Merge pull request #4630 from MostInterestingBotInTheWorld/dashboard

Content Enhancements

cves/2020/CVE-2020-22208.yaml

@@ -1,7 +1,7 @@
 id: CVE-2020-22208
 
 info:
-  name: 74cms - Sql Injection
+  name: 74cms - ajax_street.php 'x' SQL Injection
   author: ritikchaddha
   severity: critical
   description: |
@@ -30,3 +30,5 @@ requests:
         part: body
         words:
           - '{{md5("{{randstr}}")}}'
+
+# Enhanced by cs on 2022/06/21

cves/2020/CVE-2020-22209.yaml

@@ -1,7 +1,7 @@
 id: CVE-2020-22209
 
 info:
-  name: 74cms - Sql Injection
+  name: 74cms - ajax_common.php SQL Injection
   author: ritikchaddha
   severity: critical
   description: |
@@ -29,3 +29,5 @@ requests:
         part: body
         words:
           - '{{md5("{{randstr}}")}}'
+
+# Enhanced by cs on 2022/06/21

cves/2020/CVE-2020-22210.yaml

@@ -1,7 +1,7 @@
 id: CVE-2020-22210
 
 info:
-  name: 74cms - Sql Injection
+  name: 74cms - ajax_officebuilding.php SQL Injection
   author: ritikchaddha
   severity: critical
   description: |
@@ -29,3 +29,5 @@ requests:
         part: body
         words:
           - '{{md5("{{randstr}}")}}'
+
+# Enhanced by cs on 2022/06/21

cves/2020/CVE-2020-22211.yaml

@@ -1,7 +1,7 @@
 id: CVE-2020-22211
 
 info:
-  name: 74cms Sql Injection
+  name: 74cms - ajax_street.php 'key' SQL Injection
   author: ritikchaddha
   severity: critical
   description: |
@@ -29,3 +29,5 @@ requests:
         part: body
         words:
           - '{{md5("{{randstr}}")}}'
+
+# Enhanced by cs on 2022/06/21

cves/2021/CVE-2021-25085.yaml

@@ -5,7 +5,7 @@ info:
   author: Maximus Decimus
   severity: medium
   description: |
-    The plugin does not sanitise and escape the woof_redraw_elements before outputing back in an admin page, leading to a Reflected Cross-Site Scripting.
+    The WOOF WordPress plugin does not sanitize or escape the woof_redraw_elements parameter before reflecting it back in an admin page, leading to a reflected cross-site scripting.
   reference:
     - https://wpscan.com/vulnerability/b7dd81c6-6af1-4976-b928-421ca69bfa90
     - https://plugins.trac.wordpress.org/changeset/2648751
@@ -38,3 +38,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by cs 06/21/2022

cves/2022/CVE-2022-29299.yaml

@@ -4,9 +4,13 @@ info:
   name: SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting
   author: For3stCo1d
   severity: medium
+  description: |
+    SolarView Compact version 6.00 contains a cross-site scripting vulnerability in the 'time_begin' parameter to Solar_History.php.
   reference:
     - https://www.exploit-db.com/exploits/50967
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29299
+  classification:
+    cve-id: CVE-2022-29299
   metadata:
     verified: true
     shodan-query: http.favicon.hash:-244067125
@@ -34,3 +38,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by cs 06/21/2022

cves/2022/CVE-2022-29301.yaml

@@ -3,10 +3,14 @@ id: CVE-2022-29301
 info:
   name: SolarView Compact 6.00 - 'pow' Cross-Site Scripting (XSS)
   author: For3stCo1d
-  severity: medium
+  severity: high
+  description: |
+    SolarView Compact version 6.00 contains a cross-site scripting vulnerability in the 'pow' parameter to Solar_SlideSub.php.
   reference:
     - https://www.exploit-db.com/exploits/50968
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29301
+  classification:
+    cve-id: CVE-2022-29301
   metadata:
     verified: true
     shodan-query: http.favicon.hash:-244067125
@@ -34,3 +38,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by cs 06/21/2022