In"
      - http.component:"Adobe Experience Manager"
    product: experience_manager_cloud_service
    vendor: adobe
  tags: default-login,misconfig,aem,adobe
 http:
--- a/http/default-logins/apache/apache-apollo-default-login.yaml
+++ b/http/default-logins/apache/apache-apollo-default-login.yaml
@ -4,12 +4,15 @@ info:
  name: Apache Apollo - Default Login
  author: ritikchaddha
  severity: high
  classification:
    cpe: cpe:2.3:a:apache:activemq_apollo:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: apache
    product: activemq_apollo
    shodan-query: title:"Apache Apollo"
  tags: apache,apollo,default-login,misconfig
 variables:
  username: 'admin'
  password: 'admin'
@ -22,7 +25,6 @@ http:
        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
        username={{username}}&password={{password}}
      - |
        GET /console/index.html HTTP/1.1
        Host: {{Hostname}}
@ -45,4 +47,5 @@ http:
      - type: status
        status:
          - 200
 # digest: 490a004630440220316d56568350165547ed1cb488565e14ecae67a775aea47af5d671124b563a5b022040877ad8cc3beae83a8717a9b7d014c5216d3b5acabd097d97d2cdeea26ee151:922c64590222798bb761d5b6d8e72950
--- a/http/default-logins/apache/cloudstack-default-login.yaml
+++ b/http/default-logins/apache/cloudstack-default-login.yaml
@ -6,9 +6,13 @@ info:
  severity: high
  description: |
    CloudStack instance discovered using weak default credentials, allows the attacker to gain admin privilege.
  classification:
    cpe: cpe:2.3:a:apache:cloudstack:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: apache
    product: cloudstack
    shodan-query: http.title:"Apache CloudStack"
  tags: default-login,apache,cloudstack
@ -23,13 +27,11 @@ http:
        command=login&username={{username}}&password={{password}}&domain=%2F&response=json
    attack: pitchfork
    payloads:
      username:
        - admin
      password:
        - password
    host-redirects: true
    matchers:
      - type: dsl
@ -38,4 +40,5 @@ http:
          - "contains(content_type, 'application/json')"
          - "contains_all(body, 'sessionkey','domainid','userid')"
        condition: and
 # digest: 4a0a00473045022100e14781f645e94e9addfd689f626c0fd7410a4c6abab76c419506a12a7e77b3c702203e536f8fc02f29d3744e77e3403890bbb63998656b7582421280bb32f31466a9:922c64590222798bb761d5b6d8e72950
--- a/http/default-logins/apache/dolphinscheduler-default-login.yaml
+++ b/http/default-logins/apache/dolphinscheduler-default-login.yaml
@ -11,9 +11,12 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
    cvss-score: 8.3
    cwe-id: CWE-522
    cpe: cpe:2.3:a:apache:dolphinscheduler:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    shodan-query: http.title:"DolphinScheduler"
    product: dolphinscheduler
    vendor: apache
  tags: apache,dolphinscheduler,default-login,oss
 http:
--- a/http/default-logins/apache/karaf-default-login.yaml
+++ b/http/default-logins/apache/karaf-default-login.yaml
@ -11,10 +11,13 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
    cvss-score: 8.3
    cwe-id: CWE-522
    cpe: cpe:2.3:a:apache:karaf:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    shodan-query: realm="karaf"
    product: karaf
    vendor: apache
  tags: default-login,apache,karaf
 http:
--- a/http/default-logins/apache/kylin-default-login.yaml
+++ b/http/default-logins/apache/kylin-default-login.yaml
@ -9,9 +9,13 @@ info:
  reference:
    - https://github.com/hanc00l/pocGoby2Xray/blob/main/xraypoc/Apache_Kylin_Console_Default_password.yml
    - https://github.com/Wker666/Demo/blob/main/script/%E6%BC%8F%E6%B4%9E%E6%8E%A2%E6%B5%8B/Kylin/Apache%20Kylin%20Console%20%E6%8E%A7%E5%88%B6%E5%8F%B0%E5%BC%B1%E5%8F%A3%E4%BB%A4.wker
  classification:
    cpe: cpe:2.3:a:apache:kylin:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 6
    vendor: apache
    product: kylin
    fofa-query: app="APACHE-kylin"
  tags: kylin,default-login,apache
--- a/http/default-logins/apache/ranger-default-login.yaml
+++ b/http/default-logins/apache/ranger-default-login.yaml
@ -11,9 +11,12 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
    cvss-score: 8.3
    cwe-id: CWE-522
    cpe: cpe:2.3:a:apache:ranger:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    shodan-query: http.title:"Ranger - Sign In"
    product: ranger
    vendor: apache
  tags: apache,ranger,default-login
 http:
--- a/http/default-logins/apache/tomcat-default-login.yaml
+++ b/http/default-logins/apache/tomcat-default-login.yaml
@ -8,8 +8,12 @@ info:
  reference:
    - https://www.rapid7.com/db/vulnerabilities/apache-tomcat-default-ovwebusr-password/
    - https://github.com/danielmiessler/SecLists/blob/master/Passwords/Default-Credentials/tomcat-betterdefaultpasslist.txt
  classification:
    cpe: cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
  metadata:
    max-request: 405
    vendor: apache
    product: tomcat
    shodan-query: title:"Apache Tomcat"
  tags: tomcat,apache,default-login
--- a/http/default-logins/apollo/apollo-default-login.yaml
+++ b/http/default-logins/apollo/apollo-default-login.yaml
@ -11,9 +11,12 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
    cvss-score: 8.3
    cwe-id: CWE-522
    cpe: cpe:2.3:a:ctrip:apollo:*:*:*:*:*:*:*:*
  metadata:
    max-request: 2
    shodan-query: http.favicon.hash:11794165
    product: apollo
    vendor: ctrip
  tags: apollo,default-login
 http:
--- a/http/default-logins/asus/asus-rtn16-default-login.yaml
+++ b/http/default-logins/asus/asus-rtn16-default-login.yaml
@ -6,9 +6,13 @@ info:
  severity: high
  description: |
    ASUS RT-N16 contains a default login vulnerability. Default admin login password 'admin' was found.
  classification:
    cpe: cpe:2.3:h:asus:rt-n16:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: asus
    product: rt-n16
    shodan-query: "RT-N16"
  tags: default-login,asus,rt-n16
@ -40,4 +44,5 @@ http:
      - type: status
        status:
          - 200
 # digest: 4a0a0047304502200b8798bc6edb6d74920650e18ac885759f155e31874f0c2ae1ab825e5f9ab621022100ea2e7c324d3921ccc0dcb7436c5e57ae3aec0e3396d4c5cf1f7a010f6e688192:922c64590222798bb761d5b6d8e72950
--- a/http/default-logins/azkaban/azkaban-default-login.yaml
+++ b/http/default-logins/azkaban/azkaban-default-login.yaml
@ -7,9 +7,12 @@ info:
  description: Azkaban is a batch workflow job scheduler created at LinkedIn to run Hadoop jobs.  Default web client credentials were discovered.
  classification:
    cwe-id: CWE-798
    cpe: cpe:2.3:a:azkaban_project:azkaban:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    shodan-query: http.title:"Azkaban Web Client"
    product: azkaban
    vendor: azkaban_project
  tags: default-login,azkaban
 http:
--- a/http/default-logins/barco-clickshare-default-login.yaml
+++ b/http/default-logins/barco-clickshare-default-login.yaml
@ -6,8 +6,12 @@ info:
  severity: high
  description: |
    Barco ClickShare contains a default login vulnerability. Default login password 'admin' was found.
  classification:
    cpe: cpe:2.3:o:barco:clickshare_cs-100_huddle_firmware:*:*:*:*:*:*:*:*
  metadata:
    max-request: 3
    vendor: barco
    product: clickshare_cs-100_huddle_firmware
    shodan-query: "ClickShareSession"
  tags: default-login,barco,clickshare
@ -16,14 +20,12 @@ http:
      - |
        GET /login HTTP/1.1
        Host: {{Hostname}}
      - |
        POST /login/log_me_in HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded
        csrf_protection_token={{token}}&username={{username}}&password={{password}}&eula_accepted=true
      - |
        GET /configuration_wizard HTTP/1.1
        Host: {{Hostname}}
@ -34,7 +36,6 @@ http:
        - admin
      password:
        - admin
    matchers:
      - type: dsl
        dsl:
@ -51,4 +52,5 @@ http:
        regex:
          - '="csrf_protection_token" value="([0-9a-z]+)" \/>'
        internal: true
 # digest: 490a004630440220110d1053dd5b584c6b956c2a7dd5cab571c2d140f37443d9e2c36d2897de6278022019c145b0a677c04a818d1cf14b7150105adb9ad64809c40f071a61232af232ef:922c64590222798bb761d5b6d8e72950
--- a/http/default-logins/batflat/batflat-default-login.yaml
+++ b/http/default-logins/batflat/batflat-default-login.yaml
@ -9,9 +9,13 @@ info:
  reference:
    - https://www.exploitalert.com/view-details.html?id=34749
    - https://cxsecurity.com/issue/WLB-2020010100
  classification:
    cpe: cpe:2.3:a:batflat:batflat:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: batflat
    product: batflat
    google-query: intext:"Powered by Batflat."
  tags: default-login,batflat
--- a/http/default-logins/bloofoxcms-default-login.yaml
+++ b/http/default-logins/bloofoxcms-default-login.yaml
@ -9,9 +9,13 @@ info:
  reference:
    - https://www.bloofox.com/automated_setup.113.html
    - https://www.bloofox.com
  classification:
    cpe: cpe:2.3:a:bloofox:bloofoxcms:*:*:*:*:*:*:*:*
  metadata:
    verified: "true"
    max-request: 1
    vendor: bloofox
    product: bloofoxcms
    fofa-query: "Powered by bloofoxCMS"
  tags: bloofox,cms,default-login
--- a/http/default-logins/cobbler/hue-default-credential.yaml
+++ b/http/default-logins/cobbler/hue-default-credential.yaml
@ -11,9 +11,12 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
    cvss-score: 8.3
    cwe-id: CWE-522
    cpe: cpe:2.3:a:cloudera:hue:*:*:*:*:*:*:*:*
  metadata:
    max-request: 8
    shodan-query: title:"Hue - Welcome to Hue"
    product: hue
    vendor: cloudera
  tags: hue,default-login,oss,cloudera
 http:
--- a/http/default-logins/couchdb/couchdb-default-login.yaml
+++ b/http/default-logins/couchdb/couchdb-default-login.yaml
@ -10,10 +10,13 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
    cvss-score: 8.3
    cwe-id: CWE-522
    cpe: cpe:2.3:a:apache:couchdb:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 16
    fofa-query: app="APACHE-CouchDB"
    product: couchdb
    vendor: apache
  tags: default-login,couchdb,misconfig
 http:
--- a/http/default-logins/crushftp/crushftp-anonymous-login.yaml
+++ b/http/default-logins/crushftp/crushftp-anonymous-login.yaml
@ -6,9 +6,13 @@ info:
  severity: high
  description: |
    CrushFTP Anonymous login credentials were discovered.
  classification:
    cpe: cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 2
    vendor: crushftp
    product: crushftp
    shodan-query: html:"CrushFTP"
  tags: default-logins,anonymous,crushftp,default-login
@ -17,8 +21,6 @@ http:
      - |
        GET /WebInterface/ HTTP/1.1
        Host: {{Hostname}}
      - |
        POST /WebInterface/function/ HTTP/1.1
        Host: {{Hostname}}
@ -38,7 +40,6 @@ http:
        words:
          - "text/xml"
    extractors:
      - type: regex
        name: auth
@ -47,4 +48,5 @@ http:
        group: 1
        regex:
          - 'currentAuth=([0-9a-zA-Z]+)'
 # digest: 4a0a0047304502200c5a041237930d9a2d13bbdd1937389e71363cf051dc4e6811eaa132f7484060022100b71429de7b114bd8165650fc5ef949e6ab6138c5dd79e57fb16c60fa32c18ada:922c64590222798bb761d5b6d8e72950
--- a/http/default-logins/crushftp/crushftp-default-login.yaml
+++ b/http/default-logins/crushftp/crushftp-default-login.yaml
@ -6,9 +6,13 @@ info:
  severity: high
  description: |
    CrushFTP default login credentials were discovered.
  classification:
    cpe: cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 2
    vendor: crushftp
    product: crushftp
    shodan-query: html:"CrushFTP"
  tags: default-login,crushftp
@ -17,8 +21,6 @@ http:
      - |
        GET /WebInterface/ HTTP/1.1
        Host: {{Hostname}}
      - |
        POST /WebInterface/function/ HTTP/1.1
        Host: {{Hostname}}
@ -27,15 +29,14 @@ http:
        command=login&username={{username}}&password={{password}}&encoded=true&language=en&random=0.34712915617878926
    attack: pitchfork
    payloads:
      username:
        - crushadmin
      password:
        - crushadmin
    stop-at-first-match: true
    matchers-condition: and
    matchers:
      - type: word
@ -56,4 +57,5 @@ http:
        group: 1
        regex:
          - 'currentAuth=([0-9a-zA-Z]+)'
 # digest: 4a0a0047304502206cda74422b8792aa62859df68d922613d4db22ba6e374a674cc2896bb813426f0221008cd32f2eb5cdc98370da14ba0f39a260c3868ac8bd6bbc336c08d41f3122b9a4:922c64590222798bb761d5b6d8e72950
--- a/http/default-logins/dataease/dataease-default-login.yaml
+++ b/http/default-logins/dataease/dataease-default-login.yaml
@ -9,9 +9,13 @@ info:
    As a result, many Dataease can log in with this built-in account.
  reference:
    - https://github.com/dataease/dataease/issues/5995
  classification:
    cpe: cpe:2.3:a:dataease_project:dataease:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: dataease_project
    product: dataease
    shodan-query: html:"Dataease"
  tags: default-login,dataease
@ -42,4 +46,5 @@ http:
      - type: status
        status:
          - 200
 # digest: 4a0a00473045022100f845a84ad7189dffccd1afea970ebb8f5e601b044da1562e014ab66c8f70e3a9022066c79ccdd3db85aae25fffd20633c098d785a2769347ea37c120f0fb36b1fc0e:922c64590222798bb761d5b6d8e72950
--- a/http/default-logins/datahub/datahub-metadata-default-login.yaml
+++ b/http/default-logins/datahub/datahub-metadata-default-login.yaml
@ -11,10 +11,13 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
    cvss-score: 8.3
    cwe-id: CWE-522
    cpe: cpe:2.3:a:datahub_project:datahub:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    shodan-query: http.title:"DataHub"
    product: datahub
    vendor: datahub_project
  tags: datahub,default-login
 http:
--- a/http/default-logins/dataiku/dataiku-default-login.yaml
+++ b/http/default-logins/dataiku/dataiku-default-login.yaml
@ -11,10 +11,13 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
    cvss-score: 8.3
    cwe-id: CWE-522
    cpe: cpe:2.3:a:dataiku:data_science_studio:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    shodan-query: title:"dataiku"
    product: data_science_studio
    vendor: dataiku
  tags: default-login,dataiku
 http:
--- a/http/default-logins/elasticsearch/elasticsearch-default-login.yaml
+++ b/http/default-logins/elasticsearch/elasticsearch-default-login.yaml
@ -9,9 +9,13 @@ info:
  reference:
    - https://www.alibabacloud.com/blog/what-is-the-default-username-and-password-for-elasticsearch_599610
    - https://www.elastic.co/guide/en/elasticsearch/reference/current/built-in-users.html
  classification:
    cpe: cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: elastic
    product: elasticsearch
    shodan-query: http.title:"Elastic" || http.favicon.hash:1328449667
  tags: default-login,elasticsearch
--- a/http/default-logins/esafenet-cdg-default-login.yaml
+++ b/http/default-logins/esafenet-cdg-default-login.yaml
@ -6,9 +6,13 @@ info:
  severity: high
  description: |
    Esafenet electronic document security management system default  credentials were discovered.
  classification:
    cpe: cpe:2.3:a:esafenet:cdg:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 32
    vendor: esafenet
    product: cdg
    fofa-query: esafenet
  tags: esafenet,cdg,default-login
--- a/http/default-logins/eurotel/etl3100-default-login.yaml
+++ b/http/default-logins/eurotel/etl3100-default-login.yaml
@ -9,9 +9,13 @@ info:
  reference:
    - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5782.php
    - https://www.exploit-db.com/exploits/51684
  classification:
    cpe: cpe:2.3:h:eurotel:etl3100:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 2
    vendor: eurotel
    product: etl3100
    shodan-query: html:"ETL3100"
    fofa-query: body="ETL3100"
  tags: misconfig,default-login,eurotel
--- a/http/default-logins/feiyuxing/feiyuxing-default-login.yaml
+++ b/http/default-logins/feiyuxing/feiyuxing-default-login.yaml
@ -8,9 +8,13 @@ info:
    Attackers can log in through admin:admin, check the system status, and configure the device.
  reference:
    - https://github.com/wushigudan/poc/blob/main/%E9%A3%9E%E9%B1%BC%E6%98%9F%E9%BB%98%E8%AE%A4%E5%AF%86%E7%A0%81.py
  classification:
    cpe: cpe:2.3:h:feiyuxing:vec40g:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: feiyuxing
    product: vec40g
    fofa-query: title="飞鱼星企业级智能上网行为管理系统"
  tags: feiyuxing,default-login,iot
--- a/http/default-logins/franklin-fueling-default-login.yaml
+++ b/http/default-logins/franklin-fueling-default-login.yaml
@ -8,9 +8,13 @@ info:
    A default password vulnerability refers to a security flaw that arises when a system or device is shipped or set up with a pre-configured, default password that is commonly known or easily guessable.
  reference:
    - https://www.exploitalert.com/view-details.html?id=39466
  classification:
    cpe: cpe:2.3:o:franklinfueling:ts-550_evo_firmware:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: franklinfueling
    product: ts-550_evo_firmware
    google-query: inurl:"relay_status.html"
  tags: default-login,franklin
--- a/http/default-logins/fuji-xerox/fuji-xerox-default-login.yaml
+++ b/http/default-logins/fuji-xerox/fuji-xerox-default-login.yaml
@ -8,10 +8,13 @@ info:
    This template checks for the default credentials (username: 11111, password: x-admin) on Fuji Xerox ApeosPort series printers. If the credentials are valid, the response will have a 200 HTTP status code. Tested on a Fuji Xerox ApeosPort-V C2275 T2.
  reference:
    - https://4it.com.au/kb/article/fuji-xerox-default-password/
  classification:
    cpe: cpe:2.3:h:fujixerox:apeosport-v_c3375:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    verified: true
-    vendor: fuji-xerox
+    max-request: 1
    vendor: fujixerox
    product: apeosport-v_c3375
    fofa-query: '"prop.htm" && "docucentre"'
  tags: default-login,fuji,fuji-xerox,printer
@ -36,4 +39,5 @@ http:
      - type: status
        status:
          - 200
 # digest: 4a0a00473045022021dddab097e239a58636b5c6b839cb7e8e8217298f30238bc710a0d23916c515022100a53010047899140f9321c168495bd9117f6b5989d5a0c51d773d10034cfac106:922c64590222798bb761d5b6d8e72950
--- a/http/default-logins/geoserver/geoserver-default-login.yaml
+++ b/http/default-logins/geoserver/geoserver-default-login.yaml
@ -11,10 +11,13 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
    cvss-score: 8.3
    cwe-id: CWE-522
    cpe: cpe:2.3:a:geoserver:geoserver:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 2
    fofa-query: app="GeoServer"
    product: geoserver
    vendor: geoserver
  tags: geoserver,default-login
 http:
--- a/http/default-logins/gitblit/gitblit-default-login.yaml
+++ b/http/default-logins/gitblit/gitblit-default-login.yaml
@ -8,9 +8,13 @@ info:
    Gitblit Default login credentials were discovered.
  reference:
    - https://www.gitblit.com/administration.html
  classification:
    cpe: cpe:2.3:a:gitblit:gitblit:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    verified: true
    max-request: 1
    vendor: gitblit
    product: gitblit
    shodan-query: title:"Gitblit"
  tags: gitblit,default-login
@ -46,4 +50,5 @@ http:
      - type: dsl
        dsl:
          - "len(body) == 0"
 # digest: 4a0a004730450220691d3ee89f1594b342246ca8ab8be803b73a21e02aba3351ad7b37b30b3f6212022100cc37beb5ccfc7c249f775ab36ff557cd283ed426c4481be17cf0ac8c03dd6307:922c64590222798bb761d5b6d8e72950
--- a/Show More
+++ b/Show More