Merge branch 'main' into patch-13

2023-07-11 23:34:02 +05:30 · 2023-07-11 23:34:02 +05:30 · 83e310c4e6
parent ff2703868f 55d7f7cb96
commit 83e310c4e6
4509 changed files with 14038 additions and 16609 deletions
--- a/.github/workflows/autoassign.yml
+++ b/.github/workflows/autoassign.yml
@ -12,7 +12,7 @@ jobs:
    permissions: write-all
    runs-on: ubuntu-latest
    env:
-      ASSIGN_TASK_TOKEN: ${{ secrets.GITHUB_TOKEN }} # github personal token
+      ASSIGN_TASK_TOKEN: ${{ secrets.PDTEAMX_PAT }} # github personal token
    steps:
      - name: checkout repo content
        uses: actions/checkout@v2 # checkout the repository content
--- a/.github/workflows/cache-purge.yml
+++ b/.github/workflows/cache-purge.yml
@ -9,6 +9,7 @@ on:
 jobs:
  deploy:
    runs-on: ubuntu-latest
    if: github.repository == 'projectdiscovery/nuclei-templates'
    steps:
      # Wait for 5 minutes
      - name: Wait for 2 minutes
--- a/.github/workflows/cve2json.yml
+++ b/.github/workflows/cve2json.yml
@ -5,7 +5,7 @@ on:
    branches:
      - main
    paths:
-      - 'http/cves/'
+      - 'http/cves/**'
  workflow_dispatch: # allows manual triggering of the workflow
 jobs:
@ -36,7 +36,7 @@ jobs:
          git commit -m "Auto Generated cves.json [$(date)] :robot:" -a
      - name: Push changes
-        if: steps.checksum.outputs.CHANGES > 0
+        if: steps.cves.outputs.CHANGES > 0
        run: |
          git pull --rebase
          git push origin ${{ github.ref }}
--- a/.github/workflows/template-checksum.yml
+++ b/.github/workflows/template-checksum.yml
@ -11,6 +11,7 @@ on:
 jobs:
  checksum:
    runs-on: ubuntu-latest
    if: github.repository == 'projectdiscovery/nuclei-templates'
    steps:
      - uses: actions/checkout@v3
        with: 
--- a/.github/workflows/template-db-indexer.yml
+++ b/.github/workflows/template-db-indexer.yml
@ -11,6 +11,7 @@ on:
 jobs:
  index:
    runs-on: ubuntu-latest
    if: github.repository == 'projectdiscovery/nuclei-templates'
    steps:
      - name: Set up Go
        uses: actions/setup-go@v4
--- a/.new-additions
+++ b/.new-additions
@ -1,39 +1,9 @@
-file/nodejs/admzip-path-overwrite.yaml
+http/cves/2016/CVE-2016-10973.yaml
-file/nodejs/express-lfr.yaml
+http/cves/2022/CVE-2022-40127.yaml
-file/nodejs/generic-path-traversal.yaml
+http/cves/2022/CVE-2022-46071.yaml
-file/nodejs/tar-path-overwrite.yaml
+http/cves/2023/CVE-2023-2982.yaml
-file/nodejs/xss-serialize-javascript.yaml
+http/cves/2023/CVE-2023-33338.yaml
-file/nodejs/zip-path-overwrite.yaml
+http/cves/2023/CVE-2023-33440.yaml
-http/cnvd/2020/CNVD-2020-63964.yaml
+http/cves/2023/CVE-2023-3479.yaml
-http/cves/2012/CVE-2012-6499.yaml
+http/exposed-panels/c2/rhadamanthys-stealer-panel.yaml
-http/cves/2021/CVE-2021-46704.yaml
+http/misconfiguration/dlink-config-dump.yaml
 http/cves/2022/CVE-2022-40022.yaml
 http/cves/2023/CVE-2023-0126.yaml
 http/cves/2023/CVE-2023-0562.yaml
 http/cves/2023/CVE-2023-0563.yaml
 http/cves/2023/CVE-2023-1454.yaml
 http/cves/2023/CVE-2023-20888.yaml
 http/cves/2023/CVE-2023-20889.yaml
 http/cves/2023/CVE-2023-25346.yaml
 http/cves/2023/CVE-2023-26842.yaml
 http/cves/2023/CVE-2023-26843.yaml
 http/cves/2023/CVE-2023-27372.yaml
 http/cves/2023/CVE-2023-31548.yaml
 http/cves/2023/CVE-2023-33510.yaml
 http/cves/2023/CVE-2023-34598.yaml
 http/cves/2023/CVE-2023-34599.yaml
 http/cves/2023/CVE-2023-34843.yaml
 http/cves/2023/CVE-2023-35843.yaml
 http/cves/2023/CVE-2023-35844.yaml
 http/exposed-panels/axxon-client-panel.yaml
 http/exposed-panels/openbullet2-panel.yaml
 http/exposed-panels/syncserver-panel.yaml
 http/exposed-panels/wd-mycloud-panel.yaml
 http/exposures/configs/aws-config.yaml
 http/exposures/configs/aws-credentials.yaml
 http/misconfiguration/genieacs-default-jwt.yaml
 http/misconfiguration/grav-register-admin.yaml
 http/misconfiguration/installer/spip-install.yaml
 http/misconfiguration/odoo-unprotected-database.yaml
 http/vulnerabilities/hikvision-ivms-file-upload-rce.yaml
 http/vulnerabilities/vbulletin/arcade-php-sqli.yaml
--- a/.nuclei-ignore
+++ b/.nuclei-ignore
@ -25,7 +25,9 @@ tags:
 files:
  - http/cves/2006/CVE-2006-1681.yaml
  - http/cves/2007/CVE-2007-5728.yaml
  - http/cves/2011/CVE-2011-4618.yaml
  - http/cves/2014/CVE-2014-9608.yaml
  - http/cves/2018/CVE-2018-5316.yaml
  - http/cves/2018/CVE-2018-5233.yaml
  - http/cves/2019/CVE-2019-14696.yaml
  - http/cves/2020/CVE-2020-11930.yaml
--- a/README.md
+++ b/README.md
@ -42,18 +42,18 @@ An overview of the nuclei template project, including statistics on unique tags,
 |    TAG    | COUNT |    AUTHOR    | COUNT |      DIRECTORY       | COUNT | SEVERITY | COUNT | TYPE | COUNT |
 |-----------|-------|--------------|-------|----------------------|-------|----------|-------|------|-------|
-| cve       |  1882 | dhiyaneshdk  |   867 | http                 |  5927 | info     |  2894 | file |   123 |
+| cve       |  1951 | dhiyaneshdk  |   907 | http                 |  6050 | info     |  2941 | file |   142 |
-| panel     |   904 | dwisiswant0  |   794 | workflows            |   190 | high     |  1282 | dns  |    18 |
+| panel     |   959 | dwisiswant0  |   797 | workflows            |   190 | high     |  1312 | dns  |    18 |
-| wordpress |   785 | daffainfo    |   664 | file                 |   123 | medium   |  1063 |      |       |
+| wordpress |   802 | daffainfo    |   664 | file                 |   142 | medium   |  1114 |      |       |
-| exposure  |   689 | pikpikcu     |   353 | network              |    96 | critical |   710 |      |       |
+| exposure  |   719 | pikpikcu     |   353 | network              |   100 | critical |   725 |      |       |
-| wp-plugin |   676 | pdteam       |   278 | ssl                  |    24 | low      |   221 |      |       |
+| xss       |   696 | pdteam       |   280 | ssl                  |    24 | low      |   224 |      |       |
-| osint     |   652 | pussycat0x   |   255 | dns                  |    18 | unknown  |    27 |      |       |
+| wp-plugin |   691 | pussycat0x   |   261 | dns                  |    18 | unknown  |    27 |      |       |
-| xss       |   648 | geeknik      |   221 | headless             |     9 |          |       |      |       |
+| osint     |   652 | geeknik      |   221 | headless             |     9 |          |       |      |       |
-| tech      |   612 | ricardomaia  |   219 | TEMPLATES-STATS.json |     1 |          |       |      |       |
+| tech      |   618 | ricardomaia  |   220 | contributors.json    |     1 |          |       |      |       |
-| edb       |   597 | ritikchaddha |   215 | cves.json            |     1 |          |       |      |       |
+| edb       |   598 | ritikchaddha |   218 | cves.json            |     1 |          |       |      |       |
-| lfi       |   551 | 0x_akoko     |   179 | contributors.json    |     1 |          |       |      |       |
+| lfi       |   558 | 0x_akoko     |   179 | TEMPLATES-STATS.json |     1 |          |       |      |       |
-**410 directories, 6626 files**.
+**424 directories, 6772 files**.
 </td>
 </tr>
--- a/TEMPLATES-STATS.json
+++ b/TEMPLATES-STATS.json
--- a/TEMPLATES-STATS.md
+++ b/TEMPLATES-STATS.md
--- a/TOP-10.md
+++ b/TOP-10.md
@ -1,12 +1,12 @@
 |    TAG    | COUNT |    AUTHOR    | COUNT |      DIRECTORY       | COUNT | SEVERITY | COUNT | TYPE | COUNT |
 |-----------|-------|--------------|-------|----------------------|-------|----------|-------|------|-------|
-| cve       |  1882 | dhiyaneshdk  |   867 | http                 |  5927 | info     |  2894 | file |   123 |
+| cve       |  1951 | dhiyaneshdk  |   907 | http                 |  6050 | info     |  2941 | file |   142 |
-| panel     |   904 | dwisiswant0  |   794 | workflows            |   190 | high     |  1282 | dns  |    18 |
+| panel     |   959 | dwisiswant0  |   797 | workflows            |   190 | high     |  1312 | dns  |    18 |
-| wordpress |   785 | daffainfo    |   664 | file                 |   123 | medium   |  1063 |      |       |
+| wordpress |   802 | daffainfo    |   664 | file                 |   142 | medium   |  1114 |      |       |
-| exposure  |   689 | pikpikcu     |   353 | network              |    96 | critical |   710 |      |       |
+| exposure  |   719 | pikpikcu     |   353 | network              |   100 | critical |   725 |      |       |
-| wp-plugin |   676 | pdteam       |   278 | ssl                  |    24 | low      |   221 |      |       |
+| xss       |   696 | pdteam       |   280 | ssl                  |    24 | low      |   224 |      |       |
-| osint     |   652 | pussycat0x   |   255 | dns                  |    18 | unknown  |    27 |      |       |
+| wp-plugin |   691 | pussycat0x   |   261 | dns                  |    18 | unknown  |    27 |      |       |
-| xss       |   648 | geeknik      |   221 | headless             |     9 |          |       |      |       |
+| osint     |   652 | geeknik      |   221 | headless             |     9 |          |       |      |       |
-| tech      |   612 | ricardomaia  |   219 | TEMPLATES-STATS.json |     1 |          |       |      |       |
+| tech      |   618 | ricardomaia  |   220 | contributors.json    |     1 |          |       |      |       |
-| edb       |   597 | ritikchaddha |   215 | cves.json            |     1 |          |       |      |       |
+| edb       |   598 | ritikchaddha |   218 | cves.json            |     1 |          |       |      |       |
-| lfi       |   551 | 0x_akoko     |   179 | contributors.json    |     1 |          |       |      |       |
+| lfi       |   558 | 0x_akoko     |   179 | TEMPLATES-STATS.json |     1 |          |       |      |       |
--- a/contributors.json
+++ b/contributors.json
@ -1380,6 +1380,15 @@
        }
    },
    {
        "author": "noraj",
        "links": {
            "github": "https://github.com/noraj",
            "twitter": "https://twitter.com/noraj_rawsec",
            "linkedin": "",
            "website": "https://pwn.by/noraj",
            "email": ""
        }
    },{
        "author": "mabdullah22",
        "links": {
            "github": "https://www.github.com/maabdullah22",
@ -1389,5 +1398,4 @@
            "email": ""
        }
    }
 ]
--- a/cves.json
+++ b/cves.json
@ -1,5 +1,5 @@
 {"ID":"CVE-2000-0114","Info":{"Name":"Microsoft FrontPage Extensions Check (shtml.dll)","Severity":"low","Description":"Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory.","Classification":{"CVSSScore":"5.0"}},"file_path":"http/cves/2000/CVE-2000-0114.yaml"}
-{"ID":"CVE-2001-0537","Info":{"Name":"Cisco IOS HTTP Configuration Arbitrary Administrative Access","Severity":"medium","Description":"HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.","Classification":{"CVSSScore":"5.0"}},"file_path":"http/cves/2001/CVE-2001-0537.yaml"}
+{"ID":"CVE-2001-0537","Info":{"Name":"Cisco IOS HTTP Configuration - Authentication Bypass","Severity":"medium","Description":"HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.\n","Classification":{"CVSSScore":"5.0"}},"file_path":"http/cves/2001/CVE-2001-0537.yaml"}
 {"ID":"CVE-2002-1131","Info":{"Name":"SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting","Severity":"medium","Description":"The Virtual Keyboard plugin for SquirrelMail 1.2.6/1.2.7 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2002/CVE-2002-1131.yaml"}
 {"ID":"CVE-2004-0519","Info":{"Name":"SquirrelMail 1.4.x - Folder Name Cross-Site Scripting","Severity":"medium","Description":"Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php.","Classification":{"CVSSScore":"6.8"}},"file_path":"http/cves/2004/CVE-2004-0519.yaml"}
 {"ID":"CVE-2004-1965","Info":{"Name":"Open Bulletin Board (OpenBB) v1.0.6 - Open Redirect/XSS","Severity":"medium","Description":"Multiple cross-site scripting (XSS) vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) redirect parameter to member.php, (2) to parameter to myhome.php (3) TID parameter to post.php, or (4) redirect parameter to index.php.\n","Classification":{"CVSSScore":"4.3"}},"file_path":"http/cves/2004/CVE-2004-1965.yaml"}
@ -193,7 +193,9 @@
 {"ID":"CVE-2012-4889","Info":{"Name":"ManageEngine Firewall Analyzer 7.2 - Cross-Site Scripting","Severity":"medium","Description":"Multiple cross-site scripting vulnerabilities in ManageEngine Firewall Analyzer 7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) subTab or (2) tab parameter to createAnomaly.do; (3) url, (4) subTab, or (5) tab parameter to mindex.do; (6) tab parameter to index2.do; or (7) port parameter to syslogViewer.do.","Classification":{"CVSSScore":"4.3"}},"file_path":"http/cves/2012/CVE-2012-4889.yaml"}
 {"ID":"CVE-2012-4940","Info":{"Name":"Axigen Mail Server Filename Directory Traversal","Severity":"high","Description":"Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary files via a .. (dot dot) in the fileName parameter in a download action to source/loggin/page_log_dwn_file.hsp, or the fileName parameter in an edit or delete action to the default URI.","Classification":{"CVSSScore":"6.4"}},"file_path":"http/cves/2012/CVE-2012-4940.yaml"}
 {"ID":"CVE-2012-4982","Info":{"Name":"Forescout CounterACT 6.3.4.1 - Open Redirect","Severity":"medium","Description":"Open redirect vulnerability in assets/login on the Forescout CounterACT NAC device before 7.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the 'a' parameter.\n","Classification":{"CVSSScore":"5.8"}},"file_path":"http/cves/2012/CVE-2012-4982.yaml"}
 {"ID":"CVE-2012-5321","Info":{"Name":"TikiWiki CMS Groupware v8.3 - Open Redirect","Severity":"medium","Description":"tiki-featured_link.php in TikiWiki CMS/Groupware 8.3 allows remote attackers to load arbitrary web site pages into frames and conduct phishing attacks via the url parameter, aka \"frame injection\n","Classification":{"CVSSScore":"5.8"}},"file_path":"http/cves/2012/CVE-2012-5321.yaml"}
 {"ID":"CVE-2012-5913","Info":{"Name":"WordPress Integrator 1.32 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in wp-integrator.php in the WordPress Integrator module 1.32 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirect_to parameter to wp-login.php.","Classification":{"CVSSScore":"4.3"}},"file_path":"http/cves/2012/CVE-2012-5913.yaml"}
 {"ID":"CVE-2012-6499","Info":{"Name":"WordPress Plugin Age Verification v0.4 - Open Redirect","Severity":"medium","Description":"Open redirect vulnerability in age-verification.php in the Age Verification plugin 0.4 and earlier for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect_to parameter.\n","Classification":{"CVSSScore":"5.8"}},"file_path":"http/cves/2012/CVE-2012-6499.yaml"}
 {"ID":"CVE-2013-1965","Info":{"Name":"Apache Struts2 S2-012 RCE","Severity":"critical","Description":"Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.3, allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled when invoking a redirect.","Classification":{"CVSSScore":"9.3"}},"file_path":"http/cves/2013/CVE-2013-1965.yaml"}
 {"ID":"CVE-2013-2248","Info":{"Name":"Apache Struts - Multiple Open Redirection Vulnerabilities","Severity":"medium","Description":"Apache Struts is prone to multiple open-redirection vulnerabilities because the application fails to properly sanitize user-supplied input.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2013/CVE-2013-2248.yaml"}
 {"ID":"CVE-2013-2251","Info":{"Name":"Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution","Severity":"critical","Description":"In Struts 2 before 2.3.15.1 the information following \"action:\", \"redirect:\", or \"redirectAction:\" is not properly sanitized and will be evaluated as an OGNL expression against the value stack. This introduces the possibility to inject server side code.","Classification":{"CVSSScore":"9.3"}},"file_path":"http/cves/2013/CVE-2013-2251.yaml"}
@ -339,6 +341,7 @@
 {"ID":"CVE-2016-10940","Info":{"Name":"WordPress zm-gallery plugin 1.0 SQL Injection","Severity":"high","Description":"zm-gallery plugin 1.0 for WordPress is susceptible to SQL injection via the order parameter.","Classification":{"CVSSScore":"7.2"}},"file_path":"http/cves/2016/CVE-2016-10940.yaml"}
 {"ID":"CVE-2016-10956","Info":{"Name":"WordPress Mail Masta 1.0 - Local File Inclusion","Severity":"high","Description":"WordPress Mail Masta 1.0 is susceptible to local file inclusion in count_of_send.php and csvexport.php.","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2016/CVE-2016-10956.yaml"}
 {"ID":"CVE-2016-10960","Info":{"Name":"WordPress wSecure Lite \u003c 2.4 - Remote Code Execution","Severity":"high","Description":"WordPress wsecure plugin before 2.4 is susceptible to remote code execution via shell metacharacters in the wsecure-config.php publish parameter.","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2016/CVE-2016-10960.yaml"}
 {"ID":"CVE-2016-10973","Info":{"Name":"Brafton WordPress Plugin \u003c 3.4.8 - Cross-Site Scripting","Severity":"medium","Description":"The Brafton plugin before 3.4.8 for WordPress has XSS via the wp-admin/admin.php?page=BraftonArticleLoader tab parameter to BraftonAdminPage.php.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2016/CVE-2016-10973.yaml"}
 {"ID":"CVE-2016-10993","Info":{"Name":"ScoreMe Theme - Cross-Site Scripting","Severity":"medium","Description":"WordPress ScoreMe theme through 2016-04-01 contains a reflected cross-site scripting vulnerability via the s parameter which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2016/CVE-2016-10993.yaml"}
 {"ID":"CVE-2016-1555","Info":{"Name":"NETGEAR WNAP320 Access Point Firmware - Remote Command Injection","Severity":"critical","Description":"NETGEAR WNAP320 Access Point Firmware version 2.0.3 could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2016/CVE-2016-1555.yaml"}
 {"ID":"CVE-2016-2389","Info":{"Name":"SAP xMII 15.0 for SAP NetWeaver 7.4 - Local File Inclusion","Severity":"high","Description":"SAP xMII 15.0 for SAP NetWeaver 7.4 is susceptible to a local file inclusion vulnerability in the GetFileList function. This can allow remote attackers to read arbitrary files via a .. (dot dot) in the path parameter to /Catalog, aka SAP Security Note 2230978.","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2016/CVE-2016-2389.yaml"}
@ -561,6 +564,7 @@
 {"ID":"CVE-2018-6008","Info":{"Name":"Joomla! Jtag Members Directory 5.3.7 - Local File Inclusion","Severity":"high","Description":"Joomla! Jtag Members Directory 5.3.7 is vulnerable to local file inclusion via the download_file parameter.","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2018/CVE-2018-6008.yaml"}
 {"ID":"CVE-2018-6184","Info":{"Name":"Zeit Next.js \u003c4.2.3 -  Local File Inclusion","Severity":"high","Description":"Zeit Next.js before 4.2.3 is susceptible to local file inclusion under the /_next request namespace. An attacker can obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2018/CVE-2018-6184.yaml"}
 {"ID":"CVE-2018-6200","Info":{"Name":"vBulletin - Open Redirect","Severity":"medium","Description":"vBulletin 3.x.x and 4.2.x through 4.2.5 contains an open redirect vulnerability via the redirector.php URL parameter. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2018/CVE-2018-6200.yaml"}
 {"ID":"CVE-2018-6530","Info":{"Name":"D-Link - Unauthenticated Remote Code Execution","Severity":"critical","Description":"OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2018/CVE-2018-6530.yaml"}
 {"ID":"CVE-2018-6910","Info":{"Name":"DedeCMS 5.7 - Path Disclosure","Severity":"high","Description":"DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include/downmix.inc.php or inc/inc_archives_functions.php","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2018/CVE-2018-6910.yaml"}
 {"ID":"CVE-2018-7251","Info":{"Name":"Anchor CMS 0.12.3 - Error Log Exposure","Severity":"critical","Description":"Anchor CMS 0.12.3 is susceptible to an error log exposure vulnerability due to an issue  in config/error.php. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error (such as \"Too many connections\") has occurred.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2018/CVE-2018-7251.yaml"}
 {"ID":"CVE-2018-7422","Info":{"Name":"WordPress Site Editor \u003c=1.1.1 - Local File Inclusion","Severity":"high","Description":"WordPress Site Editor through 1.1.1 allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2018/CVE-2018-7422.yaml"}
@ -629,6 +633,7 @@
 {"ID":"CVE-2019-14470","Info":{"Name":"WordPress UserPro 4.9.32 - Cross-Site Scripting","Severity":"medium","Description":"WordPress UserPro 4.9.32 is vulnerable to reflected cross-site scripting because the Instagram PHP API (v2) it relies on allows it via the example/success.php error_description parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2019/CVE-2019-14470.yaml"}
 {"ID":"CVE-2019-14530","Info":{"Name":"OpenEMR \u003c5.0.2 - Local File Inclusion","Severity":"high","Description":"OpenEMR before 5.0.2 is vulnerable to local file inclusion via the fileName parameter in custom/ajax_download.php. An attacker can download any file (that is readable by the web server user) from server storage. If the requested file is writable for the web server user and the directory /var/www/openemr/sites/default/documents/cqm_qrda/ exists, the file will be deleted from server.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2019/CVE-2019-14530.yaml"}
 {"ID":"CVE-2019-14696","Info":{"Name":"Open-School 3.0/Community Edition 2.3 - Cross-Site Scripting","Severity":"medium","Description":"Open-School 3.0, and Community Edition 2.3, allows cross-site scripting via the osv/index.php?r=students/guardians/create id parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2019/CVE-2019-14696.yaml"}
 {"ID":"CVE-2019-14789","Info":{"Name":"Custom 404 Pro \u003c 3.2.8 - Cross-Site Scripting","Severity":"medium","Description":"Custom 404 Pro before 3.2.9 is susceptible to cross-site scripting via the title parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2019/CVE-2019-14789.yaml"}
 {"ID":"CVE-2019-14974","Info":{"Name":"SugarCRM Enterprise 9.0.0 - Cross-Site Scripting","Severity":"medium","Description":"SugarCRM Enterprise 9.0.0 contains a cross-site scripting vulnerability via mobile/error-not-supported-platform.html?desktop_url.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2019/CVE-2019-14974.yaml"}
 {"ID":"CVE-2019-15043","Info":{"Name":"Grafana - Improper Access Control","Severity":"high","Description":"Grafana 2.x through 6.x before 6.3.4 is susceptible to improper access control. An attacker can delete and create arbitrary snapshots, leading to denial of service.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2019/CVE-2019-15043.yaml"}
 {"ID":"CVE-2019-15107","Info":{"Name":"Webmin \u003c= 1.920 - Unauthenticated Remote Command Execution","Severity":"critical","Description":"Webmin \u003c=1.920. is vulnerable to an unauthenticated remote command execution via the parameter 'old' in password_change.cgi.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2019/CVE-2019-15107.yaml"}
@ -716,6 +721,7 @@
 {"ID":"CVE-2019-7543","Info":{"Name":"KindEditor 4.1.11 - Cross-Site Scripting","Severity":"medium","Description":"KindEditor 4.1.11 contains a cross-site scripting vulnerability via the php/demo.php content1 parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2019/CVE-2019-7543.yaml"}
 {"ID":"CVE-2019-7609","Info":{"Name":"Kibana Timelion - Arbitrary Code Execution","Severity":"critical","Description":"Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2019/CVE-2019-7609.yaml"}
 {"ID":"CVE-2019-8086","Info":{"Name":"Adobe Experience Manager - XML External Entity Injection","Severity":"high","Description":"Adobe Experience Manager 6.5, 6.4, 6.3 and 6.2 are susceptible to XML external entity injection. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2019/CVE-2019-8086.yaml"}
 {"ID":"CVE-2019-8390","Info":{"Name":"qdPM 9.1 - Cross-site Scripting","Severity":"medium","Description":"qdPM 9.1 suffers from Cross-site Scripting (XSS) in the search[keywords] parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2019/CVE-2019-8390.yaml"}
 {"ID":"CVE-2019-8442","Info":{"Name":"Jira - Local File Inclusion","Severity":"high","Description":"Jira before version 7.13.4, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1, allows remote attackers to access files in the Jira webroot under the META-INF directory via local file inclusion.","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2019/CVE-2019-8442.yaml"}
 {"ID":"CVE-2019-8446","Info":{"Name":"Jira Improper Authorization","Severity":"medium","Description":"The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote attackers to enumerate usernames via an incorrect authorisation check.","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2019/CVE-2019-8446.yaml"}
 {"ID":"CVE-2019-8449","Info":{"Name":"Jira \u003c8.4.0 - Information Disclosure","Severity":"medium","Description":"Jira before 8.4.0 is susceptible to information disclosure. The /rest/api/latest/groupuserpicker resource can allow an attacker to enumerate usernames, and thereby potentially obtain sensitive information, modify data, and/or execute unauthorized operations.","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2019/CVE-2019-8449.yaml"}
@ -816,6 +822,7 @@
 {"ID":"CVE-2020-19295","Info":{"Name":"Jeesns 1.4.2 - Cross-Site Scripting","Severity":"medium","Description":"Jeesns 1.4.2 is vulnerable to reflected cross-site scripting in the /weibo/topic component and allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2020/CVE-2020-19295.yaml"}
 {"ID":"CVE-2020-19360","Info":{"Name":"FHEM 6.0 - Local File Inclusion","Severity":"high","Description":"FHEM version 6.0 suffers from a local file inclusion vulnerability.","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2020/CVE-2020-19360.yaml"}
 {"ID":"CVE-2020-1943","Info":{"Name":"Apache OFBiz \u003c=16.11.07 - Cross-Site Scripting","Severity":"medium","Description":"Apache OFBiz 16.11.01 to 16.11.07 is vulnerable to cross-site scripting because data sent with contentId to /control/stream is not sanitized.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2020/CVE-2020-1943.yaml"}
 {"ID":"CVE-2020-19515","Info":{"Name":"qdPM 9.1 - Cross-site Scripting","Severity":"medium","Description":"qdPM V9.1 is vulnerable to Cross Site Scripting (XSS) via qdPM\\install\\modules\\database_config.php.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2020/CVE-2020-19515.yaml"}
 {"ID":"CVE-2020-1956","Info":{"Name":"Apache Kylin 3.0.1 - Command Injection Vulnerability","Severity":"high","Description":"Apache Kylin 2.3.0, and releases up to 2.6.5 and 3.0.1 has some restful apis which will concatenate os command with the user input string, a user is likely to be able to execute any os command without any protection or validation.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2020/CVE-2020-1956.yaml"}
 {"ID":"CVE-2020-19625","Info":{"Name":"Gridx 1.3 - Remote Code Execution","Severity":"critical","Description":"Gridx 1.3 is susceptible to remote code execution via tests/support/stores/test_grid_filter.php, which allows remote attackers to execute arbitrary code via crafted values submitted to the $query parameter.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2020/CVE-2020-19625.yaml"}
 {"ID":"CVE-2020-20285","Info":{"Name":"ZZcms - Cross-Site Scripting","Severity":"medium","Description":"ZZcms 2019 contains a cross-site scripting vulnerability in the user login page. An attacker can inject arbitrary JavaScript code in the referer header via user/login.php, which can allow theft of cookie-based credentials and launch of subsequent attacks.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2020/CVE-2020-20285.yaml"}
@ -909,6 +916,10 @@
 {"ID":"CVE-2020-35847","Info":{"Name":"Agentejo Cockpit \u003c0.11.2 - NoSQL Injection","Severity":"critical","Description":"Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function of the Auth controller.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2020/CVE-2020-35847.yaml"}
 {"ID":"CVE-2020-35848","Info":{"Name":"Agentejo Cockpit \u003c0.12.0 - NoSQL Injection","Severity":"critical","Description":"Agentejo Cockpit prior to 0.12.0 is vulnerable to NoSQL Injection via the newpassword method of the Auth controller, which is responsible for displaying the user password reset form.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2020/CVE-2020-35848.yaml"}
 {"ID":"CVE-2020-35951","Info":{"Name":"Wordpress Quiz and Survey Master \u003c7.0.1 - Arbitrary File Deletion","Severity":"critical","Description":"Wordpress Quiz and Survey Master \u003c7.0.1 allows users to delete arbitrary files such as wp-config.php file, which could effectively take a site offline and allow an attacker to reinstall with a WordPress instance under their control. This occurred via qsm_remove_file_fd_question, which allowed unauthenticated deletions (even though it was only intended for a person to delete their own quiz-answer files).","Classification":{"CVSSScore":"9.9"}},"file_path":"http/cves/2020/CVE-2020-35951.yaml"}
 {"ID":"CVE-2020-35984","Info":{"Name":"Rukovoditel \u003c= 2.7.2 - Cross Site Scripting","Severity":"medium","Description":"A stored cross site scripting (XSS) vulnerability in the 'Users Alerts' feature of Rukovoditel 2.7.2 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Title' parameter.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2020/CVE-2020-35984.yaml"}
 {"ID":"CVE-2020-35985","Info":{"Name":"Rukovoditel \u003c= 2.7.2 - Cross Site Scripting","Severity":"medium","Description":"A stored cross site scripting (XSS) vulnerability in the 'Global Lists\" feature of Rukovoditel 2.7.2 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Name' parameter.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2020/CVE-2020-35985.yaml"}
 {"ID":"CVE-2020-35986","Info":{"Name":"Rukovoditel \u003c= 2.7.2 - Cross Site Scripting","Severity":"medium","Description":"A stored cross site scripting (XSS) vulnerability in the 'Users Access Groups' feature of Rukovoditel 2.7.2 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Name' parameter.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2020/CVE-2020-35986.yaml"}
 {"ID":"CVE-2020-35987","Info":{"Name":"Rukovoditel \u003c= 2.7.2 - Cross-Site Scripting","Severity":"medium","Description":"A stored cross site scripting (XSS) vulnerability in the 'Entities List' feature of Rukovoditel 2.7.2 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Name' parameter.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2020/CVE-2020-35987.yaml"}
 {"ID":"CVE-2020-36112","Info":{"Name":"CSE Bookstore 1.0 - SQL Injection","Severity":"critical","Description":"CSE Bookstore version 1.0 is vulnerable to time-based blind, boolean-based blind and OR error-based SQL injection in pubid parameter in bookPerPub.php. A successful exploitation of this vulnerability will lead to an attacker dumping the entire database.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2020/CVE-2020-36112.yaml"}
 {"ID":"CVE-2020-36289","Info":{"Name":"Jira Server and Data Center - Information Disclosure","Severity":"medium","Description":"Jira Server and Data Center is susceptible to information disclosure. An attacker can enumerate users via the QueryComponentRendererValue!Default.jspa endpoint and thus potentially access sensitive information, modify data, and/or execute unauthorized operations, Affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and from version 8.14.0 before 8.15.1.","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2020/CVE-2020-36289.yaml"}
 {"ID":"CVE-2020-36365","Info":{"Name":"Smartstore \u003c4.1.0 - Open Redirect","Severity":"medium","Description":"Smartstore (aka \"SmartStoreNET\") before 4.1.0 contains an open redirect vulnerability via CommonController.ClearCache, ClearDatabaseCache, RestartApplication, and ScheduleTaskController.Edit. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2020/CVE-2020-36365.yaml"}
@ -1379,6 +1390,7 @@
 {"ID":"CVE-2021-46417","Info":{"Name":"Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion","Severity":"high","Description":"Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 is susceptible to local file inclusion because of insecure handling of a download function that leads to disclosure of internal files due to path traversal with root privileges.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2021/CVE-2021-46417.yaml"}
 {"ID":"CVE-2021-46422","Info":{"Name":"SDT-CW3B1 1.1.0 - OS Command Injection","Severity":"critical","Description":"Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote attacker to execute OS commands without any authentication.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2021/CVE-2021-46422.yaml"}
 {"ID":"CVE-2021-46424","Info":{"Name":"Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Delete","Severity":"critical","Description":"Telesquare TLR-2005KSH 1.0.0 is affected by an arbitrary file deletion vulnerability that allows a remote attacker to delete any file, even system internal files, via a DELETE request.","Classification":{"CVSSScore":"9.1"}},"file_path":"http/cves/2021/CVE-2021-46424.yaml"}
 {"ID":"CVE-2021-46704","Info":{"Name":"GenieACS =\u003e 1.2.8 - OS Command Injection","Severity":"critical","Description":"In GenieACS 1.2.x before 1.2.8, the UI interface API is vulnerable to unauthenticated OS command injection via the ping host argument (lib/ui/api.ts and lib/ping.ts). The vulnerability arises from insufficient input validation combined with a missing authorization check.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2021/CVE-2021-46704.yaml"}
 {"ID":"CVE-2022-0140","Info":{"Name":"WordPress Visual Form Builder \u003c3.0.8 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Visual Form Builder plugin before 3.0.8 contains a cross-site scripting vulnerability. The plugin does not perform access control on entry form export, allowing an unauthenticated user to export the form entries as CSV files using the vfb-export endpoint.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2022/CVE-2022-0140.yaml"}
 {"ID":"CVE-2022-0147","Info":{"Name":"WordPress Cookie Information/Free GDPR Consent Solution \u003c2.0.8 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Cookie Information/Free GDPR Consent Solution plugin prior to 2.0.8 contains a cross-site scripting vulnerability via the admin dashboard. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-0147.yaml"}
 {"ID":"CVE-2022-0148","Info":{"Name":"WordPress All-in-one Floating Contact Form \u003c2.0.4 - Cross-Site Scripting","Severity":"medium","Description":"WordPress All-in-one Floating Contact Form, Call, Chat, and 50+ Social Icon Tabs plugin before 2.0.4 contains a reflected cross-site scripting vulnerability on the my-sticky-elements-leads admin page.","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2022/CVE-2022-0148.yaml"}
@ -1717,6 +1729,7 @@
 {"ID":"CVE-2022-3982","Info":{"Name":"WordPress Booking Calendar \u003c3.2.2 - Arbitrary File Upload","Severity":"critical","Description":"WordPress Booking Calendar plugin before 3.2.2 is susceptible to arbitrary file upload possibly leading to remote code execution. The plugin does not validate uploaded files, which can allow an attacker to upload arbitrary files, such as PHP, and potentially obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-3982.yaml"}
 {"ID":"CVE-2022-39952","Info":{"Name":"Fortinet FortiNAC - Arbitrary File Write","Severity":"critical","Description":"Fortinet FortiNAC is susceptible to arbitrary file write. An external control of the file name or path can allow an attacker to execute unauthorized code or commands via specifically crafted HTTP request, thus making it possible to obtain sensitive information, modify data, and/or execute unauthorized operations. Affected versions are 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, and 8.3.7.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-39952.yaml"}
 {"ID":"CVE-2022-39960","Info":{"Name":"Jira Netic Group Export \u003c1.0.3 - Missing Authorization","Severity":"medium","Description":"Jira Netic Group Export add-on before 1.0.3 contains a missing authorization vulnerability. The add-on does not perform authorization checks, which can allow an unauthenticated user to export all groups from the Jira instance by making a groupexport_download=true request to a plugins/servlet/groupexportforjira/admin/ URI and thereby potentially obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2022/CVE-2022-39960.yaml"}
 {"ID":"CVE-2022-40022","Info":{"Name":"Symmetricom SyncServer Unauthenticated - Remote Command Execution","Severity":"critical","Description":"Microchip Technology (Microsemi) SyncServer S650 was discovered to contain a command injection vulnerability.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-40022.yaml"}
 {"ID":"CVE-2022-40083","Info":{"Name":"Labstack Echo 4.8.0 - Open Redirect","Severity":"critical","Description":"Labstack Echo 4.8.0 contains an open redirect vulnerability via the Static Handler component. An attacker can leverage this vulnerability to cause server-side request forgery, making it possible to obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"9.6"}},"file_path":"http/cves/2022/CVE-2022-40083.yaml"}
 {"ID":"CVE-2022-40359","Info":{"Name":"Kae's File Manager \u003c=1.4.7 - Cross-Site Scripting","Severity":"medium","Description":"Kae's File Manager through 1.4.7 contains a cross-site scripting vulnerability via a crafted GET request to /kfm/index.php. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-40359.yaml"}
 {"ID":"CVE-2022-4050","Info":{"Name":"WordPress JoomSport \u003c5.2.8 - SQL Injection","Severity":"critical","Description":"WordPress JoomSport plugin before 5.2.8 contains a SQL injection vulnerability. The plugin does not properly sanitize and escape a parameter before using it in a SQL statement. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-4050.yaml"}
@ -1740,6 +1753,7 @@
 {"ID":"CVE-2022-42747","Info":{"Name":"CandidATS 3.0.0 - Cross-Site Scripting.","Severity":"medium","Description":"CandidATS 3.0.0 contains a cross-site scripting vulnerability via the sortBy parameter of the ajax.php resource. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-42747.yaml"}
 {"ID":"CVE-2022-42748","Info":{"Name":"CandidATS 3.0.0 - Cross-Site Scripting.","Severity":"medium","Description":"CandidATS 3.0.0 contains a cross-site scripting vulnerability via the sortDirection parameter of the ajax.php resource. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-42748.yaml"}
 {"ID":"CVE-2022-42749","Info":{"Name":"CandidATS 3.0.0 - Cross-Site Scripting","Severity":"medium","Description":"CandidATS 3.0.0 contains a cross-site scripting vulnerability via the page parameter of the ajax.php resource. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-42749.yaml"}
 {"ID":"CVE-2022-4295","Info":{"Name":"Show all comments \u003c 7.0.1 - Cross-Site Scripting","Severity":"medium","Description":"The Show All Comments WordPress plugin before 7.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against a logged in high privilege users such as admin.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-4295.yaml"}
 {"ID":"CVE-2022-4301","Info":{"Name":"WordPress Sunshine Photo Cart \u003c2.9.15 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Sunshine Photo Cart plugin before 2.9.15 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-4301.yaml"}
 {"ID":"CVE-2022-43014","Info":{"Name":"OpenCATS 0.9.6 - Cross-Site Scripting","Severity":"medium","Description":"OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the joborderID parameter. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-43014.yaml"}
 {"ID":"CVE-2022-43015","Info":{"Name":"OpenCATS 0.9.6 - Cross-Site Scripting","Severity":"medium","Description":"OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the entriesPerPage parameter. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-43015.yaml"}
@ -1748,6 +1762,13 @@
 {"ID":"CVE-2022-43018","Info":{"Name":"OpenCATS 0.9.6 - Cross-Site Scripting","Severity":"medium","Description":"OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the email parameter in the Check Email function. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-43018.yaml"}
 {"ID":"CVE-2022-4306","Info":{"Name":"WordPress Panda Pods Repeater Field \u003c1.5.4 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Panda Pods Repeater Field before 1.5.4 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the page. This can be leveraged against a user who has at least Contributor permission. An attacker can also steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2022/CVE-2022-4306.yaml"}
 {"ID":"CVE-2022-43140","Info":{"Name":"kkFileView 4.1.0 - Server-Side Request Forgery","Severity":"high","Description":"kkFileView 4.1.0 is susceptible to server-side request forgery via the component cn.keking.web.controller.OnlinePreviewController#getCorsFile. An attacker can force the application to make arbitrary requests via injection of crafted URLs into the url parameter and thereby potentially obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2022/CVE-2022-43140.yaml"}
 {"ID":"CVE-2022-43164","Info":{"Name":"Rukovoditel \u003c= 3.2.1 - Cross Site Scripting","Severity":"medium","Description":"A stored cross-site scripting (XSS) vulnerability in the Global Lists feature (/index.php?module=global_lists/lists) of Rukovoditel v3.2.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter after clicking \"Add\".\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2022/CVE-2022-43164.yaml"}
 {"ID":"CVE-2022-43165","Info":{"Name":"Rukovoditel \u003c= 3.2.1 - Cross Site Scripting","Severity":"medium","Description":"A stored cross-site scripting (XSS) vulnerability in the Global Variables feature (/index.php?module=global_vars/vars) of Rukovoditel v3.2.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Value parameter after clicking \"Create\".\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2022/CVE-2022-43165.yaml"}
 {"ID":"CVE-2022-43166","Info":{"Name":"Rukovoditel \u003c= 3.2.1 - Cross Site Scripting","Severity":"medium","Description":"A stored cross-site scripting (XSS) vulnerability in the Global Entities feature (/index.php?module=entities/entities) of Rukovoditel v3.2.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter after clicking \"Add New Entity\".\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2022/CVE-2022-43166.yaml"}
 {"ID":"CVE-2022-43167","Info":{"Name":"Rukovoditel \u003c= 3.2.1 - Cross Site Scripting","Severity":"medium","Description":"A stored cross-site scripting (XSS) vulnerability in the Users Alerts feature (/index.php?module=users_alerts/users_alerts) of Rukovoditel v3.2.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter after clicking \"Add\".\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2022/CVE-2022-43167.yaml"}
 {"ID":"CVE-2022-43169","Info":{"Name":"Rukovoditel \u003c= 3.2.1 - Cross-Site Scripting","Severity":"medium","Description":"A stored cross-site scripting (XSS) vulnerability in the Users Access Groups feature (/index.php?module=users_groups/users_groups) of Rukovoditel v3.2.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter after clicking \"Add New Group\".\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2022/CVE-2022-43169.yaml"}
 {"ID":"CVE-2022-43170","Info":{"Name":"Rukovoditel \u003c= 3.2.1 - Cross Site Scripting","Severity":"medium","Description":"A stored cross-site scripting (XSS) vulnerability in the Dashboard Configuration feature (index.php?module=dashboard_configure/index) of Rukovoditel v3.2.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter after clicking \"Add info block\".\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2022/CVE-2022-43170.yaml"}
 {"ID":"CVE-2022-43185","Info":{"Name":"Rukovoditel \u003c= 3.2.1 - Cross-Site Scripting","Severity":"medium","Description":"A stored cross-site scripting (XSS) vulnerability in the Global Lists feature (/index.php?module=global_lists/lists) of Rukovoditel v3.2.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter after clicking \"Add\".\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2022/CVE-2022-43185.yaml"}
 {"ID":"CVE-2022-4320","Info":{"Name":"WordPress Events Calendar \u003c1.4.5 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Events Calendar plugin before 1.4.5 contains multiple cross-site scripting vulnerabilities. The plugin does not sanitize and escape a parameter before outputting it back in the page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site, which can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This vulnerability can be used against both unauthenticated and authenticated users.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-4320.yaml"}
 {"ID":"CVE-2022-4321","Info":{"Name":"PDF Generator for WordPress \u003c 1.1.2 - Cross Site Scripting","Severity":"medium","Description":"The plugin includes a vendored dompdf example file which is susceptible to Reflected Cross-Site Scripting and could be used against high privilege users such as admin\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2022/CVE-2022-4321.yaml"}
 {"ID":"CVE-2022-4325","Info":{"Name":"WordPress Post Status Notifier Lite \u003c1.10.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Post Status Notifier Lite plugin before 1.10.1 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site, which can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This vulnerability can be used against high-privilege users such as admin.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-4325.yaml"}
@ -1755,6 +1776,14 @@
 {"ID":"CVE-2022-43769","Info":{"Name":"Hitachi Pentaho Business Analytics Server - Remote Code Execution","Severity":"high","Description":"Hitachi Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x, is susceptible to remote code execution via server-side template injection. Certain web services can set property values which contain Spring templates that are interpreted downstream, thereby potentially enabling an attacker to execute malware, obtain sensitive information, modify data, and/or perform unauthorized operations without entering necessary credentials.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"http/cves/2022/CVE-2022-43769.yaml"}
 {"ID":"CVE-2022-4447","Info":{"Name":"WordPress Fontsy \u003c=1.8.6 - SQL Injection","Severity":"critical","Description":"WordPress Fontsy plugin through 1.8.6 is susceptible to SQL injection. The plugin does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action.  An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-4447.yaml"}
 {"ID":"CVE-2022-44877","Info":{"Name":"CentOS Web Panel 7 \u003c0.9.8.1147 - Remote Code Execution","Severity":"critical","Description":"CentOS Web Panel 7 before 0.9.8.1147 is susceptible to remote code execution via entering shell characters in the /login/index.php component. This can allow an attacker to execute arbitrary system commands via crafted HTTP requests and potentially execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-44877.yaml"}
 {"ID":"CVE-2022-44944","Info":{"Name":"Rukovoditel \u003c= 3.2.1 - Cross Site Scripting","Severity":"medium","Description":"Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add Announcement function at /index.php?module=help_pages/pages\u0026entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2022/CVE-2022-44944.yaml"}
 {"ID":"CVE-2022-44946","Info":{"Name":"Rukovoditel \u003c= 3.2.1 - Cross-Site Scripting","Severity":"medium","Description":"Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add Page function at /index.php?module=help_pages/pages\u0026entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2022/CVE-2022-44946.yaml"}
 {"ID":"CVE-2022-44947","Info":{"Name":"Rukovoditel \u003c= 3.2.1 - Cross Site Scripting","Severity":"medium","Description":"Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Highlight Row feature at /index.php?module=entities/listing_types\u0026entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note field after clicking \"Add\".\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2022/CVE-2022-44947.yaml"}
 {"ID":"CVE-2022-44948","Info":{"Name":"Rukovoditel \u003c= 3.2.1 - Cross-Site Scripting","Severity":"medium","Description":"Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Entities Group feature at/index.php?module=entities/entities_groups. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field after clicking \"Add\".\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2022/CVE-2022-44948.yaml"}
 {"ID":"CVE-2022-44949","Info":{"Name":"Rukovoditel \u003c= 3.2.1 - Cross Site Scripting","Severity":"medium","Description":"Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Field function at /index.php?module=entities/fields\u0026entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Short Name field.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2022/CVE-2022-44949.yaml"}
 {"ID":"CVE-2022-44950","Info":{"Name":"Rukovoditel \u003c= 3.2.1 - Cross Site Scripting","Severity":"medium","Description":"Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Field function at /index.php?module=entities/fields\u0026entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2022/CVE-2022-44950.yaml"}
 {"ID":"CVE-2022-44951","Info":{"Name":"Rukovoditel \u003c= 3.2.1 - Cross Site Scripting","Severity":"medium","Description":"Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Form tab function at /index.php?module=entities/forms\u0026entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2022/CVE-2022-44951.yaml"}
 {"ID":"CVE-2022-44952","Info":{"Name":"Rukovoditel \u003c= 3.2.1 - Cross Site Scripting","Severity":"medium","Description":"Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in /index.php?module=configuration/application. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Copyright Text field after clicking \"Add\".\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2022/CVE-2022-44952.yaml"}
 {"ID":"CVE-2022-45037","Info":{"Name":"WBCE CMS v1.5.4 -  Cross Site Scripting (Stored)","Severity":"medium","Description":"A cross-site scripting (XSS) vulnerability in /admin/users/index.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Display Name field.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2022/CVE-2022-45037.yaml"}
 {"ID":"CVE-2022-45038","Info":{"Name":"WBCE CMS v1.5.4 -  Cross Site Scripting (Stored)","Severity":"medium","Description":"A cross-site scripting (XSS) vulnerability in /admin/settings/save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website Footer field.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2022/CVE-2022-45038.yaml"}
 {"ID":"CVE-2022-45362","Info":{"Name":"WordPress Paytm Payment Gateway \u003c=2.7.0 - Server-Side Request Forgery","Severity":"high","Description":"WordPress Paytm Payment Gateway plugin through 2.7.0 contains a server-side request forgery vulnerability. An attacker can cause a website to execute website requests to an arbitrary domain, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.","Classification":{"CVSSScore":"7.2"}},"file_path":"http/cves/2022/CVE-2022-45362.yaml"}
@ -1763,6 +1792,8 @@
 {"ID":"CVE-2022-45917","Info":{"Name":"ILIAS eLearning \u003c7.16 - Open Redirect","Severity":"medium","Description":"ILIAS eLearning before 7.16 contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-45917.yaml"}
 {"ID":"CVE-2022-45933","Info":{"Name":"KubeView \u003c=0.1.31 - Information Disclosure","Severity":"critical","Description":"KubeView through 0.1.31 is susceptible to information disclosure. An attacker can obtain control of a Kubernetes cluster because api/scrape/kube-system does not require authentication and retrieves certificate files that can be used for authentication as kube-admin. An attacker can thereby possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-45933.yaml"}
 {"ID":"CVE-2022-46020","Info":{"Name":"WBCE CMS v1.5.4 -  Remote Code Execution","Severity":"critical","Description":"WBCE CMS v1.5.4 can implement getshell by modifying the upload file type.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-46020.yaml"}
 {"ID":"CVE-2022-46071","Info":{"Name":"Helmet Store Showroom v1.0 - SQL Injection","Severity":"critical","Description":"There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability can be exploited to bypass admin access.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-46071.yaml"}
 {"ID":"CVE-2022-46073","Info":{"Name":"Helmet Store Showroom - Cross Site Scripting","Severity":"medium","Description":"Helmet Store Showroom 1.0 is vulnerable to Cross Site Scripting (XSS).\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-46073.yaml"}
 {"ID":"CVE-2022-46169","Info":{"Name":"Cacti \u003c=1.2.22 - Remote Command Injection","Severity":"critical","Description":"Cacti through 1.2.22 is susceptible to remote command injection. There is insufficient authorization within the remote agent when handling HTTP requests with a custom Forwarded-For HTTP header. An attacker can send a specially crafted HTTP request to the affected instance and execute arbitrary OS commands on the server, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-46169.yaml"}
 {"ID":"CVE-2022-46381","Info":{"Name":"Linear eMerge E3-Series - Cross-Site Scripting","Severity":"medium","Description":"Linear eMerge E3-Series devices contain a cross-site scripting vulnerability via the type parameter, e.g., to the badging/badge_template_v0.php component. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site and thus steal cookie-based authentication credentials and launch other attacks. This affects versions 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-46381.yaml"}
 {"ID":"CVE-2022-46888","Info":{"Name":"NexusPHP \u003c1.7.33 - Cross-Site Scripting","Severity":"medium","Description":"NexusPHP before 1.7.33 contains multiple cross-site scripting vulnerabilities via the secret parameter in /login.php; q parameter in /user-ban-log.php; query parameter in /log.php; text parameter in /moresmiles.php; q parameter in myhr.php; or id parameter in /viewrequests.php. An attacker can inject arbitrary web script or HTML, which can allow theft of cookie-based authentication credentials and launch of other attacks..\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-46888.yaml"}
@ -1776,9 +1807,15 @@
 {"ID":"CVE-2022-48165","Info":{"Name":"Wavlink - Improper Access Control","Severity":"high","Description":"Wavlink WL-WN530H4 M30H4.V5030.210121 is susceptible to improper access control in the component /cgi-bin/ExportLogs.sh. An attacker can download configuration data and log files, obtain admin credentials, and potentially execute unauthorized operations.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2022/CVE-2022-48165.yaml"}
 {"ID":"CVE-2022-4897","Info":{"Name":"WordPress BackupBuddy \u003c8.8.3 - Cross Site Scripting","Severity":"medium","Description":"WordPress BackupBuddy plugin before 8.8.3 contains a cross-site vulnerability. The plugin does not sanitize and escape some parameters before outputting them back in various locations. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-4897.yaml"}
 {"ID":"CVE-2023-0099","Info":{"Name":"Simple URLs \u003c 115 - Cross Site Scripting","Severity":"medium","Description":"The plugin does not sanitise and escape some parameters before outputting them back in some pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-0099.yaml"}
 {"ID":"CVE-2023-0126","Info":{"Name":"SonicWall SMA1000 LFI","Severity":"high","Description":"Pre-authentication path traversal vulnerability in SMA1000 firmware version 12.4.2, which allows an unauthenticated attacker to access arbitrary files and directories stored outside the web root directory.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-0126.yaml"}
 {"ID":"CVE-2023-0236","Info":{"Name":"WordPress Tutor LMS \u003c2.0.10 - Cross Site Scripting","Severity":"medium","Description":"WordPress Tutor LMS plugin before 2.0.10 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape the reset_key and user_id parameters before outputting then back in attributes. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site, which can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This vulnerability can be used against high-privilege users such as admin.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-0236.yaml"}
 {"ID":"CVE-2023-0261","Info":{"Name":"WordPress WP TripAdvisor Review Slider \u003c10.8 - Authenticated SQL Injection","Severity":"high","Description":"WordPress WP TripAdvisor Review Slider plugin before 10.8 is susceptible to authenticated SQL injection. The plugin does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber. This can lead, in turn, to obtaining sensitive information, modifying data, and/or executing unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2023/CVE-2023-0261.yaml"}
 {"ID":"CVE-2023-0297","Info":{"Name":"PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)","Severity":"critical","Description":"Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-0297.yaml"}
 {"ID":"CVE-2023-0514","Info":{"Name":"Membership Database \u003c= 1.0 - Cross-Site Scripting","Severity":"medium","Description":"Membership Database before 1.0 is susceptible to cross-site scripting via the tab parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-0514.yaml"}
 {"ID":"CVE-2023-0527","Info":{"Name":"Online Security Guards Hiring System - Cross-Site Scripting","Severity":"medium","Description":"A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file search-request.php. The manipulation of the argument searchdata with the input \"\u003e\u003cscript\u003ealert(document.domain)\u003c/script\u003e leads to cross site scripting. The attack may be launched remotely.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-0527.yaml"}
 {"ID":"CVE-2023-0552","Info":{"Name":"WordPress Pie Register \u003c3.8.2.3 - Open Redirect","Severity":"medium","Description":"WordPress Pie Register plugin before 3.8.2.3 contains an open redirect vulnerability. The plugin does not properly validate the redirection URL when logging in and login out. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2023/CVE-2023-0552.yaml"}
 {"ID":"CVE-2023-0562","Info":{"Name":"Bank Locker Management System v1.0 - SQL Injection","Severity":"critical","Description":"A vulnerability was found in PHPGurukul Bank Locker Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php of the component Login. The manipulation of the argument username leads to sql injection.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-0562.yaml"}
 {"ID":"CVE-2023-0563","Info":{"Name":"Bank Locker Management System - Cross-Site Scripting","Severity":"medium","Description":"A vulnerability classified as problematic has been found in PHPGurukul Bank Locker Management System 1.0. This affects an unknown part of the file add-locker-form.php of the component Assign Locker. The manipulation of the argument ahname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.\n","Classification":{"CVSSScore":"4.8"}},"file_path":"http/cves/2023/CVE-2023-0563.yaml"}
 {"ID":"CVE-2023-0630","Info":{"Name":"Slimstat Analytics \u003c 4.9.3.3 Subscriber - SQL Injection","Severity":"high","Description":"The Slimstat Analytics WordPress plugin before 4.9.3.3 does not prevent subscribers from rendering shortcodes that concatenates attributes directly into an SQL query.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2023/CVE-2023-0630.yaml"}
 {"ID":"CVE-2023-0669","Info":{"Name":"Fortra GoAnywhere MFT - Remote Code Execution","Severity":"high","Description":"Fortra GoAnywhere MFT is susceptible to remote code execution via unsafe deserialization of an arbitrary attacker-controlled object. This stems from a pre-authentication command injection vulnerability in the License Response Servlet.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"http/cves/2023/CVE-2023-0669.yaml"}
 {"ID":"CVE-2023-0942","Info":{"Name":"WordPress Japanized for WooCommerce \u003c2.5.5 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Japanized for WooCommerce plugin before 2.5.5 is susceptible to cross-site scripting via the tab parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-0942.yaml"}
@ -1789,12 +1826,22 @@
 {"ID":"CVE-2023-1177","Info":{"Name":"Mlflow \u003c2.2.1 - Local File Inclusion","Severity":"critical","Description":"Mlflow before 2.2.1 is susceptible to local file inclusion due to path traversal \\..\\filename in GitHub repository mlflow/mlflow. An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-1177.yaml"}
 {"ID":"CVE-2023-1362","Info":{"Name":"unilogies/bumsys \u003c v2.0.2 - Clickjacking","Severity":"medium","Description":"This template checks for the presence of clickjacking prevention headers in the HTTP response, aiming to identify vulnerabilities related to the improper restriction of rendered UI layers or frames in the GitHub repository unilogies/bumsys prior to version 2.0.2.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-1362.yaml"}
 {"ID":"CVE-2023-1434","Info":{"Name":"Odoo - Cross-Site Scripting","Severity":"medium","Description":"Odoo is a business suite that has features for many business-critical areas, such as e-commerce, billing, or CRM. Versions before the 16.0 release are vulnerable to CVE-2023-1434 and is caused by an incorrect content type being set on an API endpoint.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-1434.yaml"}
 {"ID":"CVE-2023-1454","Info":{"Name":"Jeecg-boot 3.5.0 qurestSql - SQL Injection","Severity":"critical","Description":"A vulnerability classified as critical has been found in jeecg-boot 3.5.0. This affects an unknown part of the file jmreport/qurestSql. The manipulation of the argument apiSelectId leads to sql injection. It is possible to initiate the attack remotely.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-1454.yaml"}
 {"ID":"CVE-2023-1496","Info":{"Name":"Imgproxy \u003c 3.14.0 - Cross-site Scripting (XSS)","Severity":"medium","Description":"Cross-site Scripting (XSS) - Reflected in GitHub repository imgproxy/imgproxy prior to 3.14.0.","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2023/CVE-2023-1496.yaml"}
 {"ID":"CVE-2023-1671","Info":{"Name":"Sophos Web Appliance - Remote Code Execution","Severity":"critical","Description":"A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-1671.yaml"}
 {"ID":"CVE-2023-1730","Info":{"Name":"SupportCandy \u003c 3.1.5 - Unauthenticated SQL Injection","Severity":"critical","Description":"The SupportCandy WordPress plugin before 3.1.5 does not validate and escape user input before using it in an SQL statement, which could allow unauthenticated attackers to perform SQL injection attacks.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-1730.yaml"}
 {"ID":"CVE-2023-1835","Info":{"Name":"Ninja Forms \u003c 3.6.22 - Cross-Site Scripting","Severity":"medium","Description":"Ninja Forms before 3.6.22 is susceptible to cross-site scripting via the page parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-1835.yaml"}
 {"ID":"CVE-2023-1890","Info":{"Name":"Tablesome \u003c 1.0.9 - Cross-Site Scripting","Severity":"medium","Description":"Tablesome before 1.0.9 is susceptible to cross-site scripting via the tab parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-1890.yaml"}
 {"ID":"CVE-2023-2023","Info":{"Name":"Custom 404 Pro \u003c 3.7.3 - Cross-Site Scripting","Severity":"medium","Description":"Custom 404 Pro before 3.7.3 is susceptible to cross-site scripting via the search parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-2023.yaml"}
 {"ID":"CVE-2023-20864","Info":{"Name":"VMware Aria Operations for Logs - Unauthenticated Remote Code Execution","Severity":"critical","Description":"VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-20864.yaml"}
 {"ID":"CVE-2023-20887","Info":{"Name":"VMware VRealize Network Insight - Remote Code Execution","Severity":"critical","Description":"VMWare Aria Operations for Networks (vRealize Network Insight) is vulnerable to command injection when accepting user input through the Apache Thrift RPC interface. This vulnerability allows a remote unauthenticated attacker to execute arbitrary commands on the underlying operating system as the root user. The RPC interface is protected by a reverse proxy which can be bypassed. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. A malicious actor can get remote code execution in the context of 'root' on the appliance. VMWare 6.x version are\n vulnerable.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-20887.yaml"}
 {"ID":"CVE-2023-20888","Info":{"Name":"VMware Aria Operations for Networks - Remote Code Execution","Severity":"high","Description":"Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentials may be able to perform a deserialization attack resulting in remote code execution.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-20888.yaml"}
 {"ID":"CVE-2023-20889","Info":{"Name":"VMware Aria Operations for Networks - Code Injection Information Disclosure Vulnerability","Severity":"high","Description":"Aria Operations for Networks contains an information disclosure vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in information disclosure.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-20889.yaml"}
 {"ID":"CVE-2023-2122","Info":{"Name":"Image Optimizer by 10web \u003c 1.0.26 - Cross-Site Scripting","Severity":"medium","Description":"Image Optimizer by 10web before 1.0.26 is susceptible to cross-site scripting via the iowd_tabs_active parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-2122.yaml"}
 {"ID":"CVE-2023-2130","Info":{"Name":"Purchase Order Management v1.0 - SQL Injection","Severity":"critical","Description":"A vulnerability classified as critical has been found in SourceCodester Purchase Order Management System 1.0. Affected is an unknown function of the file /admin/suppliers/view_details.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-226206 is the identifier assigned to this vulnerability.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-2130.yaml"}
 {"ID":"CVE-2023-2252","Info":{"Name":"Directorist \u003c 7.5.4 - Local File Inclusion","Severity":"medium","Description":"Directorist before 7.5.4 is susceptible to Local File Inclusion as it does not validate the file parameter when importing CSV files.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-2252.yaml"}
 {"ID":"CVE-2023-22620","Info":{"Name":"SecurePoint UTM 12.x Session ID Leak","Severity":"medium","Description":"An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows sessionid information disclosure via an invalid authentication attempt. This can afterwards be used to bypass the device's authentication and get access to the administrative interface.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-22620.yaml"}
 {"ID":"CVE-2023-2272","Info":{"Name":"Tiempo.com \u003c= 0.1.2 - Cross-Site Scripting","Severity":"medium","Description":"Tiempo.com before 0.1.2 is susceptible to cross-site scripting via the page parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-2272.yaml"}
 {"ID":"CVE-2023-22897","Info":{"Name":"Securepoint UTM - Leaking Remote Memory Contents","Severity":"medium","Description":"An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows information disclosure of memory contents to be achieved by an authenticated user. Essentially, uninitialized data can be retrieved via an approach in which a sessionid is obtained but not used.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-22897.yaml"}
 {"ID":"CVE-2023-23333","Info":{"Name":"SolarView Compact 6.00 - OS Command Injection","Severity":"critical","Description":"SolarView Compact 6.00 was discovered to contain a command injection vulnerability, attackers can execute commands by bypassing internal restrictions through downloader.php.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-23333.yaml"}
 {"ID":"CVE-2023-23488","Info":{"Name":"WordPress Paid Memberships Pro \u003c2.9.8 - Blind SQL Injection","Severity":"critical","Description":"WordPress Paid Memberships Pro plugin before 2.9.8 contains a blind SQL injection vulnerability in the 'code' parameter of the /pmpro/v1/order REST route. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-23488.yaml"}
@ -1807,26 +1854,33 @@
 {"ID":"CVE-2023-24278","Info":{"Name":"Squidex \u003c7.4.0 - Cross-Site Scripting","Severity":"medium","Description":"Squidex before 7.4.0 contains a cross-site scripting vulnerability via the squid.svg endpoint. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-24278.yaml"}
 {"ID":"CVE-2023-24322","Info":{"Name":"mojoPortal 2.7.0.0 - Cross-Site Scripting","Severity":"medium","Description":"mojoPortal 2.7.0.0 contains a cross-site scripting vulnerability in the FileDialog.aspx component, which can allow an attacker to execute arbitrary web scripts or HTML via a crafted payload injected into the ed and tbi parameters.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-24322.yaml"}
 {"ID":"CVE-2023-24367","Info":{"Name":"Temenos T24 R20 - Cross-Site Scripting","Severity":"medium","Description":"Temenos T24 release 20 contains a reflected cross-site scripting vulnerability via the routineName parameter at genrequest.jsp. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-24367.yaml"}
 {"ID":"CVE-2023-24488","Info":{"Name":"Citrix Gateway and Citrix ADC - Cross-Site Scripting","Severity":"medium","Description":"Citrix ADC and Citrix Gateway versions before 13.1 and 13.1-45.61, 13.0 and 13.0-90.11, 12.1 and 12.1-65.35 contain a cross-site scripting vulnerability due to improper input validation.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-24488.yaml"}
 {"ID":"CVE-2023-24657","Info":{"Name":"phpIPAM - 1.6 - Cross-Site Scripting","Severity":"medium","Description":"phpIPAM 1.6 contains a cross-site scripting vulnerability via the closeClass parameter at /subnet-masks/popup.php. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-24657.yaml"}
 {"ID":"CVE-2023-24733","Info":{"Name":"PMB 7.4.6 - Cross-Site Scripting","Severity":"medium","Description":"PMB 7.4.6 contains a cross-site scripting vulnerability via the query parameter at /admin/convert/export_z3950_new.php. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-24733.yaml"}
 {"ID":"CVE-2023-24735","Info":{"Name":"PMB 7.4.6 - Open Redirect","Severity":"medium","Description":"PMB v7.4.6 contains an open redirect vulnerability via the component /opac_css/pmb.php. An attacker can redirect a user to an external domain via a crafted URL and thereby potentially obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-24735.yaml"}
 {"ID":"CVE-2023-24737","Info":{"Name":"PMB v7.4.6 - Cross-Site Scripting","Severity":"medium","Description":"PMB v7.4.6 allows an attacker to perform a reflected XSS on export_z3950.php via the 'query' parameter.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2023/CVE-2023-24737.yaml"}
 {"ID":"CVE-2023-25135","Info":{"Name":"vBulletin \u003c= 5.6.9 - Pre-authentication Remote Code Execution","Severity":"critical","Description":"vBulletin before 5.6.9 PL1 allows an unauthenticated remote attacker to execute arbitrary code via a crafted HTTP request that triggers deserialization. This occurs because verify_serialized checks that a value is serialized by calling unserialize and then checking for errors.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-25135.yaml"}
 {"ID":"CVE-2023-25157","Info":{"Name":"GeoServer OGC Filter - SQL Injection","Severity":"critical","Description":"GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language (CQL) as part of the Web Feature Service (WFS) and Web Map Service (WMS) protocols. CQL is also supported through the Web Coverage Service (WCS) protocol for ImageMosaic coverages. Users are advised to upgrade to either version 2.21.4, or version 2.22.2 to resolve this issue. Users unable to upgrade should disable the PostGIS Datastore *encode functions* setting to mitigate ``strEndsWith``, ``strStartsWith`` and ``PropertyIsLike `` misuse and enable the PostGIS DataStore *preparedStatements* setting to mitigate the ``FeatureId`` misuse.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-25157.yaml"}
 {"ID":"CVE-2023-25346","Info":{"Name":"ChurchCRM 4.5.3 - Cross-Site Scripting","Severity":"medium","Description":"A reflected cross-site scripting (XSS) vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter of /churchcrm/v2/family/not-found.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-25346.yaml"}
 {"ID":"CVE-2023-25717","Info":{"Name":"Ruckus Wireless Admin - Remote Code Execution","Severity":"critical","Description":"Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-25717.yaml"}
 {"ID":"CVE-2023-26255","Info":{"Name":"STAGIL Navigation for Jira Menu \u0026 Themes \u003c2.0.52 - Local File Inclusion","Severity":"high","Description":"STAGIL Navigation for Jira Menu \u0026 Themes plugin before 2.0.52 is susceptible to local file inclusion via modifying the fileName parameter to the snjCustomDesignConfig endpoint. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can potentially allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-26255.yaml"}
 {"ID":"CVE-2023-26256","Info":{"Name":"STAGIL Navigation for Jira Menu \u0026 Themes \u003c2.0.52 - Local File Inclusion","Severity":"high","Description":"STAGIL Navigation for Jira Menu \u0026 Themes plugin before 2.0.52 is susceptible to local file inclusion via modifying the fileName parameter to the snjFooterNavigationConfig endpoint. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can potentially allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-26256.yaml"}
 {"ID":"CVE-2023-26360","Info":{"Name":"Unauthenticated File Read Adobe ColdFusion","Severity":"critical","Description":"Unauthenticated Arbitrary File Read vulnerability due to deserialization of untrusted data in Adobe ColdFusion. The vulnerability affects ColdFusion 2021 Update 5 and earlier as well as ColdFusion 2018 Update 15 and earlier\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-26360.yaml"}
 {"ID":"CVE-2023-26842","Info":{"Name":"ChurchCRM 4.5.3 - Cross-Site Scripting","Severity":"medium","Description":"A stored Cross-site scripting (XSS) vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the OptionManager.php.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2023/CVE-2023-26842.yaml"}
 {"ID":"CVE-2023-26843","Info":{"Name":"ChurchCRM 4.5.3 - Cross-Site Scripting","Severity":"medium","Description":"A stored Cross-site scripting (XSS) vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the NoteEditor.php.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2023/CVE-2023-26843.yaml"}
 {"ID":"CVE-2023-27008","Info":{"Name":"ATutor \u003c 2.2.1 - Cross Site Scripting","Severity":"medium","Description":"ATutor \u003c 2.2.1 was discovered with a vulnerability, a reflected cross-site scripting (XSS), in ATtutor 2.2.1 via token body parameter.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-27008.yaml"}
 {"ID":"CVE-2023-27159","Info":{"Name":"Appwrite \u003c=1.2.1 - Server-Side Request Forgery","Severity":"medium","Description":"Appwrite through 1.2.1 is susceptible to server-side request forgery via the component /v1/avatars/favicon. An attacker can potentially access network resources and sensitive information via a crafted GET request, thereby also making it possible to modify data and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2023/CVE-2023-27159.yaml"}
 {"ID":"CVE-2023-27179","Info":{"Name":"GDidees CMS v3.9.1 - Arbitrary File Download","Severity":"critical","Description":"GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename parameter at /_admin/imgdownload.php.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-27179.yaml"}
 {"ID":"CVE-2023-27292","Info":{"Name":"OpenCATS - Open Redirect","Severity":"medium","Description":"OpenCATS contains an open redirect vulnerability due to improper validation of user-supplied GET parameters. This, in turn, exposes OpenCATS to possible template injection and obtaining sensitive information, modifying data, and/or executing unauthorized operations.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2023/CVE-2023-27292.yaml"}
 {"ID":"CVE-2023-2732","Info":{"Name":"MStore API \u003c= 3.9.2 - Authentication Bypass","Severity":"critical","Description":"The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.2. This is due to insufficient verification on the user being supplied during the add listing REST API request through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the user id.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-2732.yaml"}
 {"ID":"CVE-2023-27350","Info":{"Name":"PaperCut - Unauthenticated Remote Code Execution","Severity":"critical","Description":"This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetupCompleted class. The issue results from improper access control. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-18987.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-27350.yaml"}
 {"ID":"CVE-2023-27372","Info":{"Name":"SPIP - Remote Command Execution","Severity":"critical","Description":"SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-27372.yaml"}
 {"ID":"CVE-2023-27482","Info":{"Name":"Home Assistant Supervisor - Authentication Bypass","Severity":"critical","Description":"Home Assistant Supervisor is an open source home automation tool. A remotely exploitable vulnerability bypassing authentication for accessing the Supervisor API through Home Assistant has been discovered.This impacts all Home Assistant installation types that use the Supervisor 2023.01.1 or older. Installation types, like Home Assistant Container (for example Docker), or Home Assistant Core manually in a Python environment, are not affected.\n","Classification":{"CVSSScore":"10.0"}},"file_path":"http/cves/2023/CVE-2023-27482.yaml"}
 {"ID":"CVE-2023-27524","Info":{"Name":"Apache Superset - Authentication Bypass","Severity":"high","Description":"Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRET_KEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not affect Superset administrators who have changed the default value for SECRET_KEY config.","Classification":{"CVSSScore":"8.9"}},"file_path":"http/cves/2023/CVE-2023-27524.yaml"}
 {"ID":"CVE-2023-27587","Info":{"Name":"ReadToMyShoe - Generation of Error Message Containing Sensitive Information","Severity":"medium","Description":"ReadToMyShoe generates an error message containing sensitive information prior to commit 8533b01. If an error occurs when adding an article, the website shows the user an error message. If the error originates from the Google Cloud TTS request, it will include the full URL of the request, which contains the Google Cloud API key.\n","Classification":{"CVSSScore":"6.5"}},"file_path":"http/cves/2023/CVE-2023-27587.yaml"}
 {"ID":"CVE-2023-2780","Info":{"Name":"Mlflow \u003c2.3.1 - Local File Inclusion Bypass","Severity":"critical","Description":"Path Traversal: '\\..\\filename' in GitHub repository mlflow/mlflow prior to 2.3.1.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-2780.yaml"}
 {"ID":"CVE-2023-28121","Info":{"Name":"WooCommerce Payments - Unauthorized Admin Access","Severity":"critical","Description":"An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the affected version of the plugin activated.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-28121.yaml"}
 {"ID":"CVE-2023-2822","Info":{"Name":"Ellucian Ethos Identity CAS - Cross-Site Scripting","Severity":"medium","Description":"A vulnerability was found in Ellucian Ethos Identity up to 5.10.5. It has been classified as problematic. Affected is an unknown function of the file /cas/logout. The manipulation of the argument url leads to cross site scripting. It is possible to launch the attack remotely.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-2822.yaml"}
 {"ID":"CVE-2023-2825","Info":{"Name":"GitLab 16.0.0 - Path Traversal","Severity":"critical","Description":"An issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an attachment exists in a public project nested within at least five groups\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-2825.yaml"}
 {"ID":"CVE-2023-28343","Info":{"Name":"Altenergy Power Control Software C1.2.5 - Remote Command Injection","Severity":"critical","Description":"Altenergy Power Control Software C1.2.5 is susceptible to remote command injection via shell metacharacters in the index.php/management/set_timezone parameter, because of set_timezone in models/management_model.php. An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized operations without entering necessary credentials.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-28343.yaml"}
 {"ID":"CVE-2023-28432","Info":{"Name":"MinIO Cluster Deployment - Information Disclosure","Severity":"high","Description":"MinIO is susceptible to information disclosure. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including MINIO_SECRET_KEY and MINIO_ROOT_PASSWORD. An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized operations without entering necessary credentials. All users of distributed deployment are impacted.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-28432.yaml"}
@ -1834,14 +1888,34 @@
 {"ID":"CVE-2023-29489","Info":{"Name":"cPanel - Cross-Site Scripting","Severity":"medium","Description":"An issue was discovered in cPanel before 11.109.9999.116. Cross Site Scripting can occur on the cpsrvd error page via an invalid webcall ID.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-29489.yaml"}
 {"ID":"CVE-2023-29622","Info":{"Name":"Purchase Order Management v1.0 - SQL Injection","Severity":"critical","Description":"Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /purchase_order/admin/login.php.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-29622.yaml"}
 {"ID":"CVE-2023-29623","Info":{"Name":"Purchase Order Management v1.0 - Cross Site Scripting (Reflected)","Severity":"medium","Description":"Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the password parameter at /purchase_order/classes/login.php.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-29623.yaml"}
 {"ID":"CVE-2023-2982","Info":{"Name":"Miniorange Social Login and Register \u003c= 7.6.3 - Authentication Bypass","Severity":"critical","Description":"The WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 7.6.4. This is due to insufficient encryption on the user being supplied during a login validated through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they know the email address associated with that user. This was partially patched in version 7.6.4 and fully patched in version 7.6.5.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-2982.yaml"}
 {"ID":"CVE-2023-29887","Info":{"Name":"Nuovo Spreadsheet Reader 0.5.11 - Local File Inclusion","Severity":"high","Description":"A Local File inclusion vulnerability in test.php in spreadsheet-reader 0.5.11 allows remote attackers to include arbitrary files via the File parameter.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-29887.yaml"}
 {"ID":"CVE-2023-29919","Info":{"Name":"SolarView Compact \u003c= 6.00 - Local File Inclusion","Severity":"high","Description":"There is an arbitrary read file vulnerability in SolarView Compact 6.00 and below, attackers can bypass authentication to read files through texteditor.php\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-29919.yaml"}
 {"ID":"CVE-2023-29922","Info":{"Name":"PowerJob V4.3.1 - Authentication Bypass","Severity":"high","Description":"PowerJob V4.3.1 is vulnerable to Incorrect Access Control via the create user/save interface.\n","Classification":{"CVSSScore":"8.9"}},"file_path":"http/cves/2023/CVE-2023-29922.yaml"}
 {"ID":"CVE-2023-29923","Info":{"Name":"PowerJob \u003c=4.3.2 - Unauthenticated Access","Severity":"medium","Description":"PowerJob V4.3.1 is vulnerable to Insecure Permissions. via the list job interface.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-29923.yaml"}
 {"ID":"CVE-2023-30019","Info":{"Name":"Imgproxy \u003c= 3.14.0 - Server-side request forgery (SSRF)","Severity":"medium","Description":"imgproxy \u003c=3.14.0 is vulnerable to Server-Side Request Forgery (SSRF) due to a lack of sanitization of the imageURL parameter.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2023/CVE-2023-30019.yaml"}
 {"ID":"CVE-2023-30210","Info":{"Name":"OURPHP \u003c= 7.2.0 - Cross Site Scripting","Severity":"medium","Description":"OURPHP \u003c= 7.2.0 is vulnerable to Cross Site Scripting (XSS) via /client/manage/ourphp_tz.php.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-30210.yaml"}
 {"ID":"CVE-2023-30212","Info":{"Name":"OURPHP \u003c= 7.2.0 -  Cross Site Scripting","Severity":"medium","Description":"OURPHP \u003c= 7.2.0 is vulnerale to Cross Site Scripting (XSS) via /client/manage/ourphp_out.php.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-30212.yaml"}
 {"ID":"CVE-2023-30256","Info":{"Name":"Webkul QloApps 1.5.2 - Cross-site Scripting","Severity":"medium","Description":"Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back and email_create parameters in the AuthController.php file.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-30256.yaml"}
 {"ID":"CVE-2023-30777","Info":{"Name":"Advanced Custom Fields \u003c 6.1.6 - Cross-Site Scripting","Severity":"medium","Description":"Advanced Custom Fields beofre 6.1.6 is susceptible to cross-site scripting via the post_status parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-30777.yaml"}
 {"ID":"CVE-2023-31059","Info":{"Name":"Repetier Server - Directory Traversal","Severity":"high","Description":"Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-31059.yaml"}
 {"ID":"CVE-2023-31548","Info":{"Name":"ChurchCRM v4.5.3 - Cross-Site Scripting","Severity":"medium","Description":"A stored Cross-site scripting (XSS) vulnerability in the FundRaiserEditor.php component of ChurchCRM v4.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2023/CVE-2023-31548.yaml"}
 {"ID":"CVE-2023-32235","Info":{"Name":"Ghost CMS \u003c 5.42.1 - Path Traversal","Severity":"medium","Description":"Ghost before 5.42.1 allows remote attackers to read arbitrary files within the active theme's folder via /assets/built%2F..%2F..%2F/ directory traversal. This occurs in frontend/web/middleware/static-theme.js.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-32235.yaml"}
 {"ID":"CVE-2023-32243","Info":{"Name":"WordPress Elementor Lite 5.7.1 - Arbitrary Password Reset","Severity":"critical","Description":"Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-32243.yaml"}
 {"ID":"CVE-2023-32315","Info":{"Name":"Openfire Administration Console - Authentication Bypass","Severity":"high","Description":"Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative console, a web-based application, was found to be vulnerable to a path traversal attack via the setup environment. This permitted an unauthenticated user to use the unauthenticated Openfire Setup Environment in an already configured Openfire environment to access restricted pages in the Openfire Admin Console reserved for administrative users. This vulnerability affects all versions of Openfire that have been released since April 2015, starting with version 3.10.0.\n","Classification":{"CVSSScore":"8.6"}},"file_path":"http/cves/2023/CVE-2023-32315.yaml"}
 {"ID":"CVE-2023-33439","Info":{"Name":"Faculty Evaluation System v1.0 - SQL Injection","Severity":"high","Description":"Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_task.php?id=\n","Classification":{"CVSSScore":"7.2"}},"file_path":"http/cves/2023/CVE-2023-33439.yaml"}
 {"ID":"CVE-2023-33510","Info":{"Name":"Jeecg P3 Biz Chat - Local File Inclusion","Severity":"high","Description":"Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files through specific parameters.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-33510.yaml"}
 {"ID":"CVE-2023-33568","Info":{"Name":"Dolibarr Unauthenticated Contacts Database Theft","Severity":"high","Description":"An issue in Dolibarr 16 before 16.0.5 allows unauthenticated attackers to perform a database dump and access a company's entire customer file, prospects, suppliers, and employee information if a contact file exists.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-33568.yaml"}
 {"ID":"CVE-2023-34362","Info":{"Name":"MOVEit Transfer - Remote Code Execution","Severity":"critical","Description":"In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, and execute SQL statements that alter or delete database elements. NOTE: this is exploited in the wild in May and June 2023; exploitation of unpatched systems can occur via HTTP or HTTPS. All versions (e.g., 2020.0 and 2019x) before the five explicitly mentioned versions are affected, including older unsupported versions.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-34362.yaml"}
 {"ID":"CVE-2023-34537","Info":{"Name":"Hoteldruid 3.0.5 - Cross-Site Scripting","Severity":"medium","Description":"A Reflected XSS was discovered in HotelDruid version 3.0.5, an attacker can issue malicious code/command on affected webpage's parameter to trick user on browser and/or exfiltrate data.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2023/CVE-2023-34537.yaml"}
 {"ID":"CVE-2023-34598","Info":{"Name":"Gibbon v25.0.0 - Local File Inclusion","Severity":"high","Description":"Gibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI) vulnerability where it's possible to include the content of several files present in the installation folder in the server's response.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-34598.yaml"}
 {"ID":"CVE-2023-34599","Info":{"Name":"Gibbon v25.0.0 - Cross-Site Scripting","Severity":"medium","Description":"Multiple Cross-Site Scripting (XSS) vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-34599.yaml"}
 {"ID":"CVE-2023-34659","Info":{"Name":"JeecgBoot 3.5.0 - SQL Injection","Severity":"critical","Description":"jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jmreport/show interface.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-34659.yaml"}
 {"ID":"CVE-2023-34843","Info":{"Name":"Traggo Server - Local File Inclusion","Severity":"high","Description":"traggo/server version 0.3.0 is vulnerable to directory traversal.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-34843.yaml"}
 {"ID":"CVE-2023-34960","Info":{"Name":"Chamilo Command Injection","Severity":"high","Description":"","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-34960.yaml"}
 {"ID":"CVE-2023-35843","Info":{"Name":"NocoDB version \u003c= 0.106.1 - Arbitrary File Read","Severity":"high","Description":"NocoDB through 0.106.1 has a path traversal vulnerability that allows an unauthenticated attacker to access arbitrary files on the server by manipulating the path parameter of the /download route. This vulnerability could allow an attacker to access sensitive files and data on the server, including configuration files, source code, and other sensitive information.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-35843.yaml"}
 {"ID":"CVE-2023-35844","Info":{"Name":"Lightdash version \u003c= 0.510.3 Arbitrary File Read","Severity":"high","Description":"packages/backend/src/routers in Lightdash before 0.510.3\nhas insecure file endpoints, e.g., they allow .. directory\ntraversal and do not ensure that an intended file extension\n(.csv or .png) is used.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-35844.yaml"}
 {"ID":"CVE-2023-36287","Info":{"Name":"Webkul QloApps 1.6.0 - Cross-site Scripting","Severity":"medium","Description":"An unauthenticated Cross-Site Scripting (XSS) vulnerability found in Webkul QloApps 1.6.0 allows an attacker to obtain a user's session cookie and then impersonate that user via POST controller parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-36287.yaml"}
 {"ID":"CVE-2023-36289","Info":{"Name":"Webkul QloApps 1.6.0 - Cross-site Scripting","Severity":"medium","Description":"An unauthenticated Cross-Site Scripting (XSS) vulnerability found in Webkul QloApps 1.6.0 allows an attacker to obtain a user's session cookie and then impersonate that user via POST email_create and back parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-36289.yaml"}
 {"ID":"CVE-2023-36346","Info":{"Name":"POS Codekop v2.0 - Cross-site Scripting","Severity":"medium","Description":"POS Codekop v2.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the nm_member parameter at print.php.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-36346.yaml"}
 {"ID":"CVE-2023-36934","Info":{"Name":"MOVEit Transfer - SQL Injection","Severity":"critical","Description":"In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), a SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database. An attacker could submit a crafted payload to a MOVEit Transfer application endpoint that could result in modification and disclosure of MOVEit database content.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-36934.yaml"}
--- a/cves.json-checksum.txt
+++ b/cves.json-checksum.txt
@ -1 +1,2 @@
-6a8d52a6e0f4ae54ace3ababe34a2385
+62da879e5a5e489841b61d1e2b15bc19
--- a/dns/azure-takeover-detection.yaml
+++ b/dns/azure-takeover-detection.yaml
@ -54,5 +54,3 @@ dns:
        group: 1
        regex:
          - "IN\tCNAME\t(.+)"
 # Enhanced by mp on 2022/03/13
--- a/dns/detect-dangling-cname.yaml
+++ b/dns/detect-dangling-cname.yaml
@ -35,5 +35,3 @@ dns:
        group: 1
        regex:
          - "IN\tCNAME\t(.+)"
 # Enhanced by mp on 2022/03/13
--- a/dns/dmarc-detect.yaml
+++ b/dns/dmarc-detect.yaml
@ -26,5 +26,3 @@ dns:
        group: 1
        regex:
          - "IN\tTXT\t(.+)"
 # Enhanced by md on 2023/04/20
--- a/dns/dns-waf-detect.yaml
+++ b/dns/dns-waf-detect.yaml
@ -169,5 +169,3 @@ dns:
        name: edns
        words:
          - ".iidns.com"
 # Enhanced by mp on 2022/03/13
--- a/dns/dnssec-detection.yaml
+++ b/dns/dnssec-detection.yaml
@ -22,5 +22,3 @@ dns:
      - type: regex
        regex:
          - "IN\tDS\t(.+)"
 # Enhanced by mp on 2022/03/14
--- a/dns/ec2-detection.yaml
+++ b/dns/ec2-detection.yaml
@ -22,5 +22,3 @@ dns:
        regex:
          - "ec2-[-\\d]+\\.compute[-\\d]*\\.amazonaws\\.com"
          - "ec2-[-\\d]+\\.[\\w\\d\\-]+\\.compute[-\\d]*\\.amazonaws\\.com"
 # Enhanced by mp on 2022/03/14
--- a/dns/elasticbeantalk-takeover.yaml
+++ b/dns/elasticbeantalk-takeover.yaml
@ -47,5 +47,3 @@ dns:
        group: 1
        regex:
          - "IN\tCNAME\t(.+)"
 # Enhanced by mp on 2022/03/14
--- a/dns/mx-fingerprint.yaml
+++ b/dns/mx-fingerprint.yaml
@ -28,5 +28,3 @@ dns:
        group: 1
        regex:
          - "IN\tMX\t(.+)"
 # Enhanced by mp on 2022/03/14
--- a/dns/mx-service-detector.yaml
+++ b/dns/mx-service-detector.yaml
@ -81,5 +81,3 @@ dns:
        words:
          - "mx1-us1.ppe-hosted.com"
          - "mx2-us1.ppe-hosted.com"
 # Enhanced by mp on 2022/03/14
--- a/dns/nameserver-fingerprint.yaml
+++ b/dns/nameserver-fingerprint.yaml
@ -25,5 +25,3 @@ dns:
        group: 1
        regex:
          - "IN\tNS\t(.+)"
 # Enhanced by mp on 2022/03/14
--- a/dns/ptr-fingerprint.yaml
+++ b/dns/ptr-fingerprint.yaml
@ -25,5 +25,3 @@ dns:
        group: 1
        regex:
          - "IN\tPTR\t(.+)"
 # Enhanced by mp on 2022/03/14
--- a/dns/servfail-refused-hosts.yaml
+++ b/dns/servfail-refused-hosts.yaml
@ -21,5 +21,3 @@ dns:
        words:
          - "SERVFAIL"
          - "REFUSED"
 # Enhanced by mp on 2022/03/14
--- a/dns/spoofable-spf-records-ptr.yaml
+++ b/dns/spoofable-spf-records-ptr.yaml
@ -23,5 +23,3 @@ dns:
          - "v=spf1"
          - " ptr "
        condition: and
 # Enhanced by mp on 2022/03/14
--- a/dns/txt-fingerprint.yaml
+++ b/dns/txt-fingerprint.yaml
@ -27,5 +27,3 @@ dns:
        group: 1
        regex:
          - "IN\tTXT\t(.+)"
 # Enhanced by mp on 2022/03/14
--- a/dns/worksites-detection.yaml
+++ b/dns/worksites-detection.yaml
@ -21,5 +21,3 @@ dns:
      - type: word
        words:
          - "69.164.223.206"
 # Enhanced by mp on 2022/03/14
--- a/file/android/adb-backup-enabled.yaml
+++ b/file/android/adb-backup-enabled.yaml
@ -19,5 +19,3 @@ file:
      - type: word
        words:
          - "android:allowBackup=\"true\""
 # Enhanced by mp on 2022/02/09
--- a/file/android/biometric-detect.yaml
+++ b/file/android/biometric-detect.yaml
@ -1,9 +1,14 @@
 id: biometric-detect
 info:
-  name: Biometric or Fingerprint detect
+  name: Android Biometric/Fingerprint - Detect
  author: gaurang
  severity: info
  description: Android Biometric/Fingerprint permission files were detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: android,file
 file:
@ -15,3 +20,5 @@ file:
        words:
          - "android.permission.USE_FINGERPRINT"
          - "android.permission.USE_BIOMETRIC"
 # Enhanced by md on 2023/05/02
--- a/file/android/certificate-validation.yaml
+++ b/file/android/certificate-validation.yaml
@ -1,9 +1,14 @@
 id: improper-certificate-validation
 info:
-  name: Improper Certificate Validation
+  name: Android Improper Certificate Validation - Detect
  author: gaurang
  severity: medium
  description: Android improper certificate validation was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cwe-id: CWE-200
  tags: android,file
 file:
@ -14,3 +19,5 @@ file:
      - type: word
        words:
          - "Landroid/webkit/SslErrorHandler;->proceed()V"
 # Enhanced by md on 2023/05/02
--- a/file/android/content-scheme.yaml
+++ b/file/android/content-scheme.yaml
@ -1,9 +1,14 @@
 id: content-scheme
 info:
-  name: Content Scheme Enabled
+  name: Android Content Scheme - Detect
  author: gaurang
  severity: info
  description: Android content scheme enabling was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: android,file
 file:
@ -14,3 +19,5 @@ file:
      - type: word
        words:
          - "android:scheme=\"content\""
 # Enhanced by md on 2023/05/03
--- a/file/android/debug-enabled.yaml
+++ b/file/android/debug-enabled.yaml
@ -4,6 +4,7 @@ info:
  name: Android Debug Enabled
  author: gaurang
  severity: low
  description: Android debug enabling was detected.
  tags: android,file
 file:
--- a/file/android/deep-link-detect.yaml
+++ b/file/android/deep-link-detect.yaml
@ -1,13 +1,18 @@
 id: deep-link-detect
 info:
-  name: Deep Link Detection
+  name: Android Deep Link - Detect
  author: Hardik-Solanki
  severity: info
  description: Android deep link functionality was detected.
  reference:
    - https://developer.android.com/training/app-links/deep-linking
    - https://www.geeksforgeeks.org/deep-linking-in-android-with-example/
    - https://medium.com/@muratcanbur/intro-to-deep-linking-on-android-1b9fe9e38abd
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  metadata:
    verified: true
  tags: android,file,deeplink
@ -24,3 +29,5 @@ file:
          - "android:host"
          - "android:name"
        condition: and
 # Enhanced by md on 2023/05/02
--- a/file/android/dynamic-broadcast-receiver.yaml
+++ b/file/android/dynamic-broadcast-receiver.yaml
@ -1,9 +1,14 @@
 id: dynamic-registered-broadcast-receiver
 info:
-  name: Dynamic Registered Broadcast Receiver
+  name: Android Dynamic Broadcast Receiver Register - Detect
  author: gaurang
  severity: info
  description: Android dynamic broadcast receiver register functionality was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: android,file
 file:
@ -14,3 +19,5 @@ file:
      - type: word
        words:
          - ";->registerReceiver(Landroid/content/BroadcastReceiver;Landroid/content/IntentFilter;)"
 # Enhanced by md on 2023/05/02
--- a/file/android/file-scheme.yaml
+++ b/file/android/file-scheme.yaml
@ -1,9 +1,14 @@
 id: file-scheme
 info:
-  name: File Scheme Enabled
+  name: Android File Scheme - Detect
  author: gaurang
  severity: info
  description: Android file scheme enabling was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: android,file
 file:
@ -14,3 +19,5 @@ file:
      - type: word
        words:
          - "android:scheme=\"file\""
 # Enhanced by md on 2023/05/03
--- a/file/android/provider-path.yaml
+++ b/file/android/provider-path.yaml
@ -1,9 +1,14 @@
 id: insecure-provider-path
 info:
-  name: Insecure Provider Path
+  name: Android Insecure Provider Path - Detect
  author: gaurang
  severity: medium
  description: Android insecure provider path was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cwe-id: CWE-200
  tags: android,file
 file:
@ -15,3 +20,5 @@ file:
        regex:
          - "root-path name=\"[0-9A-Za-z\\-_]{1,10}\" path=\".\""
          - "root-path name=\"[0-9A-Za-z\\-_]{1,10}\" path=\"\""
 # Enhanced by md on 2023/05/02
--- a/file/android/webview-addjavascript-interface.yaml
+++ b/file/android/webview-addjavascript-interface.yaml
@ -1,9 +1,14 @@
 id: webview-addjavascript-interface
 info:
-  name: Webview addJavascript Interface Usage
+  name: Android WebView Add Javascript Interface - Detect
  author: gaurang
  severity: info
  description: Android WebView Add Javascript interface usage was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cwe-id: CWE-200
  tags: android,file
 file:
@ -14,3 +19,5 @@ file:
      - type: word
        words:
          - ";->addJavascriptInterface(Ljava/lang/Object;Ljava/lang/String;)V"
 # Enhanced by md on 2023/05/02
--- a/file/android/webview-javascript.yaml
+++ b/file/android/webview-javascript.yaml
@ -1,9 +1,14 @@
 id: webview-javascript-enabled
 info:
-  name: Webview JavaScript enabled
+  name: WebView JavaScript - Detect
  author: gaurang
  severity: info
  description: WebView Javascript enabling was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: android,file,javascript
 file:
@ -14,3 +19,5 @@ file:
      - type: word
        words:
          - "Landroid/webkit/WebSettings;->setJavaScriptEnabled(Z)V"
 # Enhanced by md on 2023/05/03
--- a/file/android/webview-load-url.yaml
+++ b/file/android/webview-load-url.yaml
@ -1,9 +1,14 @@
 id: webview-load-url
 info:
-  name: Webview loadUrl usage
+  name: WebView loadUrl - Detect
  author: gaurang
  severity: info
  description: WebView loadUrl usage was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: android,file
 file:
@ -14,3 +19,5 @@ file:
      - type: word
        words:
          - "Landroid/webkit/WebView;->loadUrl(Ljava/lang/String;)V"
 # Enhanced by md on 2023/05/02
--- a/file/android/webview-universal-access.yaml
+++ b/file/android/webview-universal-access.yaml
@ -1,9 +1,14 @@
 id: webview-universal-access
 info:
-  name: Webview Universal Access enabled
+  name: Android WebView Universal Access - Detect
  author: gaurang
  severity: medium
  description: Android WebView Universal Access enabling was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cwe-id: CWE-200
  tags: android,file
 file:
@ -14,3 +19,5 @@ file:
      - type: word
        words:
          - "Landroid/webkit/WebSettings;->setAllowUniversalAccessFromFileURLs(Z)V"
 # Enhanced by md on 2023/05/03
--- a/file/audit/cisco/configure-aaa-service.yaml
+++ b/file/audit/cisco/configure-aaa-service.yaml
@ -1,13 +1,17 @@
 id: configure-aaa-service
 info:
-  name: Configure AAA service
+  name: Cisco AAA Service Configuration - Detect
  author: pussycat0x
  severity: info
  description: |
-      Authentication, authorization and accounting (AAA) services provide an authoritative source for managing and monitoring access for devices.
+      Cisco authentication, authorization and accounting service configuration was detected.
  reference:
    - https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/a1/sec-a1-cr-book/sec-cr-a2.html#GUID-E05C2E00-C01E-4053-9D12-EC37C7E8EEC5
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: cisco,config-audit,cisco-switch,file,router
 file:
@ -24,3 +28,5 @@ file:
      - type: word
        words:
          - "configure terminal"
 # Enhanced by md on 2023/05/02
--- a/file/audit/cisco/configure-service-timestamps-debug.yaml
+++ b/file/audit/cisco/configure-service-timestamps-debug.yaml
@ -1,13 +1,17 @@
 id: configure-service-timestamps-debug
 info:
-  name: Configure Service Timestamps for Debug
+  name: Cisco Configure Service Timestamps for Debug - Detect
  author: pussycat0x
  severity: info
  description: |
-      To configure the system to time-stamp debugging or logging messages, use one of the service timestamps global configuration commands. Use the no form of this command to disable this service.
+     The configuration for service timestamps on Cisco devices was not implemented for debugging purposes. It's important to note that timestamps can be added to either debugging or logging messages independently.
  reference:
    - https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: cisco,config-audit,cisco-switch,file,router
 file:
@ -24,3 +28,5 @@ file:
      - type: word
        words:
          - "configure terminal"
 # Enhanced by md on 2023/05/02
--- a/file/audit/cisco/configure-service-timestamps-logmessages.yaml
+++ b/file/audit/cisco/configure-service-timestamps-logmessages.yaml
@ -1,13 +1,17 @@
 id: configure-service-log-messages
 info:
-  name: Configure Service Timestamps Log Messages
+  name: Cisco Configure Service Timestamps Log Messages - Detect
  author: pussycat0x
  severity: info
  description: |
-      To configure the system to time-stamp debugging or logging messages, use one of the service timestamps global configuration commands. Use the no form of this command to disable this service.
+      Cisco service timestamp configuration for log messages was not implemented.
  reference:
    - https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: cisco,config-audit,cisco-switch,file,router
 file:
@ -24,3 +28,5 @@ file:
      - type: word
        words:
          - "configure terminal"
 # Enhanced by md on 2023/05/02
--- a/file/audit/cisco/disable-ip-source-route.yaml
+++ b/file/audit/cisco/disable-ip-source-route.yaml
@ -1,13 +1,18 @@
 id: disable-ip-source-route
 info:
-  name: Disable IP source-route
+  name: Cisco Disable IP Source-Route - Detect
  author: pussycat0x
  severity: info
  description: |
-      Organizations should plan and implement network policies to ensure unnecessary services are explicitly disabled. The 'ip source-route' feature has been used in several attacks and should be disabled.
+      Cisco IP source-route functionality has been utilized in several attacks. An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized operations.
  remediation: Disable IP source-route where appropriate.
  reference:
    - https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr/command/ipaddr-cr-book/ipaddr-i4.html#GUID-C7F971DD-358F-4B43-9F3E-244F5D4A3A93
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: cisco,config-audit,cisco-switch,file,router
 file:
--- a/file/audit/cisco/disable-pad-service.yaml
+++ b/file/audit/cisco/disable-pad-service.yaml
@ -1,13 +1,17 @@
 id: disable-pad-service
 info:
-  name: Disable PAD service
+  name: Cisco Disable PAD - Detect
  author: pussycat0x
  severity: info
  description: |
-      To reduce the risk of unauthorized access, organizations should implement a security policy restricting unnecessary services such as the 'PAD' service.
+      Cisco PAD service has proven vulnerable to attackers. To reduce the risk of unauthorized access, organizations should implement a security policy restricting or disabling unnecessary access.
  reference:
    - http://www.cisco.com/en/US/docs/ios-xml/ios/wan/command/wan-s1.html#GUID-C5497B77-3FD4-4D2F-AB08-1317D5F5473B
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: cisco,config-audit,cisco-switch,file,router
 file:
--- a/file/audit/cisco/logging-enable.yaml
+++ b/file/audit/cisco/logging-enable.yaml
@ -1,13 +1,17 @@
 id: logging-enable
 info:
-  name: Logging enable
+  name: Cisco Logging Enable - Detect
  author: pussycat0x
  severity: info
  description: |
-      Enabling the Cisco IOS 'logging enable' command enforces the monitoring of technology risks for the organizations' network devices.
+      Cisco logging 'logging enable' enable command enforces the monitoring of technology risks for organizations' network devices.
  reference:
    - https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/config-mgmt/configuration/xe-16-6/config-mgmt-xe-16-6-book/cm-config-logger.pdf
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: cisco,config-audit,cisco-switch,file
 file:
@ -24,3 +28,5 @@ file:
      - type: word
        words:
          - "configure terminal"
 # Enhanced by md on 2023/05/03
--- a/file/audit/cisco/set-and-secure-passwords.yaml
+++ b/file/audit/cisco/set-and-secure-passwords.yaml
@ -1,13 +1,17 @@
 id: set-and-secure-passwords
 info:
-  name: Set and secure passwords
+  name: Cisco Set and Secure Password - Detect
  author: pussycat0x
  severity: info
  description: |
-      To set a local password to control access to various privilege levels, use the enable password command in global configuration mode. To remove the password requirement, use the no form of this command.
+      Cisco set and secure password functionality is recommended to control privilege level access. To set a local password to control access to various privilege levels, use the enable password command in global configuration mode. To remove the password requirement, use the no form of this command.
  reference:
    - https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/d1/sec-d1-cr-book/sec-cr-e1.html#wp3884449514
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: cisco,config-audit,cisco-switch,file
 file:
@ -24,3 +28,5 @@ file:
      - type: word
        words:
          - "configure terminal"
 # Enhanced by md on 2023/05/03
--- a/file/audit/fortigate/auto-usb-install.yaml
+++ b/file/audit/fortigate/auto-usb-install.yaml
@ -1,11 +1,15 @@
 id: auto-usb-install
 info:
-  name: Auto USB Installation Enabled
+  name: Fortinet Auto USB Installation Enabled - Detect
  author: pussycat0x
  severity: info
-  description: If USB installation is not disabled, an attacker with physical access to a FortiGate could load a new configuration or firmware using the USB port.
+  description: Via Fortinet Auto USB installation, an attacker with physical access to a FortiGate can load a new configuration or firmware using the USB port, thereby potentially being able to obtain sensitive information, modify data, and/or execute unauthorized operations.
  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: audit,config,file,firewall,fortigate
 file:
@ -26,3 +30,5 @@ file:
          - "config router"
          - "config firewall"
        condition: or
 # Enhanced by md on 2023/05/03
--- a/file/audit/fortigate/heuristic-scan.yaml
+++ b/file/audit/fortigate/heuristic-scan.yaml
@ -1,11 +1,16 @@
 id: heuristic-scan
 info:
-  name: Heuristic scanning is not configured
+  name: Fortinet Heuristic Scanning not Configured - Detect
  author: pussycat0x
  severity: info
-  description: Heuristic scanning is a technique used to identify previously unknown viruses. A value of block enables heuristic AV scanning of binary files and blocks any detected. A replacement message will be forwarded to the recipient. Blocked files are quarantined if quarantine is enabled.
+  description: |
    Fortinet heuristic scanning configuration is advised to thwart attacks. Heuristic scanning is a technique used to identify previously unknown viruses. A value of block enables heuristic AV scanning of binary files and blocks any detected. A replacement message is forwarded to the recipient, and blocked files are quarantined if quarantine is enabled.
  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: audit,config,file,firewall,fortigate
 file:
@ -26,3 +31,5 @@ file:
          - "config router"
          - "config firewall"
        condition: or
 # Enhanced by md on 2023/05/03
--- a/file/audit/fortigate/inactivity-timeout.yaml
+++ b/file/audit/fortigate/inactivity-timeout.yaml
@ -1,11 +1,15 @@
 id: inactivity-timeout
 info:
-  name: Inactivity Timeout Not Implemented
+  name: Fortinet Inactivity Timeout Not Implemented - Detect
  author: pussycat0x
  severity: info
-  description: Lack of Inactivity Timeout gives the unauthorized user to act within that threshold if the administrator is away from the computer.
+  description: If Fortinet inactivity timeout functionality is disabled, an attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized operations within that window if the administrator is away from the computer.
  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: audit,config,file,firewall,fortigate
 file:
@ -25,3 +29,5 @@ file:
          - "config router"
          - "config firewall"
        condition: or
 # Enhanced by md on 2023/05/03
--- a/file/audit/fortigate/maintainer-account.yaml
+++ b/file/audit/fortigate/maintainer-account.yaml
@ -1,11 +1,15 @@
 id: maintainer-account
 info:
-  name: Maintainer Account Not Implemented
+  name: Fortinet Maintainer Account Not Implemented - Detect
  author: pussycat0x
  severity: info
-  description: If the FortiGate is compromised and Password is not recoverable. A maintainer account can be used by an administrator with physical access to log into CLI..
+  description: In Fortinet, if a FortiGate is compromised and the password is not recoverable, a maintainer account can be used by an administrator with physical access to log into CLI.
  reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: audit,config,file,firewall,fortigate
 file:
--- a/file/audit/fortigate/password-policy.yaml
+++ b/file/audit/fortigate/password-policy.yaml
@ -1,11 +1,15 @@
 id: password-policy
 info:
-  name: Password Policy not Set
+  name: Fortinet Password Policy Not Set - Detect
  author: pussycat0x
  severity: info
-  description: The Administrative Password Policy is not set. Use the password policy feature to ensure all administrators use secure passwords that meet your organization's requirements.
+  description: Fortinet administrative password policy is not set. Using this feature is recommended to ensure all administrators use secure passwords that meet organizations' requirements.
  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: fortigate,config,audit,file,firewall
 file:
--- a/file/audit/fortigate/remote-auth-timeout.yaml
+++ b/file/audit/fortigate/remote-auth-timeout.yaml
@ -1,11 +1,16 @@
 id: remote-auth-timeout
 info:
-  name: Remote Authentication timeout not set
+  name: Fortinet Remote Authentication Timeout Not Set - Detect
  author: pussycat0x
  severity: info
-  description: Lack of Inactivity Timeout gives the unauthorized user to act within that threshold if the administrator is away from the computer.
+  description: Fortinet remote authentication timeout functionality is recommended to be enabled. Lack of a set timeout can allow an attacker to act within that threshold if the administrator is away from the computer, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorized operations.
-  reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
+  reference:
    - https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: audit,config,file,firewall,fortigate
 file:
--- a/file/audit/fortigate/scp-admin.yaml
+++ b/file/audit/fortigate/scp-admin.yaml
@ -1,11 +1,15 @@
 id: scp-admin
 info:
-  name: Admin-SCP Disabled
+  name: Fortinet Admin-SCP Disabled - Detect
  author: pussycat0x
  severity: info
-  description: Disable SCP by default. Enabling SCP allows downloading the configuration file from the FortiGate as an alternative method of backing up the configuration file.
+  description: Fortinet Admin-SCP functionality is recommended to be disabled by default. Enabling SCP allows download of the configuration file from the FortiGate as an alternative method of backing up the configuration file.
  reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: audit,config,file,firewall,fortigate
 file:
--- a/file/audit/pfsense/configure-dns-server.yaml
+++ b/file/audit/pfsense/configure-dns-server.yaml
@ -1,13 +1,17 @@
 id: configure-dns-server
 info:
-  name: Configure DNS Server
+  name: DNS Server Not Implemented - Detect
  author: pussycat0x
  severity: info
  description: |
-     The purpose DNs server is to perform the resolution of system hostnames to Internet Protocol (IP) addresses.
+    DNS is recommended to be configured over TLS. This prevents intermediate parties and potential attackers from viewing the content of DNS queries and can also assure that DNS is being provided by the expected DNS servers.
  reference: |
    https://docs.netgate.com/pfsense/en/latest/recipes/dns-over-tls.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  metadata:
    verified: true
  tags: firewall,config,audit,pfsense,file
@ -28,3 +32,5 @@ file:
          - "<pfsense>"
          - "<system>"
        condition: and
 # Enhanced by md on 2023/05/04
--- a/file/audit/pfsense/configure-session-timeout.yaml
+++ b/file/audit/pfsense/configure-session-timeout.yaml
@ -1,13 +1,17 @@
 id: configure-session-timeout
 info:
-  name: Configure Sessions Timeout
+  name: PfSence Configure Sessions Timeout Not Set - Detect
  author: pussycat0x
  severity: info
  description: |
-    Indefinite or even long session timeout window increase the risk of attackers abusing abandoned sessions.
+    Configure sessions timeout is recommended to be enabled. An indefinite or even long session timeout window can increase the risk of an attacker abusing abandoned sessions and potentially being able to obtain sensitive information, modify data, and/or execute unauthorized operations.
  reference: |
    https://docs.netgate.com/pfsense/en/latest/config/advanced-admin.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  metadata:
    verified: true
  tags: firewall,config,audit,pfsense,file
@ -31,3 +35,5 @@ file:
          - "<webgui>"
          - "<system>"
        condition: and
 # Enhanced by md on 2023/05/04
--- a/file/audit/pfsense/enable-https-protocol.yaml
+++ b/file/audit/pfsense/enable-https-protocol.yaml
@ -1,14 +1,17 @@
 id: enable-https-protocol
 info:
-  name: Enable HTTPS on Web Management
+  name: Pfsence Web Admin Management Portal HTTPS Not Set   - Detect
  author: pussycat0x
  severity: info
  description: |
-    Web Admin Management Portal should only be accessed using HTTPS Protocol.HTTP transmits all data (including passwords) in clear text over the network and
+    PfSence Web Admin Management Portal is recommended to be accessible using only HTTPS protocol. HTTP transmits all data, including passwords, in clear text over the network and provides no assurance of the identity of the hosts involved, making it possible for an attacker to obtain sensitive information, modify data, and/or execute unauthorized operations.
    provides no assurance of the identity of the hosts involved.
  reference: |
    https://docs.netgate.com/pfsense/en/latest/config/advanced-admin.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  metadata:
    verified: true
  tags: firewall,config,audit,pfsense,file
@ -31,3 +34,5 @@ file:
          - "<pfsense>"
          - "<system>"
        condition: and
 # Enhanced by md on 2023/05/04
--- a/file/audit/pfsense/known-default-account.yaml
+++ b/file/audit/pfsense/known-default-account.yaml
@ -1,16 +1,17 @@
 id: known-default-account
 info:
-  name: Known Default Account - Detect
+  name: PfSence Known Default Account - Detect
  author: pussycat0x
  severity: info
  description: |
-    In order to attempt access to known devices' platforms, attackers use the available database of the known default accounts for each platform or Operating System.
+    PfSence configured known default accounts are recommended to be deleted. In order to attempt access to known devices' platforms, an attacker can use the available database of the known default accounts for each platform or operating system. Known default accounts are often, but not limited to, 'admin'.
    The known default accounts are often (without limiting to) the following: 'admin'.
  reference: |
    - https://docs.netgate.com/pfsense/en/latest/usermanager/defaults.html
-  remediation: |
+  classification:
-    Deletes the known default accounts configured.
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: audit,config,file,firewall,pfsense
 file:
@ -25,3 +26,5 @@ file:
          - "<descr><![CDATA[System Administrator]]></descr>"
          - "<priv>user-shell-access</priv>"
        condition: and
 # Enhanced by md on 2023/05/04
--- a/file/audit/pfsense/password-protected-consolemenu.yaml
+++ b/file/audit/pfsense/password-protected-consolemenu.yaml
@ -1,13 +1,17 @@
 id: password-protected-consolemenu
 info:
-  name: Configure Password Protected on Console Menu
+  name: PfSence Consolemenu Password Protection Not Implememnted - Detect
  author: pussycat0x
  severity: info
  description: |
-    An unattended computer with an open Console Menu session to the device could allow an unauthorized user access to the firewall’s management.
+    PfSence password protection via the Console Menu is recommended to be configured. An unattended computer with an open Console Menu session can allow an unauthorized user access to the firewall management.
  reference: |
    https://docs.netgate.com/pfsense/en/latest/config/advanced-admin.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  metadata:
    verified: true
  tags: firewall,config,audit,pfsense,file
@ -31,3 +35,5 @@ file:
          - "<webgui>"
          - "<system>"
        condition: and
 # Enhanced by md on 2023/05/04
--- a/file/audit/pfsense/set-hostname.yaml
+++ b/file/audit/pfsense/set-hostname.yaml
@ -1,14 +1,17 @@
 id: set-hostname
 info:
-  name: Ensure Hostname is Set
+  name: PfSence Hostname Not Set - Detect
  author: pussycat0x
  severity: info
  description: |
-    Ensure Hostname is set is a process that helps to ensure that the computer or device is being identified correctly on a network.
+    PfSence Hostname should be set so that other devices on the network can correctly identify it. The hostname is a unique identifier for the device.
    The hostname is a unique identifier for the device, and it is important that it is properly set so that other devices on the network can identify it.
  reference: |
    https://docs.netgate.com/pfsense/en/latest/config/general.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: firewall,config,audit,pfsense,file
 file:
@ -23,3 +26,5 @@ file:
          - "<hostname></hostname>"
          - "domain>"
        condition: and
 # Enhanced by md on 2023/05/04
--- a/file/electron/electron-version-detect.yaml
+++ b/file/electron/electron-version-detect.yaml
@ -1,11 +1,15 @@
 id: electron-version-detect
 info:
-  name: Electron Version Detect
+  name: Electron Version - Detect
  author: me9187
  severity: info
  reference:
    - https://www.electronjs.org/blog/chromium-rce-vulnerability/
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: electron,file
 file:
--- a/file/electron/node-integration-enabled.yaml
+++ b/file/electron/node-integration-enabled.yaml
@ -20,5 +20,3 @@ file:
      - type: word
        words:
          - "nodeIntegration: true"
 # Enhanced by mp on 2022/05/19
--- a/file/keys/adafruit-key.yaml
+++ b/file/keys/adafruit-key.yaml
@ -0,0 +1,22 @@
 id: adafruit-key
 info:
  name: Adafruit API Key
  author: DhiyaneshDK
  severity: info
  reference:
    - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/adafruit-api-key.yaml
    - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/adafruit-api-key.go
  metadata:
    verified: true
  tags: adafruit,file,keys
 file:
  - extensions:
      - all
    extractors:
      - type: regex
        part: body
        regex:
          - (?i)(?:adafruit)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/adobe/adobe-client.yaml
+++ b/file/keys/adobe/adobe-client.yaml
@ -0,0 +1,22 @@
 id: adobe-client
 info:
  name: Adobe Client ID
  author: DhiyaneshDK
  severity: info
  reference:
    - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/adobe-client-id.yaml
    - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/adobe-client-id.go
  metadata:
    verified: true
  tags: adobe,file,token
 file:
  - extensions:
      - all
    extractors:
      - type: regex
        part: body
        regex:
          - (?i)(?:adobe)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/adobe/adobe-secret.yaml
+++ b/file/keys/adobe/adobe-secret.yaml
--- a/file/keys/airtable-key.yaml
+++ b/file/keys/airtable-key.yaml
@ -0,0 +1,22 @@
 id: airtable-key
 info:
  name: Airtable API Key
  author: DhiyaneshDK
  severity: info
  reference:
    - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/airtable-api-key.yaml
    - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/airtable-api-key.go
  metadata:
    verified: true
  tags: airtable,file,token
 file:
  - extensions:
      - all
    extractors:
      - type: regex
        part: body
        regex:
          - (?i)(?:airtable)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{17})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/algolia-key.yaml
+++ b/file/keys/algolia-key.yaml
@ -0,0 +1,22 @@
 id: algolia-key
 info:
  name: Algolia API Key
  author: DhiyaneshDK
  severity: info
  reference:
    - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/algolia-api-key.yaml
    - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/algolia-api-key.go
  metadata:
    verified: true
  tags: algolia,file,keys
 file:
  - extensions:
      - all
    extractors:
      - type: regex
        part: body
        regex:
          - (?i)(?:algolia)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/alibaba/alibaba-key-id.yaml
+++ b/file/keys/alibaba/alibaba-key-id.yaml
@ -0,0 +1,22 @@
 id: alibaba-key-id
 info:
  name: Alibaba Access Key ID
  author: DhiyaneshDK
  severity: info
  reference:
    - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/alibaba-access-key-id.yaml
    - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/alibaba-access-key-id.go
  metadata:
    verified: true
  tags: alibaba,access,file,keys
 file:
  - extensions:
      - all
    extractors:
      - type: regex
        part: body
        regex:
          - (?i)\b((LTAI)(?i)[a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/alibaba/alibaba-secret-id.yaml
+++ b/file/keys/alibaba/alibaba-secret-id.yaml
@ -0,0 +1,22 @@
 id: alibaba-secret-id
 info:
  name: Alibaba Secret Key ID
  author: DhiyaneshDK
  severity: info
  reference:
    - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/alibaba-secret-key.yaml
    - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/alibaba-secret-key.go
  metadata:
    verified: true
  tags: alibaba,secret,file,keys
 file:
  - extensions:
      - all
    extractors:
      - type: regex
        part: body
        regex:
          - (?i)(?:alibaba)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/amazon/amazon-account-id.yaml
+++ b/file/keys/amazon/amazon-account-id.yaml
@ -1,11 +1,16 @@
 id: amazon-account-id
 info:
-  name: AWS Account ID
+  name: Amazon Web Services Account ID - Detect
  author: DhiyaneshDK
  severity: info
  description: Amazon Web Services Account ID token was detected.
  reference:
    - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/aws.yml
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  metadata:
    verified: true
  tags: aws,amazon,token,file
@ -19,3 +24,5 @@ file:
        part: body
        regex:
          - '(?i)aws_?(?:account)_?(?:id)?["''`]?\s{0,30}(?::|=>|=)\s{0,30}["''`]?([0-9]{4}-?[0-9]{4}-?[0-9]{4})'
 # Enhanced by md on 2023/05/04
--- a/file/keys/amazon/amazon-mws-auth-token.yaml
+++ b/file/keys/amazon/amazon-mws-auth-token.yaml
@ -1,9 +1,14 @@
 id: amazon-mws-auth-token-value
 info:
-  name: Amazon MWS Auth Token
+  name: Amazon MWS Authentication Token - Detect
  author: gaurang
  severity: medium
  description: Amazon MWS authentication token was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cwe-id: CWE-200
  tags: token,file,amazon,auth
 file:
@ -14,3 +19,5 @@ file:
      - type: regex
        regex:
          - "amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"
 # Enhanced by md on 2023/05/04
--- a/file/keys/amazon/amazon-session-token.yaml
+++ b/file/keys/amazon/amazon-session-token.yaml
@ -1,11 +1,16 @@
 id: amazon-session-token
 info:
-  name: Amazon Session Token
+  name: Amazon Session Token - Detect
  author: DhiyaneshDK
  severity: info
  description: Amazon session token was detected.
  reference:
    - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/aws.yml
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  metadata:
    verified: true
  tags: aws,amazon,token,file,session
@ -19,3 +24,5 @@ file:
        part: body
        regex:
          - '(?i)(?:aws.?session|aws.?session.?token|aws.?token)["''`]?\s{0,30}(?::|=>|=)\s{0,30}["''`]?([a-z0-9/+=]{16,200})[^a-z0-9/+=]'
 # Enhanced by md on 2023/05/04
--- a/file/keys/amazon/amazon-sns-token.yaml
+++ b/file/keys/amazon/amazon-sns-token.yaml
@ -1,9 +1,14 @@
 id: amazon-sns-token
 info:
-  name: Amazon SNS Token Detect
+  name: Amazon SNS Token - Detect
  author: TheBinitGhimire
  severity: info
  description: Amazon SNS token was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: file,token,amazon,aws
 file:
@ -15,3 +20,5 @@ file:
        name: amazon-sns-topic
        regex:
          - 'arn:aws:sns:[a-z0-9\-]+:[0-9]+:[A-Za-z0-9\-_]+'
 # Enhanced by md on 2023/05/04
--- a/file/keys/amazon/aws-access-id.yaml
+++ b/file/keys/amazon/aws-access-id.yaml
@ -1,9 +1,14 @@
 id: aws-access-key
 info:
-  name: AWS Access Key ID
+  name: Amazon Web Services Access Key ID - Detect
  author: gaurang
  severity: info
  description: Amazon Web Services Access Key ID token was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: token,file
 file:
@ -14,3 +19,5 @@ file:
      - type: regex
        regex:
          - "(A3T[A-Z0-9]|AKIA|AGPA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}"
 # Enhanced by md on 2023/05/04
--- a/file/keys/amazon/aws-cognito.yaml
+++ b/file/keys/amazon/aws-cognito.yaml
@ -1,9 +1,14 @@
 id: aws-cognito-pool
 info:
-  name: AWS Cognito Pool ID
+  name: Amazon Web Services Cognito Pool ID - Detect
  author: gaurang
  severity: info
  description: Amazon Web Services Cognito Pool ID token was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: token,file
 file:
@ -30,3 +35,5 @@ file:
          - "us-west-1:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}"
          - "us-west-2:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}"
          - "sa-east-1:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}"
 # Enhanced by md on 2023/05/04
--- a/file/keys/asana/asana-clientid.yaml
+++ b/file/keys/asana/asana-clientid.yaml
@ -0,0 +1,22 @@
 id: asana-clientid
 info:
  name: Asana Client ID
  author: DhiyaneshDK
  severity: info
  reference:
    - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/asana-client-id.go
    - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/asana-client-id.yaml
  metadata:
    verified: true
  tags: asana,client,file,keys
 file:
  - extensions:
      - all
    extractors:
      - type: regex
        part: body
        regex:
          - (?i)(?:asana)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/asana/asana-clientsecret.yaml
+++ b/file/keys/asana/asana-clientsecret.yaml
@ -0,0 +1,22 @@
 id: asana-clientsecret
 info:
  name: Asana Client Secret
  author: DhiyaneshDK
  severity: info
  reference:
    - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/asana-client-secret.go
    - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/asana-client-secret.yaml
  metadata:
    verified: true
  tags: asana,client,file,keys,secret
 file:
  - extensions:
      - all
    extractors:
      - type: regex
        part: body
        regex:
          - (?i)(?:asana)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/atlassian/atlassian-api-token.yaml
+++ b/file/keys/atlassian/atlassian-api-token.yaml
@ -0,0 +1,22 @@
 id: atlassian-api-token
 info:
  name: Atlassian API Token
  author: DhiyaneshDK
  severity: info
  reference:
    - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/atlassian-api-token.go
    - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/atlassian-api-token.yaml
  metadata:
    verified: true
  tags: atlassian,file,token,api
 file:
  - extensions:
      - all
    extractors:
      - type: regex
        part: body
        regex:
          - (?i)(?:atlassian|confluence|jira)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/branch-key.yaml
+++ b/file/keys/branch-key.yaml
@ -1,11 +1,16 @@
 id: branch-key
 info:
-  name: Branch.io Live Key
+  name: Branch.io Live Key - Detect
  author: 0xh7ml
  severity: info
  description: Branch.io live key token was detected.
  reference:
    - https://github.com/BranchMetrics/android-branch-deep-linking-attribution/issues/74
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: token,file
 file:
@ -16,3 +21,5 @@ file:
      - type: regex
        regex:
          - "key_live_.{32}"
 # Enhanced by md on 2023/05/04
--- a/file/keys/cloudinary.yaml
+++ b/file/keys/cloudinary.yaml
@ -1,9 +1,14 @@
 id: cloudinary-basic-auth
 info:
-  name: Cloudinary Basic Auth
+  name: Cloudinary Basic Authorization - Detect
  author: gaurang
  severity: high
  description: Cloudinary basic authorization token was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cwe-id: CWE-200
  tags: token,file,cloudinary
 file:
@ -14,3 +19,5 @@ file:
      - type: regex
        regex:
          - "cloudinary://[0-9]{15}:[0-9A-Za-z\\-_]+@[0-9A-Za-z\\-_]+"
 # Enhanced by md on 2023/05/04
--- a/file/keys/code-climate-token.yaml
+++ b/file/keys/code-climate-token.yaml
@ -1,12 +1,17 @@
 id: code-climate-token
 info:
-  name: Code Climate Token
+  name: Code Climate Token - Detect
  author: DhiyaneshDK
  severity: info
  description: Code Climate token was detected.
  reference:
    - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/codeclimate.yml
    - https://github.com/codeclimate/ruby-test-reporter/issues/34
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  metadata:
    verified: true
  tags: codeclimate,token,file
@ -20,3 +25,5 @@ file:
        part: body
        regex:
          - '(?i)codeclima.{0,50}\b([a-f0-9]{64})\b'
 # Enhanced by md on 2023/05/04
--- a/file/keys/cratesio-api-key.yaml
+++ b/file/keys/cratesio-api-key.yaml
@ -1,13 +1,18 @@
 id: cratesio-api-key
 info:
-  name: Crates.io API Key
+  name: Crates.io API Key - Detect
  author: DhiyaneshDK
  severity: info
  description: Crates.io API key was detected.
  reference:
    - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/crates.io.yml
    - https://crates.io/data-access
    - https://github.com/rust-lang/crates.io/blob/master/src/util/token.rs
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  metadata:
    verified: true
  tags: crates,token,file
@ -21,3 +26,5 @@ file:
        part: body
        regex:
          - '\bcio[a-zA-Z0-9]{32}\b'
 # Enhanced by md on 2023/05/04
--- a/file/keys/credential-exposure.yaml
+++ b/file/keys/credential-exposure.yaml
@ -1,6 +1,13 @@
 id: credentials-disclosure-file
-# Extract secrets regex like api keys, password, token, etc ... for different services
+info:
  name: Credentials Disclosure Check
  author: Sy3Omda,geeknik,forgedhallpass,ayadi
  severity: unknown
  description: Check for multiple keys/tokens/passwords hidden inside of files.
  tags: exposure,token,file,disclosure
 # Extract secrets regex like api keys, password, token, etc ... for different services.
 # Always validate the leaked key/tokens/passwords to make sure it's valid, a token/keys without any impact is not an valid issue.
 # Severity is not fixed in this case, it varies from none to critical depending upon impact of disclosed key/tokes.
 # Regex count:- 687
@ -9,14 +16,6 @@ id: credentials-disclosure-file
 # This template requires manual inspection once found valid match.
 # Generic token could be anything matching below regex.
 # Impact of leaked token depends on validation of leaked token.
 info:
  name: Credentials Disclosure Check
  author: Sy3Omda,geeknik,forgedhallpass,ayadi
  severity: unknown
  description: Look for multiple keys/tokens/passwords hidden inside of files.
  tags: exposure,token,file,disclosure
 # The regexes are copied from exposures/tokens/generic/credentials-disclosure.yaml
 # TODO After https://github.com/projectdiscovery/nuclei/issues/1510 is implemented, we should be able to re-use them, instead of duplicating
 # Example cases to match against: https://regex101.com/r/HPtaU2/1
@ -719,3 +718,5 @@ file:
          - "(?i)[\"']?access[_-]?secret[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?"
          - "(?i)[\"']?access[_-]?key[_-]?secret[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?"
          - "(?i)(([a-z0-9]+)[-|_])?(key|password|passwd|pass|pwd|private|credential|auth|cred|creds|secret|access|token)([-|_][a-z]+)?(\\s)*(:|=)+"
 # Enhanced by md on 2023/05/04
--- a/file/keys/credentials.yaml
+++ b/file/keys/credentials.yaml
@ -1,9 +1,14 @@
 id: basic-auth-creds
 info:
-  name: Basic Auth Credentials
+  name: Basic Authorization Credentials Check
  author: gaurang
  severity: high
  description: Basic authorization credentials check was conducted.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cwe-id: CWE-200
  tags: token,file,auth
 file:
@ -14,3 +19,5 @@ file:
      - type: regex
        regex:
          - "[a-zA-Z]{3,10}://[^/\\s:@]{3,20}:[^/\\s:@]{3,20}@.{1,100}[\"'\\s]"
 # Enhanced by md on 2023/05/04
--- a/file/keys/dynatrace-token.yaml
+++ b/file/keys/dynatrace-token.yaml
@ -1,9 +1,14 @@
 id: dynatrace-token
 info:
-  name: Dynatrace Token
+  name: Dynatrace Token - Detect
  author: gaurang
  severity: high
  description: Dynatrace token was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cwe-id: CWE-200
  tags: token,file
 file:
@ -14,3 +19,5 @@ file:
      - type: regex
        regex:
          - "dt0[a-zA-Z]{1}[0-9]{2}\\.[A-Z0-9]{24}\\.[A-Z0-9]{64}"
 # Enhanced by md on 2023/05/04
--- a/file/keys/facebook/facebook-client-id.yaml
+++ b/file/keys/facebook/facebook-client-id.yaml
@ -1,9 +1,14 @@
 id: facebook-client-id
 info:
-  name: Facebook Client ID
+  name: Facebook Client ID - Detect
  author: gaurang
  severity: info
  description: Facebook client ID token was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: token,file,facebook
 file:
@ -14,3 +19,5 @@ file:
      - type: regex
        regex:
          - "(?i)(facebook|fb)(.{0,20})?['\"][0-9]{13,17}['\"]"
 # Enhanced by md on 2023/05/04
--- a/file/keys/facebook/facebook-secret.yaml
+++ b/file/keys/facebook/facebook-secret.yaml
@ -1,9 +1,10 @@
 id: facebook-secret-key
 info:
-  name: Facebook Secret Key
+  name: Facebook Secret Key - Detect
  author: gaurang
  severity: low
  description: Facebook secret key token was detected.
  tags: token,file,facebook
 file:
@ -14,3 +15,5 @@ file:
      - type: regex
        regex:
          - "(?i)(facebook|fb)(.{0,20})?(?-i)['\"][0-9a-f]{32}['\"]"
 # Enhanced by md on 2023/05/04
--- a/file/logs/python-app-sql-exceptions.yaml
+++ b/file/logs/python-app-sql-exceptions.yaml
@ -23,5 +23,3 @@ file:
          - 'IntegrityError'
          - 'ProgrammingError'
          - 'OperationalError'
 # Enhanced by mp on 2022/10/05
--- a/file/logs/suspicious-sql-error-messages.yaml
+++ b/file/logs/suspicious-sql-error-messages.yaml
@ -40,5 +40,3 @@ file:
        regex:
          - 'near \"\*\"\: syntax error'
          - 'SELECTs to the left and right of UNION do not have the same number of result columns'
 # Enhanced by mp on 2022/10/12
--- a/file/nodejs/express-lfr.yaml
+++ b/file/nodejs/express-lfr.yaml
@ -1,7 +1,7 @@
 id: express-lfr
 info:
-  name: Express LFR
+  name: Express - Local File Read
  author: me_dheeraj (https://twitter.com/Dheerajmadhukar)
  severity: info
  description: Untrusted user input in express render() function can result in arbitrary file read if hbs templating is used.
--- a/file/nodejs/generic-path-traversal.yaml
+++ b/file/nodejs/generic-path-traversal.yaml
@ -1,7 +1,7 @@
 id: generic-path-traversal
 info:
-  name: Generic Path Traversal
+  name: Generic - Path Traversal
  author: me_dheeraj (https://twitter.com/Dheerajmadhukar)
  severity: info
  description: Untrusted user input in readFile()/readFileSync() can endup in Directory Traversal Attacks.
--- a/file/nodejs/tar-path-overwrite.yaml
+++ b/file/nodejs/tar-path-overwrite.yaml
@ -1,7 +1,7 @@
-id: tar-path-overwrite
+id: tar-extraction
 info:
-  name: Tar Path Overwrite
+  name: Path Injection Vulnerability in TAR Extraction
  author: me_dheeraj (https://twitter.com/Dheerajmadhukar)
  severity: info
  description: Insecure TAR archive extraction can result in arbitrary path over write and can result in code injection.
--- a/file/webshell/asp-webshell.yaml
+++ b/file/webshell/asp-webshell.yaml
@ -0,0 +1,33 @@
 id: asp-webshell
 info:
  name: ASP/ASP.NET Webshell - Detect
  author: lu4nx
  severity: high
  reference:
    - https://github.com/tennc/webshell/tree/master/aspx
    - https://github.com/tennc/webshell/tree/master/asp
    - https://www.rapid7.com/blog/post/2016/12/14/webshells-101/
  metadata:
    verified: true
  tags: asp,aspx,file,webshell
 file:
  - extensions:
      - asp
      - asa
      - aspx
      - ashx
      - asmx
      - asax
    extractors:
      - type: regex
        regex:
          - '(?i)(eval)'
          - '(?i)(eval|execute)\('
          - '(?i)wscript.shell'
          - '(?i)ExecuteStatement'
          - '(?i)cmd.exe'
          - '(?i)mmshell'
          - '(?i)GetCmd'
--- a/file/webshell/jsp-webshell.yaml
+++ b/file/webshell/jsp-webshell.yaml
@ -0,0 +1,28 @@
 id: jsp-webshell
 info:
  name: JSP Webshell - Detect
  author: lu4nx
  severity: high
  reference:
    - https://github.com/tennc/webshell/tree/master/jsp
    - https://github.com/tennc/webshell/tree/master/jspx
    - https://www.rapid7.com/blog/post/2016/12/14/webshells-101/
  metadata:
    verified: true
  tags: jsp,java,jspx,webshell,file
 file:
  - extensions:
      - jsp
      - java
      - jspx
    extractors:
      - type: regex
        regex:
          - '(?i)(ClassLoader|exec|eval|ProcessBuilder|getInputStream|loadClass|defineClass|URLClassLoader)\('
          - '(?i)cmd.exe'
          - '(?i)/bin/sh'
          - '(?i)/bin/bash'
          - '(?i)exeCmd'
--- a/file/webshell/php-webshell.yaml
+++ b/file/webshell/php-webshell.yaml
@ -0,0 +1,33 @@
 id: php-webshell
 info:
  name: PHP Webshell - Detect
  author: lu4nx
  severity: high
  reference:
    - https://github.com/tennc/webshell/tree/master/php
    - https://www.rapid7.com/blog/post/2016/12/14/webshells-101/
  metadata:
    verified: true
  tags: php,file,webshell
 file:
  - extensions:
      - php
    extractors:
      - type: regex
        regex:
          - '(?i)\b(passthru|eval|exec|system|phpinfo|assert|call_user_func|call_user_func_array)\('
          - '(?i)cmd.exe'
          - '(?i)/bin/sh'
          - '(?i)/bin/bash'
          - '(?i)WScript.Shell'
          - '(?i)gzuncompress\(base64_decode\('
          - '\]\(\$_(GET|POST|COOKIE|REQUEST)\['
          - '(?i)new\s*(ReflectionFunction|ReflectionClass)'
          - '(?i)0x647261646e617473'
          - '65786563' # exec
          - '(?i)\$\w+\(\$_(GET|POST|COOKIE|REQUEST)'
          - '(?i)b4tm4n'
          - '(?i)cmdshell'
--- a/file/xss/dom-xss.yaml
+++ b/file/xss/dom-xss.yaml
@ -18,6 +18,7 @@ file:
      - js
      - ts
      - html
      - htm
      - php
      - cs
      - rb
@ -49,5 +50,3 @@ file:
          - 'location(\.href|\.hash|\.search|\.pathname)?'
          - 'window\.name'
          - 'document(\.URL|\.referrer|\.documentURI|\.baseURI|\.cookie)'
 # Enhanced by mp on 2022/09/14
--- a/headless/headless-open-redirect.yaml
+++ b/headless/headless-open-redirect.yaml
@ -122,5 +122,3 @@ headless:
          - "evil.com"
          - "Evil.Com - We get it...Daily."
        condition: and
 # Enhanced by cs on 2023/03/10
--- a/headless/window-name-domxss.yaml
+++ b/headless/window-name-domxss.yaml
@ -92,5 +92,3 @@ headless:
        part: alerts
        kval:
          - alerts
 # Enhanced by mp on 2022/09/14
--- a/Show More
+++ b/Show More
`@ -1 +1,2 @@`
	`6a8d52a6e0f4ae54ace3ababe34a2385`	`62da879e5a5e489841b61d1e2b15bc19`