From 4a12276321aca4609e222f2d285f2258b3cd7621 Mon Sep 17 00:00:00 2001
From: MostInterestingBotInTheWorld
 <98333686+MostInterestingBotInTheWorld@users.noreply.github.com>
Date: Tue, 21 Jun 2022 08:55:52 -0400
Subject: [PATCH 1/6] Enhancement: cves/2020/CVE-2020-22211.yaml by cs

---
 cves/2020/CVE-2020-22211.yaml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/cves/2020/CVE-2020-22211.yaml b/cves/2020/CVE-2020-22211.yaml
index 8cf3dfea20..c37fd29313 100644
--- a/cves/2020/CVE-2020-22211.yaml
+++ b/cves/2020/CVE-2020-22211.yaml
@@ -1,7 +1,7 @@
 id: CVE-2020-22211
 
 info:
-  name: 74cms Sql Injection
+  name: 74cms - ajax_street.php SQL Injection
   author: ritikchaddha
   severity: critical
   description: |
@@ -29,3 +29,5 @@ requests:
         part: body
         words:
           - '{{md5("{{randstr}}")}}'
+
+# Enhanced by cs on 2022/06/21

From 8bb6be6e1ca907e89f9b73eb850c35baa60d438a Mon Sep 17 00:00:00 2001
From: MostInterestingBotInTheWorld
 <98333686+MostInterestingBotInTheWorld@users.noreply.github.com>
Date: Tue, 21 Jun 2022 08:56:18 -0400
Subject: [PATCH 2/6] Enhancement: cves/2020/CVE-2020-22210.yaml by cs

---
 cves/2020/CVE-2020-22210.yaml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/cves/2020/CVE-2020-22210.yaml b/cves/2020/CVE-2020-22210.yaml
index 34f4b2841d..500b2d7010 100644
--- a/cves/2020/CVE-2020-22210.yaml
+++ b/cves/2020/CVE-2020-22210.yaml
@@ -1,11 +1,11 @@
 id: CVE-2020-22210
 
 info:
-  name: 74cms - Sql Injection
+  name: 74cms - ajax_officebuilding.php SQL Injection
   author: ritikchaddha
   severity: critical
   description: |
-    A SQL injection vulnerability exists in 74cms 3.2.0 via the x parameter to ajax_officebuilding.php.
+    A SQL injection vulnerability exists in 74cms 3.2.0 in the x parameter to ajax_officebuilding.php.
   reference:
     - https://github.com/blindkey/cve_like/issues/11
     - https://nvd.nist.gov/vuln/detail/CVE-2020-22210
@@ -29,3 +29,5 @@ requests:
         part: body
         words:
           - '{{md5("{{randstr}}")}}'
+
+# Enhanced by cs on 2022/06/21

From 7f1962ceb517ffa1d2294a4cd65e0ee2bfce936a Mon Sep 17 00:00:00 2001
From: sullo <sullo@cirt.net>
Date: Tue, 21 Jun 2022 09:31:04 -0400
Subject: [PATCH 3/6] Enhancements & Cleanups

---
 cves/2020/CVE-2020-22208.yaml | 4 +++-
 cves/2020/CVE-2020-22209.yaml | 4 +++-
 cves/2020/CVE-2020-22211.yaml | 2 +-
 cves/2021/CVE-2021-25085.yaml | 6 ++++--
 cves/2022/CVE-2022-29299.yaml | 5 +++++
 cves/2022/CVE-2022-29301.yaml | 7 ++++++-
 6 files changed, 22 insertions(+), 6 deletions(-)

diff --git a/cves/2020/CVE-2020-22208.yaml b/cves/2020/CVE-2020-22208.yaml
index 526d49fe9e..16e073543d 100644
--- a/cves/2020/CVE-2020-22208.yaml
+++ b/cves/2020/CVE-2020-22208.yaml
@@ -1,7 +1,7 @@
 id: CVE-2020-22208
 
 info:
-  name: 74cms - Sql Injection
+  name: 74cms - ajax_street.php 'x' SQL Injection
   author: ritikchaddha
   severity: critical
   description: |
@@ -30,3 +30,5 @@ requests:
         part: body
         words:
           - '{{md5("{{randstr}}")}}'
+
+# Enhanced by cs on 2022/06/21
diff --git a/cves/2020/CVE-2020-22209.yaml b/cves/2020/CVE-2020-22209.yaml
index 11b10896ba..b86e468444 100644
--- a/cves/2020/CVE-2020-22209.yaml
+++ b/cves/2020/CVE-2020-22209.yaml
@@ -1,7 +1,7 @@
 id: CVE-2020-22209
 
 info:
-  name: 74cms - Sql Injection
+  name: 74cms - ajax_common.php SQL Injection
   author: ritikchaddha
   severity: critical
   description: |
@@ -29,3 +29,5 @@ requests:
         part: body
         words:
           - '{{md5("{{randstr}}")}}'
+
+# Enhanced by cs on 2022/06/21
diff --git a/cves/2020/CVE-2020-22211.yaml b/cves/2020/CVE-2020-22211.yaml
index c37fd29313..d26547ce5d 100644
--- a/cves/2020/CVE-2020-22211.yaml
+++ b/cves/2020/CVE-2020-22211.yaml
@@ -1,7 +1,7 @@
 id: CVE-2020-22211
 
 info:
-  name: 74cms - ajax_street.php SQL Injection
+  name: 74cms - ajax_street.php 'key' SQL Injection
   author: ritikchaddha
   severity: critical
   description: |
diff --git a/cves/2021/CVE-2021-25085.yaml b/cves/2021/CVE-2021-25085.yaml
index 43f0177cfb..efc744a83f 100644
--- a/cves/2021/CVE-2021-25085.yaml
+++ b/cves/2021/CVE-2021-25085.yaml
@@ -1,11 +1,11 @@
 id: CVE-2021-25085
 
 info:
-  name: WOOF WordPress plugin - Reflected Cross-Site Script
+  name: WOOF WordPress plugin - Reflected Cross-Site Scripting
   author: Maximus Decimus
   severity: medium
   description: |
-    The plugin does not sanitise and escape the woof_redraw_elements before outputing back in an admin page, leading to a Reflected Cross-Site Scripting.
+    The WOOF WordPress plugin does not sanitize or escape the woof_redraw_elements parameter before reflecting it back in an admin page, leading to a reflected cross-site scripting.
   reference:
     - https://wpscan.com/vulnerability/b7dd81c6-6af1-4976-b928-421ca69bfa90
     - https://plugins.trac.wordpress.org/changeset/2648751
@@ -38,3 +38,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by cs 06/21/2022
diff --git a/cves/2022/CVE-2022-29299.yaml b/cves/2022/CVE-2022-29299.yaml
index 1274ffd946..223ec3e268 100644
--- a/cves/2022/CVE-2022-29299.yaml
+++ b/cves/2022/CVE-2022-29299.yaml
@@ -4,9 +4,12 @@ info:
   name: SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting
   author: For3stCo1d
   severity: medium
+  description: SolarView Compact version 6.00 contains a cross-site scripting vulnerability in the 'time_begin' parameter to Solar_History.php.
   reference:
     - https://www.exploit-db.com/exploits/50967
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29299
+  classification:
+    cve-id: CVE-2022-29299
   metadata:
     verified: true
     shodan-query: http.favicon.hash:-244067125
@@ -34,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by cs 06/21/2022
diff --git a/cves/2022/CVE-2022-29301.yaml b/cves/2022/CVE-2022-29301.yaml
index a937d303de..e9f5f8ca4a 100644
--- a/cves/2022/CVE-2022-29301.yaml
+++ b/cves/2022/CVE-2022-29301.yaml
@@ -3,10 +3,13 @@ id: CVE-2022-29301
 info:
   name: SolarView Compact 6.00 - 'pow' Cross-Site Scripting (XSS)
   author: For3stCo1d
-  severity: medium
+  severity: high
+  description: SolarView Compact version 6.00 contains a cross-site scripting vulnerability in the 'pow' parameter to Solar_SlideSub.php.
   reference:
     - https://www.exploit-db.com/exploits/50968
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29301
+  classification:
+    cve-id: CVE-2022-29301
   metadata:
     verified: true
     shodan-query: http.favicon.hash:-244067125
@@ -34,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by cs 06/21/2022

From 32bab78eb68262c5cf48bf93f212ac44023450ed Mon Sep 17 00:00:00 2001
From: sullo <sullo@cirt.net>
Date: Tue, 21 Jun 2022 16:46:20 -0400
Subject: [PATCH 4/6] Langage standardization across the template set

---
 cves/2020/CVE-2020-22210.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cves/2020/CVE-2020-22210.yaml b/cves/2020/CVE-2020-22210.yaml
index 500b2d7010..a76cb1cb9b 100644
--- a/cves/2020/CVE-2020-22210.yaml
+++ b/cves/2020/CVE-2020-22210.yaml
@@ -5,7 +5,7 @@ info:
   author: ritikchaddha
   severity: critical
   description: |
-    A SQL injection vulnerability exists in 74cms 3.2.0 in the x parameter to ajax_officebuilding.php.
+    A SQL injection vulnerability exists in 74cms 3.2.0 via the x parameter to ajax_officebuilding.php.
   reference:
     - https://github.com/blindkey/cve_like/issues/11
     - https://nvd.nist.gov/vuln/detail/CVE-2020-22210

From d7dee0b76ad6a7e9a4a9069d4cde39cb767a24b6 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Wed, 22 Jun 2022 09:05:06 +0530
Subject: [PATCH 5/6] Update CVE-2022-29301.yaml

---
 cves/2022/CVE-2022-29301.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/cves/2022/CVE-2022-29301.yaml b/cves/2022/CVE-2022-29301.yaml
index e9f5f8ca4a..007fc44e22 100644
--- a/cves/2022/CVE-2022-29301.yaml
+++ b/cves/2022/CVE-2022-29301.yaml
@@ -4,7 +4,8 @@ info:
   name: SolarView Compact 6.00 - 'pow' Cross-Site Scripting (XSS)
   author: For3stCo1d
   severity: high
-  description: SolarView Compact version 6.00 contains a cross-site scripting vulnerability in the 'pow' parameter to Solar_SlideSub.php.
+  description: |
+    SolarView Compact version 6.00 contains a cross-site scripting vulnerability in the 'pow' parameter to Solar_SlideSub.php.
   reference:
     - https://www.exploit-db.com/exploits/50968
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29301

From 6c1221ad0851a951309466bb8c4bd840ac66d32e Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Wed, 22 Jun 2022 09:05:29 +0530
Subject: [PATCH 6/6] Update CVE-2022-29299.yaml

---
 cves/2022/CVE-2022-29299.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/cves/2022/CVE-2022-29299.yaml b/cves/2022/CVE-2022-29299.yaml
index 223ec3e268..61bce90a93 100644
--- a/cves/2022/CVE-2022-29299.yaml
+++ b/cves/2022/CVE-2022-29299.yaml
@@ -4,7 +4,8 @@ info:
   name: SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting
   author: For3stCo1d
   severity: medium
-  description: SolarView Compact version 6.00 contains a cross-site scripting vulnerability in the 'time_begin' parameter to Solar_History.php.
+  description: |
+    SolarView Compact version 6.00 contains a cross-site scripting vulnerability in the 'time_begin' parameter to Solar_History.php.
   reference:
     - https://www.exploit-db.com/exploits/50967
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29299