Add remediation information to CVE-2021-40539 and CVE-2021-44427 (#3237)

* Added remediation to CVE-2021-40539

* Added remediation to CVE-2021-44427

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>

cves/2021/CVE-2021-40539.yaml

@@ -4,7 +4,8 @@ info:
   name: ManageEngine ADSelfService Plus version 6113 Unauthenticated RCE
   author: daffainfo,pdteam
   severity: critical
-  description: ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.
+  description: ManageEngine ADSelfService Plus version 6113 and prior are vulnerable to a REST API authentication bypass which leads to remote code execution.
+  remediation: Upgrade to ADSelfService Plus build 6114.
   reference:
     - https://attackerkb.com/topics/DMSNq5zgcW/cve-2021-40539/rapid7-analysis
     - https://www.synacktiv.com/publications/how-to-exploit-cve-2021-40539-on-manageengine-adselfservice-plus.html

cves/2021/CVE-2021-44427.yaml

@@ -4,7 +4,8 @@ info:
   name: Rosario Student Information System Unauthenticated SQL Injection
   author: furkansayim,xShuden
   severity: critical
-  description: An unauthenticated SQL Injection vulnerability in Rosario Student Information System (aka rosariosis) before 8.1.1 allows remote attackers to execute PostgreSQL statements (e.g., SELECT, INSERT, UPDATE, and DELETE) through /Side.php via the syear parameter.
+  description: An unauthenticated SQL Injection vulnerability in Rosario Student Information System (aka rosariosis) 8.1 and below allow remote attackers to execute PostgreSQL statements (e.g., SELECT, INSERT, UPDATE, and DELETE) through /Side.php via the syear parameter.
+  remediation: Upgrade to version 8.1.1 or higher.
   reference:
     - https://gitlab.com/francoisjacquet/rosariosis/-/issues/328
     - https://twitter.com/RemotelyAlerts/status/1465697928178122775