Merge pull request #39 from projectdiscovery/master

Updation
2021-04-07 22:02:20 +05:30 · 2021-04-07 22:02:20 +05:30 · 73dfbc26c4
parent d34ca6773b 314bb011a4
commit 73dfbc26c4
252 changed files with 476 additions and 219 deletions
--- a/README.md
+++ b/README.md
@ -37,13 +37,13 @@ An overview of the nuclei template directory including number of templates assoc

 | Templates        | Counts                         | Templates       | Counts                          | Templates      | Counts                       |
 | ---------------- | ------------------------------ | --------------- | ------------------------------- | -------------- | ---------------------------- |
-| cves             | 267           | vulnerabilities | 120 | exposed-panels | 117 |
-| takeovers        | 67        | exposures       | 66       | technologies   | 58   |
-| misconfiguration | 54 | workflows       | 26         | miscellaneous  | 19  |
+| cves             | 266           | vulnerabilities | 119 | exposed-panels | 117 |
+| takeovers        | 67        | exposures       | 66       | technologies   | 60   |
+| misconfiguration | 55 | workflows       | 27         | miscellaneous  | 20  |
 | default-logins   | 21 | exposed-tokens  | 9  | dns            | 8            |
 | fuzzing          | 7          | helpers         | 6         | iot            | 11            |

-**82 directories, 885 files**.
+**82 directories, 891 files**.

 </td>
 </tr>
--- a/cves/2015/CVE-2015-3306.yaml
+++ b/cves/2015/CVE-2015-3306.yaml
@ -2,7 +2,7 @@ id: CVE-2015-3306

 info:
  name: ProFTPd RCE
-  author: pd-team
+  author: pdteam
  severity: high
  reference: https://github.com/t0kx/exploit-CVE-2015-3306
  description: The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
@ -19,6 +19,7 @@ network:
      - data: "site cpto /var/www/html/{{randstr}}\r\n"
    host:
      - "{{Hostname}}:21"
+      - "{{Hostname}}"

    read-size: 1024
    matchers:
--- a/cves/2017/CVE-2017-9506.yaml
+++ b/cves/2017/CVE-2017-9506.yaml
@ -2,7 +2,7 @@ id: CVE-2017-9506

 info:
  name: Jira IconURIServlet SSRF
-  author: pd-team
+  author: pdteam
  severity: high
  description: The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 allows remote attackers to access the content of internal network resources and/or perform an XSS attack via Server Side Request Forgery (SSRF).
  tags: cve,cve2017,atlassian,jira,ssrf
--- a/cves/2018/CVE-2018-7251.yaml
+++ b/cves/2018/CVE-2018-7251.yaml
@ -2,7 +2,7 @@ id: CVE-2018-7251

 info:
  name: AnchorCMS Error Log Exposure
-  author: pd-team
+  author: pdteam
  severity: medium
  tags: cve,cve2018,anchorcms,logs

--- a/cves/2018/CVE-2018-8006.yaml
+++ b/cves/2018/CVE-2018-8006.yaml
@ -2,7 +2,7 @@ id: CVE-2018-8006

 info:
  name: Apache ActiveMQ XSS
-  author: pd-team
+  author: pdteam
  severity: medium
  tags: cve,cve2018,apache,activemq,xss

--- a/cves/2019/CVE-2019-10092.yaml
+++ b/cves/2019/CVE-2019-10092.yaml
@ -2,7 +2,7 @@ id: CVE-2019-10092

 info:
  name: Apache mod_proxy HTML Injection / Partial XSS
-  author: pd-team
+  author: pdteam
  severity: medium
  description: In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed.
  reference: |
--- a/cves/2019/CVE-2019-12461.yaml
+++ b/cves/2019/CVE-2019-12461.yaml
@ -4,11 +4,10 @@ info:
  name: WebPort 1.19.1 - Reflected Cross-Site Scripting
  author: pikpikcu
  severity: medium
+  description: Web Port 1.19.1 allows XSS via the /log type parameter.
  tags: cve,cve2019,xss
-
-# Vendor Homepage: https://webport.se/
-# Software Link: https://webport.se/nedladdningar/
-# reference: https://github.com/EmreOvunc/WebPort-v1.19.1-Reflected-XSS
+  reference: https://github.com/EmreOvunc/WebPort-v1.19.1-Reflected-XSS
+  software: https://webport.se/nedladdningar/

 requests:
  - method: GET
--- a/cves/2019/CVE-2019-14223.yaml
+++ b/cves/2019/CVE-2019-14223.yaml
@ -2,7 +2,7 @@ id: CVE-2019-14223

 info:
  name: Alfresco Share Open Redirect
-  author: pd-team
+  author: pdteam
  severity: low
  description: An issue was discovered in Alfresco Community Edition versions below 5.2.6, 6.0.N and 6.1.N. The Alfresco Share application is vulnerable to an Open Redirect attack via a crafted POST request. By manipulating the POST parameters, an attacker can redirect a victim to a malicious website over any protocol the attacker desires (e.g.,http, https, ftp, smb, etc.).
  reference: |
--- a/cves/2019/CVE-2019-15107.yaml
+++ b/cves/2019/CVE-2019-15107.yaml
@ -4,6 +4,7 @@ info:
  name: Webmin <= 1.920 Unauhenticated Remote Command Execution
  author: bp0lr
  severity: high
+  description: An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.
  reference: https://pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html
  tags: cve,cve2019,webmin,rce

--- a/cves/2019/CVE-2019-3403.yaml
+++ b/cves/2019/CVE-2019-3403.yaml
@ -5,7 +5,7 @@ info:
  author: Ganofins
  severity: medium
  description: The /rest/api/2/user/picker rest resource in Jira before version 7.13.3, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to enumerate usernames via an incorrect authorisation check.
-  reference: https://nvd.nist.gov/vuln/detail/CVE-2019-3403
+  reference: https://jira.atlassian.com/browse/JRASERVER-69242
  tags: cve,cve2019,atlassian,jira

 requests:
--- a/cves/2019/CVE-2019-7219.yaml
+++ b/cves/2019/CVE-2019-7219.yaml
@ -2,7 +2,7 @@ id: CVE-2019-7219

 info:
  name: Zarafa WebApp Reflected XSS
-  author: pd-team
+  author: pdteam
  severity: low
  description: |
    Unauthenticated reflected cross-site scripting (XSS) exists in Zarafa Webapp 2.0.1.47791 and earlier. NOTE: this is a discontinued product. The issue was fixed in later Zarafa Webapp versions; however, some former Zarafa Webapp customers use the related Kopano product instead.
--- a/cves/2019/CVE-2019-9955.yaml
+++ b/cves/2019/CVE-2019-9955.yaml
@ -2,7 +2,7 @@ id: CVE-2019-9955

 info:
  name: CVE-2019-9955 Zyxel XSS
-  author: pd-team
+  author: pdteam
  severity: low
  tags: cve,cve2019,xss
  description: On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices, the security firewall login page is vulnerable to Reflected XSS via the unsanitized 'mp_idx' parameter.
--- a/cves/2020/CVE-2020-17518.yaml
+++ b/cves/2020/CVE-2020-17518.yaml
@ -2,7 +2,7 @@ id: CVE-2020-17518

 info:
  name: Apache Flink Upload Path Traversal
-  author: pd-team
+  author: pdteam
  severity: critical
  reference: https://github.com/vulhub/vulhub/tree/master/flink/CVE-2020-17518
  description: |
--- a/cves/2020/CVE-2020-17519.yaml
+++ b/cves/2020/CVE-2020-17519.yaml
@ -2,7 +2,7 @@ id: CVE-2020-17519

 info:
  name: Apache Flink directory traversal
-  author: pd-team
+  author: pdteam
  severity: high
  description: A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process.
  reference: https://github.com/B1anda0/CVE-2020-17519
--- a/cves/2020/CVE-2020-1943.yaml
+++ b/cves/2020/CVE-2020-1943.yaml
@ -2,7 +2,7 @@ id: CVE-2020-1943

 info:
  name: Apache OFBiz Reflected XSS
-  author: pd-team
+  author: pdteam
  description: Data sent with contentId to /control/stream is not sanitized, allowing XSS attacks in Apache OFBiz 16.11.01 to 16.11.07.
  severity: medium
  tags: cve,cve2020,apache,xss
--- a/cves/2020/CVE-2020-24550.yaml
+++ b/cves/2020/CVE-2020-24550.yaml
@ -6,7 +6,7 @@ info:
  severity: medium
  description: An Open Redirect vulnerability in EpiServer Find before 13.2.7 allows an attacker to redirect users to untrusted websites via the _t_redirect parameter in a crafted URL, such as a /find_v2/_click URL.
  tags: cve,cve2020,redirect,episerver
-  reference: https://nvd.nist.gov/vuln/detail/CVE-2020-24550
+  reference: https://labs.nettitude.com/blog/cve-2020-24550-open-redirect-in-episerver-find/

 requests:
  - method: GET
--- a/cves/2020/CVE-2020–26073.yaml
+++ b/cves/2020/CVE-2020–26073.yaml
@ -1,25 +0,0 @@
-id: CVE-2020-26073
-info:
-  name: Cisco SD-WAN vManage Software Directory Traversal
-  author: madrobot
-  severity: high
-  description: |
-    A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to gain access to sensitive information.
-
-    The vulnerability is due to improper validation of directory traversal character sequences within requests to application programmatic interfaces (APIs). An attacker could exploit this vulnerability by sending malicious requests to an API within the affected application. A successful exploit could allow the attacker to conduct directory traversal attacks and gain access to sensitive information including credentials or user tokens.
-  reference: https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-vman-traversal-hQh24tmk.html
-  tags: lfi,cve,cve2020,cisco
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/dataservice/disasterrecovery/download/token/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2Fetc%2Fpasswd"
-    matchers-condition: and
-    matchers:
-      - type: status
-        status:
-          - 200
-      - type: regex
-        words:
-          - "root:[x*]:0:0:"
-        part: body
--- a/cves/2021/CVE-2021-21402.yaml
+++ b/cves/2021/CVE-2021-21402.yaml
@ -1,7 +1,7 @@
 id: CVE-2021-21402

 info:
-  name: Jellyfin prior to 10.7.0 Unauthenticated Abritrary File Read
+  name: Jellyfin prior to 10.7.0 Unauthenticated Arbitrary File Read
  author: dwisiswant0
  severity: high
  description: |
--- a/default-logins/UCMDB/micro-focus-ucmdb-default-credentials.yaml
+++ b/default-logins/UCMDB/micro-focus-ucmdb-default-credentials.yaml
@ -4,7 +4,7 @@ info:
  name: Micro Focus UCMDB Default Credentials
  author: dwisiswant0
  severity: high
-  tags: ucmdb,dlogin
+  tags: ucmdb,default-login

 requests:
  - method: POST
--- a/default-logins/activemq/activemq-default-login.yaml
+++ b/default-logins/activemq/activemq-default-login.yaml
@ -2,12 +2,10 @@ id: activemq-default-login

 info:
  name: Apache ActiveMQ Default Credentials
-  author: pd-team
+  author: pdteam
  severity: medium
-  tags: apache,activemq,dlogin
+  tags: apache,activemq,default-login

-# We could add a request condition block to only send this request if the
-# site response URL had activeMQ broker stuff in the source.
 requests:
  - method: GET
    path:
--- a/default-logins/alibaba/alibaba-canal-default-password.yaml
+++ b/default-logins/alibaba/alibaba-canal-default-password.yaml
@ -4,7 +4,7 @@ info:
  name: Alibaba Canal Default Password
  author: pdteam
  severity: high
-  tags: alibaba,dlogin
+  tags: alibaba,default-login

 requests:
  - method: POST
--- a/default-logins/ambari/ambari-default-credentials.yaml
+++ b/default-logins/ambari/ambari-default-credentials.yaml
@ -2,9 +2,9 @@ id: ambari-default-credentials

 info:
  name: Apache Ambari Default Credentials
-  author: pd-team
+  author: pdteam
  severity: medium
-  tags: ambari,dlogin
+  tags: ambari,default-login

 requests:
  - method: GET
--- a/default-logins/apache/tomcat-manager-default.yaml
+++ b/default-logins/apache/tomcat-manager-default.yaml
@ -3,7 +3,7 @@ info:
  name: tomcat-manager-default-password
  author: pdteam
  severity: high
-  tags: tomcat,apache,dlogin
+  tags: tomcat,apache,default-login

 requests:

--- a/default-logins/axis2/axis2-default-password.yaml
+++ b/default-logins/axis2/axis2-default-password.yaml
@ -4,7 +4,7 @@ info:
  name: Axis2 Default Password
  author: pikpikcu
  severity: high
-  tags: axis,apache,dlogin
+  tags: axis,apache,default-login

 requests:
  - method: POST
--- a/default-logins/dell/dell-idrac-default-login.yaml
+++ b/default-logins/dell/dell-idrac-default-login.yaml
@ -3,7 +3,7 @@ info:
  name: Dell iDRAC6/7/8 Default login
  author: kophjager007
  severity: high
-  tags: dell,idrac,dlogin
+  tags: dell,idrac,default-login

 requests:
  - method: POST
--- a/default-logins/dell/dell-idrac9-default-login.yaml
+++ b/default-logins/dell/dell-idrac9-default-login.yaml
@ -3,7 +3,7 @@ info:
  name: Dell iDRAC9 Default login
  author: kophjager007
  severity: high
-  tags: dell,idrac,dlogin
+  tags: dell,idrac,default-login

 requests:
  - method: POST
--- a/default-logins/frps/frp-default-credentials.yaml
+++ b/default-logins/frps/frp-default-credentials.yaml
@ -4,7 +4,7 @@ info:
  name: Frp Default credentials
  author: pikpikcu
  severity: info
-  tags: frp,dlogin
+  tags: frp,default-login
  reference: https://github.com/fatedier/frp/issues/1840

 requests:
--- a/default-logins/grafana/grafana-default-credential.yaml
+++ b/default-logins/grafana/grafana-default-credential.yaml
@ -3,7 +3,7 @@ info:
  name: Grafana Default Credentials Check
  author: pdteam
  severity: high
-  tags: grafana,dlogin
+  tags: grafana,default-login

  # https://grafana.com/docs/grafana/latest/administration/configuration/#disable_brute_force_login_protection
  # https://github.com/grafana/grafana/issues/14755
--- a/default-logins/nexus/nexus-default-password.yaml
+++ b/default-logins/nexus/nexus-default-password.yaml
@ -4,7 +4,7 @@ info:
  name: Nexus Default Password
  author: pikpikcu
  severity: high
-  tags: nexus,dlogin
+  tags: nexus,default-login

 requests:
  - raw:
--- a/default-logins/nps/nps-default-password.yaml
+++ b/default-logins/nps/nps-default-password.yaml
@ -4,7 +4,7 @@ info:
  name: NPS Default Password
  author: pikpikcu
  severity: high
-  tags: nps,dlogin
+  tags: nps,default-login

 requests:
  - method: POST
--- a/default-logins/ofbiz/ofbiz-default-credentials.yaml
+++ b/default-logins/ofbiz/ofbiz-default-credentials.yaml
@ -2,9 +2,9 @@ id: ofbiz-default-credentials

 info:
  name: Apache OfBiz Default Credentials
-  author: pd-team
+  author: pdteam
  severity: medium
-  tags: ofbiz,dlogin
+  tags: ofbiz,default-login

 requests:
  - method: POST
--- a/default-logins/rabbitmq/rabbitmq-default-admin.yaml
+++ b/default-logins/rabbitmq/rabbitmq-default-admin.yaml
@ -4,7 +4,7 @@ info:
  name: RabbitMQ Default Credentials
  author: fyoorer & dwisiswant0
  severity: high
-  tags: rabbitmq,dlogin
+  tags: rabbitmq,default-login

 requests:
  - method: GET
--- a/default-logins/rockmongo/rockmongo-default-credentials.yaml
+++ b/default-logins/rockmongo/rockmongo-default-credentials.yaml
@ -4,7 +4,7 @@ info:
  name: Rockmongo Default Credentials
  author: pikpikcu
  severity: high
-  tags: rockmongo,dlogin
+  tags: rockmongo,default-login

 requests:
  - raw:
--- a/default-logins/samsung/samsung-wlan-ap-default-credentials.yaml
+++ b/default-logins/samsung/samsung-wlan-ap-default-credentials.yaml
@ -5,7 +5,7 @@ info:
  author: pikpikcu
  severity: high
  reference: https://iryl.info/2020/11/27/exploiting-samsung-router-wlan-ap-wea453e/
-  tags: samsung,dlogin
+  tags: samsung,default-login

 requests:
  - method: POST
--- a/default-logins/solarwinds/solarwinds-default-admin.yaml
+++ b/default-logins/solarwinds/solarwinds-default-admin.yaml
@ -4,7 +4,7 @@ info:
  name: SolarWinds Orion Default Credentials
  author: dwisiswant0
  severity: high
-  tags: solarwinds,dlogin
+  tags: solarwinds,default-login

  # Optional:
  # POST /SolarWinds/InformationService/v3/Json/Create/Orion.Pollers HTTP/1.1
--- a/default-logins/xxljob/xxljob-default-login.yaml
+++ b/default-logins/xxljob/xxljob-default-login.yaml
@ -4,7 +4,7 @@ info:
  name: XXL-JOB default login
  author: pdteam
  severity: high
-  tags: dlogin,xxljob
+  tags: default-login,xxljob
  reference: https://github.com/xuxueli/xxl-job

 requests:
--- a/default-logins/zabbix/zabbix-default-credentials.yaml
+++ b/default-logins/zabbix/zabbix-default-credentials.yaml
@ -2,9 +2,9 @@ id: zabbix-default-credentials

 info:
  name: Zabbix Default Credentials
-  author: pd-team
+  author: pdteam
  severity: critical
-  tags: zabbix,dlogin
+  tags: zabbix,default-login

 requests:
  - method: POST
--- a/dns/azure-takeover-detection.yaml
+++ b/dns/azure-takeover-detection.yaml
@ -2,7 +2,7 @@ id: azure-takeover-detection

 info:
  name: Azure takeover detection
-  author: "pdnuclei - projectdiscovery.io"
+  author: pdteam
  severity: high
  tags: dns,takeover

--- a/dns/cname-service-detector.yaml
+++ b/dns/cname-service-detector.yaml
@ -2,7 +2,7 @@ id: cname-service-detector

 info:
  name: 3rd party service checker
-  author: pd-team
+  author: pdteam
  severity: info
  tags: dns

--- a/dns/servfail-refused-hosts.yaml
+++ b/dns/servfail-refused-hosts.yaml
@ -2,7 +2,7 @@ id: servfail-refused-hosts

 info:
  name: Servfail Host Finder
-  author: pd-team
+  author: pdteam
  severity: info
  tags: dns

--- a/exposed-panels/active-admin-exposure.yaml
+++ b/exposed-panels/active-admin-exposure.yaml
@ -2,8 +2,9 @@ id: active-admin-exposure

 info:
  name: ActiveAdmin Admin Dasboard Exposure
-  author: pd-team
+  author: pdteam
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/activemq-panel.yaml
+++ b/exposed-panels/activemq-panel.yaml
@ -2,8 +2,9 @@ id: activemq-panel

 info:
  name: Apache ActiveMQ Exposure
-  author: pd-team
+  author: pdteam
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/acunetix-panel.yaml
+++ b/exposed-panels/acunetix-panel.yaml
@ -4,6 +4,7 @@ info:
  name: Acunetix Panel detector
  author: joanbono
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/adminer-panel.yaml
+++ b/exposed-panels/adminer-panel.yaml
@ -4,6 +4,7 @@ info:
  author: random-robbie & meme-lord
  severity: info
  reference: https://blog.sorcery.ie/posts/adminer/
+  tags: panel

  # <= 4.2.4 can have unauthenticated RCE via SQLite driver
  # <= 4.6.2 can have LFI via MySQL LOAD DATA LOCAL
--- a/exposed-panels/adobe-component-login.yaml
+++ b/exposed-panels/adobe-component-login.yaml
@ -5,6 +5,7 @@ info:
  author: dhiyaneshDK
  severity: info
  reference: https://www.exploit-db.com/ghdb/6846
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/advance-setup.yaml
+++ b/exposed-panels/advance-setup.yaml
@ -5,6 +5,7 @@ info:
  author: dhiyaneshDK
  severity: info
  reference: https://www.exploit-db.com/ghdb/6819
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/aims-password-mgmt-client.yaml
+++ b/exposed-panels/aims-password-mgmt-client.yaml
@ -4,6 +4,7 @@ info:
  name: Aims Password Management Client Detect
  author: iamthefrogy
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/aims-password-portal.yaml
+++ b/exposed-panels/aims-password-portal.yaml
@ -5,6 +5,7 @@ info:
  author: dhiyaneshDK
  severity: info
  reference: https://www.exploit-db.com/ghdb/6576
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/airflow-exposure.yaml
+++ b/exposed-panels/airflow-exposure.yaml
@ -2,8 +2,9 @@ id: airflow-exposure

 info:
  name: Apache Airflow Exposure / Unauthenticated Access
-  author: pd-team
+  author: pdteam
  severity: medium
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/ambari-exposure.yaml
+++ b/exposed-panels/ambari-exposure.yaml
@ -2,8 +2,9 @@ id: ambari-exposure

 info:
  name: Apache Ambari Exposure / Unauthenticated Access
-  author: pd-team
+  author: pdteam
  severity: medium
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/ansible-tower-exposure.yaml
+++ b/exposed-panels/ansible-tower-exposure.yaml
@ -2,8 +2,9 @@ id: ansible-tower-exposure

 info:
  name: Ansible Tower Exposure
-  author: pd-team
+  author: pdteam
  severity: low
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/atlassian-crowd-panel.yaml
+++ b/exposed-panels/atlassian-crowd-panel.yaml
@ -4,6 +4,8 @@ info:
  name: Atlassian Crowd panel detect
  author: organiccrap
  severity: info
+  tags: panel
+
 requests:
  - method: GET
    path:
--- a/exposed-panels/blue-iris-login.yaml
+++ b/exposed-panels/blue-iris-login.yaml
@ -5,6 +5,7 @@ info:
  author: dhiyaneshDK
  severity: info
  reference: https://www.exploit-db.com/ghdb/6814
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/checkmarx-panel.yaml
+++ b/exposed-panels/checkmarx-panel.yaml
@ -4,6 +4,7 @@ info:
  name: Checkmarx WebClient detector
  author: joanbono
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/cisco-asa-panel.yaml
+++ b/exposed-panels/cisco-asa-panel.yaml
@ -4,7 +4,7 @@ info:
  name: Cisco ASA VPN panel detect
  author: organiccrap
  severity: info
-  tags: cisco
+  tags: cisco,panel

 requests:
  - method: GET
--- a/exposed-panels/cisco-finesse-login.yaml
+++ b/exposed-panels/cisco-finesse-login.yaml
@ -5,7 +5,7 @@ info:
  author: dhiyaneshDK
  severity: info
  reference: https://www.exploit-db.com/ghdb/6824
-  tags: cisco
+  tags: panel,cisco

 requests:
  - method: GET
--- a/exposed-panels/cisco-integrated-login.yaml
+++ b/exposed-panels/cisco-integrated-login.yaml
@ -5,7 +5,7 @@ info:
  author: dhiyaneshDK
  severity: info
  reference: https://www.exploit-db.com/ghdb/3859
-  tags: cisco
+  tags: panel,cisco

 requests:
  - method: GET
--- a/exposed-panels/cisco-sd-wan.yaml
+++ b/exposed-panels/cisco-sd-wan.yaml
@ -5,7 +5,7 @@ info:
  author: z3bd
  severity: info
  reference: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj
-  tags: cisco
+  tags: panel,cisco

 requests:
  - method: GET
--- a/exposed-panels/cisco-security-details.yaml
+++ b/exposed-panels/cisco-security-details.yaml
@ -5,7 +5,7 @@ info:
  author: dhiyaneshDK
  severity: info
  reference: https://www.exploit-db.com/ghdb/6708
-  tags: cisco
+  tags: panel,cisco

 requests:
  - method: GET
--- a/exposed-panels/citrix-adc-gateway-detect.yaml
+++ b/exposed-panels/citrix-adc-gateway-detect.yaml
@ -1,8 +1,11 @@
 id: citrix-adc-gateway-panel
+
 info:
  name: Citrix ADC Gateway detect
  author: organiccrap
  severity: info
+  tags: panel
+
 requests:
  - method: GET
    path:
@ -10,6 +13,7 @@ requests:
      - '{{BaseURL}}/logon/LogonPoint/custom.html'
    headers:
      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55
+
    matchers:
      - type: word
        words:
--- a/exposed-panels/citrix-vpn-detect.yaml
+++ b/exposed-panels/citrix-vpn-detect.yaml
@ -2,8 +2,9 @@ id: citrix-vpn-detect

 info:
  name: Citrix VPN Detection
-  author: pd-team
+  author: pdteam
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/compal-panel.yaml
+++ b/exposed-panels/compal-panel.yaml
@ -4,6 +4,7 @@ info:
  name: Compal CH7465LG panel detect
  author: fabaff
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/couchdb-exposure.yaml
+++ b/exposed-panels/couchdb-exposure.yaml
@ -3,6 +3,7 @@ info:
  name: couchdb exposure
  author: organiccrap
  severity: low
+  tags: panel

 requests:
  - method: GET
@ -18,6 +19,7 @@ requests:
          - Erlang OTP/
        part: header
        condition: and
+
      - type: status
        status:
          - 200
--- a/exposed-panels/couchdb-fauxton.yaml
+++ b/exposed-panels/couchdb-fauxton.yaml
@ -2,8 +2,9 @@ id: couchdb-fauxton

 info:
  name: Apache CouchDB Fauxton Exposure
-  author: pd-team
+  author: pdteam
  severity: low
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/crush-ftp-login.yaml
+++ b/exposed-panels/crush-ftp-login.yaml
@ -1,10 +1,11 @@
-id: crushFTP-login
+id: crushftp-login

 info:
  name: CrushFTP WebInterface
  author: dhiyaneshDK
  severity: info
  reference: https://www.exploit-db.com/ghdb/6591
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/crxde-lite.yaml
+++ b/exposed-panels/crxde-lite.yaml
@ -4,6 +4,7 @@ info:
  name: CRXDE Lite
  author: nadino
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/d-link-wireless.yaml
+++ b/exposed-panels/d-link-wireless.yaml
@ -5,6 +5,7 @@ info:
  author: dhiyaneshDK
  severity: info
  reference: https://www.exploit-db.com/ghdb/6784
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/django-admin-panel.yaml
+++ b/exposed-panels/django-admin-panel.yaml
@ -2,8 +2,9 @@ id: django-admin-panel

 info:
  name: Python Django Admin Panel
-  author: pd-team
+  author: pdteam
  severity: low
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/druid-console-exposure.yaml
+++ b/exposed-panels/druid-console-exposure.yaml
@ -2,8 +2,9 @@ id: druid-console-exposure

 info:
  name: Alibaba Druid Console Exposure
-  author: pd-team
+  author: pdteam
  severity: medium
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/exposed-pagespeed-global-admin.yaml
+++ b/exposed-panels/exposed-pagespeed-global-admin.yaml
@ -2,8 +2,9 @@ id: exposed-pagespeed-global-admin

 info:
  name: Apache PageSpeed Global Admin Dashboard Exposure
-  author: pd-team
+  author: pdteam
  severity: medium
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/exposed-webalizer.yaml
+++ b/exposed-panels/exposed-webalizer.yaml
@ -2,8 +2,9 @@ id: exposed-webalizer

 info:
  name: Publicly exposed Webalizer Interface
-  author: pd-team
+  author: pdteam
  severity: low
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/fiorilaunchpad-logon.yaml
+++ b/exposed-panels/fiorilaunchpad-logon.yaml
@ -5,6 +5,7 @@ info:
  author: dhiyaneshDK
  severity: info
  reference: https://www.exploit-db.com/ghdb/6793
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/flink-exposure.yaml
+++ b/exposed-panels/flink-exposure.yaml
@ -2,8 +2,9 @@ id: flink-exposure

 info:
  name: Apache Flink Exposure
-  author: pd-team
+  author: pdteam
  severity: low
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/fortinet-fortigate-panel.yaml
+++ b/exposed-panels/fortinet-fortigate-panel.yaml
@ -4,6 +4,7 @@ info:
  name: Fortinet FortiGate SSL VPN Panel
  author: bsysop
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/fortiweb-panel.yaml
+++ b/exposed-panels/fortiweb-panel.yaml
@ -4,6 +4,7 @@ info:
  name: Fortinet FortiWeb Login Panel
  author: PR3R00T
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/github-enterprise-detect.yaml
+++ b/exposed-panels/github-enterprise-detect.yaml
@ -4,6 +4,7 @@ info:
  name: Detect Github Enterprise
  author: ehsahil
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/gitlab-detect.yaml
+++ b/exposed-panels/gitlab-detect.yaml
@ -4,6 +4,7 @@ info:
  name: Detect Gitlab
  author: ehsahil
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/globalprotect-panel.yaml
+++ b/exposed-panels/globalprotect-panel.yaml
@ -4,6 +4,7 @@ info:
  name: PaloAlto Networks GlobalProtect Panel
  author: organiccrap
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/go-anywhere-client.yaml
+++ b/exposed-panels/go-anywhere-client.yaml
@ -4,6 +4,7 @@ info:
  name: GoAnywhere client login detection
  author: iamthefrogy
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/grafana-detect.yaml
+++ b/exposed-panels/grafana-detect.yaml
@ -4,6 +4,7 @@ info:
  name: Grafana panel detect
  author: organiccrap
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/hadoop-exposure.yaml
+++ b/exposed-panels/hadoop-exposure.yaml
@ -2,8 +2,9 @@ id: hadoop-exposure

 info:
  name: Apache Hadoop Exposure
-  author: pd-team
+  author: pdteam
  severity: low
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/hivemanager-login-panel.yaml
+++ b/exposed-panels/hivemanager-login-panel.yaml
@ -3,6 +3,7 @@ info:
  name: HiveManager Login panel
  author: binaryfigments
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/hmc-hybris-panel.yaml
+++ b/exposed-panels/hmc-hybris-panel.yaml
@ -4,6 +4,7 @@ info:
  name: SAP Hybris Management Console
  author: dogasantos
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/identityguard-selfservice-entrust.yaml
+++ b/exposed-panels/identityguard-selfservice-entrust.yaml
@ -4,6 +4,7 @@ info:
  name: IdentityGuard Self-Service by Entrust
  author: nodauf
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/iomega-lenovo-emc-shared-nas-detect.yaml
+++ b/exposed-panels/iomega-lenovo-emc-shared-nas-detect.yaml
@ -4,6 +4,7 @@ info:
  name: Iomega Lenovo EMC with shared NAS
  author: e_schultze_
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/jfrog.yaml
+++ b/exposed-panels/jfrog.yaml
@ -5,6 +5,7 @@ info:
  author: dhiyaneshDK
  severity: info
  reference: https://www.exploit-db.com/ghdb/6797
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/jira-detect.yaml
+++ b/exposed-panels/jira-detect.yaml
@ -4,6 +4,7 @@ info:
  name: Detect Jira Issue Management Software
  author: pdteam
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/jmx-console.yaml
+++ b/exposed-panels/jmx-console.yaml
@ -3,6 +3,7 @@ info:
  name: JMX Console
  author: Yash Anand @yashanand155
  severity: low
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/joomla-panel.yaml
+++ b/exposed-panels/joomla-panel.yaml
@ -4,6 +4,7 @@ info:
  name: Joomla Panel
  author: github.com/its0x08
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/kafka-connect-ui.yaml
+++ b/exposed-panels/kafka-connect-ui.yaml
@ -2,8 +2,9 @@ id: kafka-connect-ui

 info:
  name: Apache Kafka Connect UI Exposure
-  author: pd-team
+  author: pdteam
  severity: low
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/kafka-monitoring.yaml
+++ b/exposed-panels/kafka-monitoring.yaml
@ -2,8 +2,9 @@ id: kafka-monitoring

 info:
  name: Apache Kafka Monitor Exposure
-  author: pd-team
+  author: pdteam
  severity: low
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/kafka-topics-ui.yaml
+++ b/exposed-panels/kafka-topics-ui.yaml
@ -2,8 +2,9 @@ id: kafka-topics-ui

 info:
  name: Apache Kafka Topics UI Exposure
-  author: pd-team
+  author: pdteam
  severity: low
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/keenetic-web-login.yaml
+++ b/exposed-panels/keenetic-web-login.yaml
@ -5,6 +5,7 @@ info:
  author: dhiyaneshDK
  severity: info
  reference: https://www.exploit-db.com/ghdb/6817
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/key-cloak-admin-panel.yaml
+++ b/exposed-panels/key-cloak-admin-panel.yaml
@ -4,6 +4,7 @@ info:
  name: Keycloak Admin Panel
  author: incogbyte
  severity: low
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/kubernetes-dashboard.yaml
+++ b/exposed-panels/kubernetes-dashboard.yaml
@ -2,8 +2,9 @@ id: kubernetes-dashboard

 info:
  name: Kubernetes Console Exposure
-  author: pd-team
+  author: pdteam
  severity: low
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/manage-engine-admanager-panel.yaml
+++ b/exposed-panels/manage-engine-admanager-panel.yaml
@ -4,6 +4,7 @@ info:
  name: Manage Engine ADManager Panel
  author: PR3R00T
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/microsoft-exchange-login.yaml
+++ b/exposed-panels/microsoft-exchange-login.yaml
@ -5,6 +5,7 @@ info:
  author: dhiyaneshDK
  severity: info
  reference: https://www.exploit-db.com/ghdb/6739
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/mini-start-page.yaml
+++ b/exposed-panels/mini-start-page.yaml
@ -5,6 +5,7 @@ info:
  author: dhiyaneshDk
  severity: info
  reference: https://www.exploit-db.com/ghdb/6500
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/mobileiron-login.yaml
+++ b/exposed-panels/mobileiron-login.yaml
@ -4,6 +4,7 @@ info:
  name: MobileIron Login
  author: dhiyaneshDK & @dwisiswant0
  Severity: info
+  tags: panel

 requests:
  - method: GET
--- a/exposed-panels/nessus-panel.yaml
+++ b/exposed-panels/nessus-panel.yaml
@ -4,6 +4,7 @@ info:
  name: Nessus Panel detector
  author: joanbono
  severity: info
+  tags: panel

 requests:
  - method: GET
--- a/Show More
+++ b/Show More