diff --git a/http/cves/2024/CVE-2024-36401.yaml b/http/cves/2024/CVE-2024-36401.yaml
index eb40bc63a5..358bd229f9 100644
--- a/http/cves/2024/CVE-2024-36401.yaml
+++ b/http/cves/2024/CVE-2024-36401.yaml
@@ -2,7 +2,7 @@ id: CVE-2024-36401
 
 info:
   name: GeoServer RCE in Evaluating Property Name Expressions
-  author: DhiyaneshDk
+  author: DhiyaneshDk,ryanborum
   severity: critical
   description: |
     In the GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer, multiple OGC request parameters allow Remote Code Execution (RCE) by unauthenticated users through specially crafted input against a default GeoServer installation due to unsafely evaluating property names as XPath expressions.
@@ -18,7 +18,7 @@ info:
     max-request: 1
     vendor: osgeo
     product: geoserver
-    shodan-query: http.title:"geoserver"
+    shodan-query: "Server: GeoHttpServer"
     fofa-query:
       - title="geoserver"
       - app="geoserver"
@@ -65,4 +65,4 @@ http:
         part: content_type
         words:
           - "application/xml"
-# digest: 4a0a004730450220735fae2d600334ad0b407f6e2a0905a071226561197d52236f48b8065ee38fa4022100c16a9085e40790dda9b6217e62a1d5fc3d0d68d7443cf10582b55cece0c2e632:922c64590222798bb761d5b6d8e72950
\ No newline at end of file
+# digest: 4a0a004730450220735fae2d600334ad0b407f6e2a0905a071226561197d52236f48b8065ee38fa4022100c16a9085e40790dda9b6217e62a1d5fc3d0d68d7443cf10582b55cece0c2e632:922c64590222798bb761d5b6d8e72950