Dashboard Content Enhancements (#4927)

Dashboard Content Enhancements

exposed-panels/qnap/qnap-qts-panel.yaml

@@ -1,16 +1,20 @@
 id: qnap-qts-panel
 
 info:
-  name: QNAP QTS Panel
+  name: QNAP - QTS Panel Discovery
   author: idealphase
   severity: info
   description: |
-    Simple, Secure, Scalable & Reliable, Based on Linux, QTS 4 is designed to deliver high-performance applications and services fulfilling your needs in file sharing, storage management, backup, virtual environments, multimedia, surveillance and more.
+    QNAP QTS Panel was discovered.
   reference:
-    - https://www.qnap.com/en/qts4/con_show.php?op=showone&cid=1
+    - https://www.qnap.com/en?ref=header_logo
   metadata:
     verified: true
     shodan-query: product:"QNAP"
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
   tags: panel,qnap,qts
 
 requests:
@@ -28,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27

exposures/configs/git-config-nginxoffbyslash.yaml

@@ -1,13 +1,18 @@
 id: git-config-nginxoffbyslash
 
 info:
-  name: Nginx off-by-slash exposes Git config
+  name: Nginx - Git Configuration Exposure
   author: organiccrap
   severity: medium
-  description: Nginx off-by-slash vulnerability exposes Git configuration.
+  description: Nginx is vulnerable to git configuration exposure.
   reference:
+    - https://beaglesecurity.com/blog/vulnerability/nginx-off-by-slash-exposes-git-config.html
     - https://twitter.com/Random_Robbie/status/1262676628167110656
     - https://github.com/PortSwigger/nginx-alias-traversal/blob/master/off-by-slash.py
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 5.3
+    cwe-id: CWE-200
   tags: config,exposure,nginx
 
 requests:
@@ -29,3 +34,5 @@ requests:
       - type: word
         words:
           - '[core]'
+
+# Enhanced by mp on 2022/07/26

vulnerabilities/other/elFinder-path-traversal.yaml

@@ -1,16 +1,20 @@
 id: elFinder-path-traversal
 
 info:
-  name: elFinder - Path Traversal
+  name: elFinder  <=2.1.12 - Local File Inclusion
   author: ritikchaddha
   severity: high
   description: |
-    Connector.minimal.php in std42 elFinder through 2.1.12 is affected by path traversal. This allows unauthenticated remote attackers to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths.
+    elFinder through 2.1.12 is vulnerable to local file inclusion via Connector.minimal.php in std42. This allows unauthenticated remote attackers to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths.
   reference:
     - https://www.synacktiv.com/publications/elfinder-the-story-of-a-repwning.html
   metadata:
     verified: true
     shodan-query: title:"elfinder"
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: lfi,elfinder
 
 requests:
@@ -29,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/26

vulnerabilities/other/ewebs-arbitrary-file-reading.yaml

@@ -1,12 +1,16 @@
 id: ewebs-arbitrary-file-reading
 
 info:
-  name: EWEBS casmain.xgi arbitrary file reading vulnerability
+  name: EWEBS - Local File Inclusion
   author: pikpikcu
   severity: high
-  description: A vulnerability in EWEBS's 'casmain.xgi' endpoint allows remote attackers to disclose the content of locally stored files via the 'Language_S' parameter.
+  description: EWEBS is vulnerable to local file inclusion and allows remote attackers to disclose the content of locally stored files via the 'Language_S' parameter supplied to the 'casmain.xgi' endpoint.
   reference:
     - http://wiki.peiqi.tech/PeiQi_Wiki/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/%E6%9E%81%E9%80%9AEWEBS/%E6%9E%81%E9%80%9AEWEBS%20casmain.xgi%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: ewebs,lfi
 
 requests:
@@ -30,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27

vulnerabilities/other/feifeicms-lfr.yaml

@@ -1,12 +1,17 @@
 id: feifeicms-lfr
 
 info:
-  name: FeiFeiCms Local File Read
+  name: FeiFeiCms - Local File Inclusion
   author: princechaddha
   severity: high
+  description: FeiFeiCms is vulnerable to local file inclusion.
   reference:
     - https://www.cnblogs.com/jinqi520/p/10202615.html
     - https://gitee.com/daicuo/feifeicms
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: feifeicms,lfi
 
 requests:
@@ -28,3 +33,5 @@ requests:
           - "db_host"
         condition: and
         part: body
+
+# Enhanced by mp on 2022/07/27

vulnerabilities/other/finereport-path-traversal.yaml

@@ -1,11 +1,16 @@
 id: finereport-path-traversal
 
 info:
-  name: FineReport 8.0 Path Traversal
+  name: FineReport 8.0 - Local File Inclusion
   author: pikpikcu
   severity: medium
+  description: FIneReport  8.0 is vulnerable to local file inclusion.
   reference:
     - http://foreversong.cn/archives/1378
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: finereport,lfi
 
 requests:
@@ -26,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27

vulnerabilities/other/flir-path-traversal.yaml

@@ -1,11 +1,16 @@
 id: flir-path-traversal
 
 info:
-  name: Flir Path Traversal
+  name: Flir - Local File Inclusion
   author: pikpikcu
   severity: high
+  description: Flir is vulnerable to local file inclusion.
   reference:
     - https://juejin.cn/post/6961370156484263972
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: flir,lfi
 
 requests:
@@ -24,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27

vulnerabilities/other/geovision-geowebserver-lfi.yaml

@@ -1,12 +1,16 @@
 id: geowebserver-lfi
 
 info:
-  name: GeoVision Geowebserver 5.3.3 - LFI
+  name: GeoVision Geowebserver 5.3.3 - Local File Inclusion
   author: madrobot
   severity: high
-  description: A vulnerability in GeoVision Geowebserver allows remote unauthenticated attackers to disclose the content of locally stored files.
+  description: GeoVision Geowebserver 5.3.3 allows remote unauthenticated attackers to disclose the content of locally stored files via local file inclusion.
   reference:
     - https://packetstormsecurity.com/files/163860/geovisiongws533-lfixssxsrfexec.txt
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: geowebserver,lfi
 
 requests:
@@ -29,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27

vulnerabilities/other/geovision-geowebserver-xss.yaml

@@ -1,12 +1,16 @@
 id: geowebserver-xss
 
 info:
-  name: GeoVision Geowebserver 5.3.3 - XSS
+  name: GeoVision Geowebserver 5.3.3 - Cross-Site Scripting
   author: madrobot
   severity: medium
-  description: GEOVISION GEOWEBSERVER =< 5.3.3 are vulnerable to several XSS / HTML Injection / Local File Include / XML Injection / Code execution vectors. The application fails to properly sanitize user requests.
+  description: GeoVision Geowebserver 5.3.3 and prior versions are vulnerable to several cross-site scripting / HTML injection / local file inclusion / XML injection / code execution vectors because the application fails to properly sanitize user requests.
   reference:
     - https://packetstormsecurity.com/files/163860/geovisiongws533-lfixssxsrfexec.txt
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: geowebserver,xss
 
 requests:
@@ -32,3 +36,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/07/27

vulnerabilities/other/global-domains-lfi.yaml

@@ -1,12 +1,17 @@
 id: global-domains-lfi
 
 info:
-  name: Global Domains International Directory traversal Vulnerability
+  name: Global Domains International - Local File Inclusion
   author: 0x_Akoko
   severity: high
+  description: Global Domains International is vulnerable to local file inclusion.
   reference:
     - https://cxsecurity.com/issue/WLB-2018020247
     - http://www.nic.ws
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: globaldomains,lfi,traversal
 
 requests:
@@ -23,3 +28,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27

vulnerabilities/other/goip-1-lfi.yaml

@@ -4,12 +4,15 @@ info:
   name: GoIP-1 GSM - Local File Inclusion
   author: gy741
   severity: high
-  description: Input passed thru the 'content' or 'sidebar' GET parameter in 'frame.html' or 'frame.A100.html' not properly sanitized before being used to read files. This can be exploited by an unauthenticated attacker
-    to read arbitrary files on the affected system.
+  description: GoIP-1 GSM is vulnerable to local file inclusion because input passed thru the 'content' or 'sidebar' GET parameter in 'frame.html' or 'frame.A100.html' is not properly sanitized before being used to read files. This can be exploited by an unauthenticated attacker to read arbitrary files on the affected system.
   reference:
     - https://shufflingbytes.com/posts/hacking-goip-gsm-gateway/
     - http://www.hybertone.com/uploadfile/download/20140304125509964.pdf
     - http://en.dbltek.com/latestfirmwares.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: gsm,goip,lfi,iot
 
 requests:
@@ -22,3 +25,5 @@ requests:
       - type: regex
         regex:
           - "root:.*:0:0:"
+
+# Enhanced by mp on 2022/07/27

vulnerabilities/other/groupoffice-lfi.yaml

@@ -1,12 +1,17 @@
 id: groupoffice-lfi
 
 info:
-  name: Groupoffice 3.4.21 Directory Traversal Vulnerability
+  name: Groupoffice 3.4.21 - Local File Inclusion
   author: 0x_Akoko
   severity: high
+  description: Groupoffice 3.4.21 is vulnerable to local file inclusion.
   reference:
     - https://cxsecurity.com/issue/WLB-2018020249
     - http://www.group-office.com
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: groupoffice,lfi,traversal
 
 requests:
@@ -24,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27

vulnerabilities/other/gsoap-lfi.yaml

@@ -1,11 +1,16 @@
 id: gsoap-lfi
 
 info:
-  name: gSOAP 2.8 - Directory Traversal
+  name: gSOAP 2.8 - Local File Inclusion
   author: 0x_Akoko
+  description: gSOAP 2.8 is vulnerable to local file inclusion.
   severity: high
   reference:
     - https://www.exploit-db.com/exploits/47653
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: gsoap,lfi
 
 requests:
@@ -27,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27

vulnerabilities/other/hanming-lfr.yaml

@@ -1,11 +1,16 @@
 id: hanming-lfr
 
 info:
-  name: Hanming Video Conferencing File Read
+  name: Hanming Video Conferencing - Local File Inclusion
   author: ritikchaddha
   severity: high
+  description: Hanming Video Conferencing is vulnerable to local file inclusion.
   reference:
     - https://mp.weixin.qq.com/s/F-M21PT0xn9QOuwoC8llKA
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: lfr,hanming,lfi
 
 requests:
@@ -28,3 +33,5 @@ requests:
       - type: regex
         regex:
           - "root:[x*]:0:0:"
+
+# Enhanced by mp on 2022/07/27

vulnerabilities/other/hjtcloud-arbitrary-file-read.yaml

@@ -1,11 +1,16 @@
 id: hjtcloud-arbitrary-file-read
 
 info:
-  name: HJTcloud Arbitrary File Read
+  name: HJTcloud - Local File Inclusion
   author: pikpikcu
   severity: high
+  description: HJTcloud is vulnerable to local file inclusion.
   reference:
     - https://mp.weixin.qq.com/s/w2pkj5ADN7b5uxe-wmfGbw
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: hjtcloud,lfi
 
 requests:
@@ -38,3 +43,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27

vulnerabilities/other/laravel-filemanager-lfi.yaml

@@ -4,6 +4,7 @@ info:
   name: UniSharp Laravel File Manager 2.0.0 - Arbitrary File Read
   author: hackerarpan
   severity: high
+  description: UniSharp Larevel File Manager 2.0.0 is vulnerable to arbitrary file read.
   reference:
     - https://www.exploit-db.com/exploits/48166
     - https://github.com/UniSharp/laravel-filemanager
@@ -27,3 +28,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27

vulnerabilities/other/mcafee-epo-rce.yaml

@@ -1,19 +1,14 @@
 id: mcafee-epo-rce
 
 info:
-  name: McAfee ePolicy Orchestrator RCE
+  name: McAfee ePolicy Orchestrator - Arbitrary File Upload
   author: dwisiswant0
   severity: high
   description: |
-    A ZipSlip vulnerability in McAfee ePolicy Orchestrator (ePO)
-    is a type of Path Traversal occurring when archives are unpacked
-    if the names of the packed files are not properly sanitized.
-    An attacker can create archives with files containing "../" in their names,
-    making it possible to upload arbitrary files
-    to arbitrary directories or overwrite existing ones during archive extraction.
+    McAfee ePolicy Orchestrator (ePO) is vulnerable to a ZipSlip vulnerability which allows arbitrary file upload when archives are unpacked if the names of the packed files are not properly sanitized. An attacker can create archives with files containing "../" in their names, making it possible to upload arbitrary files to arbitrary directories or overwrite existing ones during archive extraction.
   reference:
     - https://swarm.ptsecurity.com/vulnerabilities-in-mcafee-epolicy-orchestrator/
-  tags: mcafee,rce
+  tags: mcafee,rce,
 
 requests:
   - method: GET
@@ -31,4 +26,6 @@ requests:
       - type: regex
         regex:
           - "Volume (in drive [A-Z]|Serial Number) is"
-        part: body
+        part: body
+
+# Enhanced by mp on 2022/07/27

vulnerabilities/other/metinfo-lfi.yaml

@@ -1,12 +1,16 @@
 id: metinfo-lfi
 
 info:
-  name: MetInfo 6.0.0/6.1.0 LFI
+  name: MetInfo <=6.1.0 - Local File Inclusion
   author: pikpikcu
   severity: high
-  description: A vulnerability in MetInfo allows remote unauthenticated attackers access to locally stored files and their content.
+  description: MetInfo 6.0.0 through 6.1.0 is vulnerable to local file inclusion and allows remote unauthenticated attackers access to locally stored files and their content.
   reference:
     - https://paper.seebug.org/676/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: metinfo,lfi
 
 requests:
@@ -30,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27

vulnerabilities/other/minimouse-lfi.yaml

@@ -1,12 +1,16 @@
 id: minimouse-lfi
 
 info:
-  name: Mini Mouse 9.2.0 - Path Traversal
+  name: Mini Mouse 9.2.0 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: A vulnerability in Mini Mouse allows remote unauthenticated attackers to include and disclose the content of locally stored files via the 'file' parameter.
+  description: Mini Mouse 9.2.0 is vulnerable to local file inclusion because it allows remote unauthenticated attackers to include and disclose the content of locally stored files via the 'file' parameter.
   reference:
     - https://www.exploit-db.com/exploits/49744
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: minimouse,lfi
 
 requests:
@@ -27,3 +31,5 @@ requests:
           - "extensions"
         condition: and
         part: body
+
+# Enhanced by mp on 2022/07/27

vulnerabilities/other/mpsec-lfi.yaml

@@ -1,11 +1,16 @@
 id: mpsec-lfi
 
 info:
-  name: MPSec ISG1000 Local File Read
+  name: MPSec ISG1000 - Local File Inclusion
   author: pikpikcu
   severity: high
+  description: MPSec ISG1000 is vulnerable to local file inclusion.
   reference:
     - https://twitter.com/sec715/status/1402884871173795842
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: mpsec,lfi
 
 requests:
@@ -30,4 +35,6 @@ requests:
       - type: word
         words:
           - "text/plain"
-        part: header
+        part: header
+
+# Enhanced by mp on 2022/07/27

vulnerabilities/other/myucms-lfr.yaml

@@ -1,11 +1,16 @@
 id: myucms-lfr
 
 info:
-  name: MyuCMS Local File Read
+  name: MyuCMS - Local File Inclusion
   author: princechaddha
   severity: high
+  description: MyuCMS is vulnerable to local file inclusion.
   reference:
     - https://blog.csdn.net/yalecaltech/article/details/104908257
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: myucms,lfi
 
 requests:
@@ -16,3 +21,5 @@ requests:
       - type: regex
         regex:
           - "root:.*:0:0:"
+
+# Enhanced by mp on 2022/07/27

vulnerabilities/other/natshell-path-traversal.yaml

@@ -1,11 +1,16 @@
 id: natshell-path-traversal
 
 info:
-  name: NatShell Path Traversal
+  name: NatShell - Local File Inclusion
   author: pikpikcu
   severity: high
+  description: NatShell is vulnerable to local file inclusion.
   reference:
     - https://mp.weixin.qq.com/s/g4YNI6UBqIQcKL0TRkKWlw
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   metadata:
     fofa-query: title="蓝海卓越计费管理系统"
   tags: natshell,lfi
@@ -25,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27

vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml

@@ -1,13 +1,17 @@
 id: nginx-merge-slashes-path-traversal
 
 info:
-  name: Nginx Merge Slashes Path Traversal
+  name: Nginx Server - Local File Inclusion
   author: dhiyaneshDk
   severity: medium
-  description: A vulnerability in the remote Nginx server could cause the server to merge slashslash together causing what should have protected the web site from a directory traversal vulnerability into a vulnerable server.
+  description: Nginx server is vulnerable to local file inclusion.
   reference:
     - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/nginx-merge-slashes-path-traversal.json
     - https://medium.com/appsflyer/nginx-may-be-protecting-your-applications-from-traversal-attacks-without-you-even-knowing-b08f882fd43d
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: exposure,config,lfi,nginx
 
 requests:
@@ -31,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27