TemplateMan Update [Wed Nov 1 14:47:00 UTC 2023] 🤖

2023-11-01 14:47:00 +00:00 · 2023-11-01 14:47:00 +00:00 · 8a122f7398
parent 0024516528
commit 8a122f7398
7 changed files with 18 additions and 11 deletions
--- a/http/cves/2010/CVE-2010-1531.yaml
+++ b/http/cves/2010/CVE-2010-1531.yaml
@ -18,7 +18,7 @@ info:
    cve-id: CVE-2010-1531
    cwe-id: CWE-22
    epss-score: 0.01815
-    epss-percentile: 0.86835
+    epss-percentile: 0.8684
    cpe: cpe:2.3:a:redcomponent:com_redshop:1.0:*:*:*:*:*:*:*
  metadata:
    max-request: 1
@ -40,4 +40,5 @@ http:
      - type: status
        status:
          - 200
-# digest: 4b0a00483046022100958720d070a646f5571e1f6bce8828e810958950768b3f7569c7275d9e2226eb0221008fedf75486c48b0e0ec1270d083fec25adb3594b44b8de29818adcafb8e1a8fc:922c64590222798bb761d5b6d8e72950
+
+# digest: 4b0a00483046022100958720d070a646f5571e1f6bce8828e810958950768b3f7569c7275d9e2226eb0221008fedf75486c48b0e0ec1270d083fec25adb3594b44b8de29818adcafb8e1a8fc:922c64590222798bb761d5b6d8e72950
--- a/http/cves/2017/CVE-2017-18564.yaml
+++ b/http/cves/2017/CVE-2017-18564.yaml
@ -17,7 +17,7 @@ info:
    cve-id: CVE-2017-18564
    cwe-id: CWE-79
    epss-score: 0.00088
-    epss-percentile: 0.36966
+    epss-percentile: 0.36978
    cpe: cpe:2.3:a:bestwebsoft:sender:*:*:*:*:*:wordpress:*:*
  metadata:
    verified: true
@ -52,4 +52,5 @@ http:
          - 'contains(body_2, "></script><script>alert(document.domain)</script>\">All</a></li>")'
          - 'contains(body_3, "Sender by BestWebSoft")'
        condition: and
-# digest: 490a00463044022033a0f0aa1cd8613485df98f4c142f4d4e7d526d7e1db050338a278b90143cb5202203ac891086e3ee64fea49576edfd24b19428f3ee8a1fc75e3556f2bd5ebc01c6d:922c64590222798bb761d5b6d8e72950
+
+# digest: 490a00463044022033a0f0aa1cd8613485df98f4c142f4d4e7d526d7e1db050338a278b90143cb5202203ac891086e3ee64fea49576edfd24b19428f3ee8a1fc75e3556f2bd5ebc01c6d:922c64590222798bb761d5b6d8e72950
--- a/http/cves/2019/CVE-2019-2579.yaml
+++ b/http/cves/2019/CVE-2019-2579.yaml
@ -17,7 +17,7 @@ info:
    cvss-score: 4.3
    cve-id: CVE-2019-2579
    epss-score: 0.00493
-    epss-percentile: 0.73517
+    epss-percentile: 0.73528
    cpe: cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*
  metadata:
    max-request: 2
@ -59,4 +59,5 @@ http:
          - "NAME='_authkey_' VALUE='([0-9A-Z]+)'>"
        internal: true
        part: body
-# digest: 4a0a004730450221009e486d58016937bf08d0d0d82c6c04e30e847ecc2f8ecddf111e51f059928a65022046c51dca726468019571decc7b0bca2230c5a7932daf8cde971d018d41c8bced:922c64590222798bb761d5b6d8e72950
+
+# digest: 4a0a004730450221009e486d58016937bf08d0d0d82c6c04e30e847ecc2f8ecddf111e51f059928a65022046c51dca726468019571decc7b0bca2230c5a7932daf8cde971d018d41c8bced:922c64590222798bb761d5b6d8e72950
--- a/http/cves/2020/CVE-2020-24571.yaml
+++ b/http/cves/2020/CVE-2020-24571.yaml
@ -16,7 +16,7 @@ info:
    cve-id: CVE-2020-24571
    cwe-id: CWE-22
    epss-score: 0.02513
-    epss-percentile: 0.8895
+    epss-percentile: 0.88954
    cpe: cpe:2.3:a:nexusdb:nexusdb:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
@ -39,4 +39,5 @@ http:
      - type: status
        status:
          - 200
-# digest: 490a0046304402203026e532f99b1d4c52480be6c72e1996ec151106c410dce07607b4b870ca0ba502205b1e78156975adee7f075f44e78e574e6a5a91017c9ef789e41e7a4f778e7a27:922c64590222798bb761d5b6d8e72950
+
+# digest: 490a0046304402203026e532f99b1d4c52480be6c72e1996ec151106c410dce07607b4b870ca0ba502205b1e78156975adee7f075f44e78e574e6a5a91017c9ef789e41e7a4f778e7a27:922c64590222798bb761d5b6d8e72950
--- a/http/cves/2021/CVE-2021-43798.yaml
+++ b/http/cves/2021/CVE-2021-43798.yaml
@ -54,4 +54,5 @@ http:
      - type: status
        status:
          - 200
-# digest: 4a0a0047304502210093dc33bb96dcda9ce138df9afef6416272dfcb5a5999a6336822a2ea9efc877d0220189bda66cbe00ce72a330c52ade44e12c7767658440779b4542e1a268496403d:922c64590222798bb761d5b6d8e72950
+
+# digest: 4a0a0047304502210093dc33bb96dcda9ce138df9afef6416272dfcb5a5999a6336822a2ea9efc877d0220189bda66cbe00ce72a330c52ade44e12c7767658440779b4542e1a268496403d:922c64590222798bb761d5b6d8e72950
--- a/http/cves/2021/CVE-2021-46073.yaml
+++ b/http/cves/2021/CVE-2021-46073.yaml
@ -19,7 +19,7 @@ info:
    cve-id: CVE-2021-46073
    cwe-id: CWE-79
    epss-score: 0.00084
-    epss-percentile: 0.35057
+    epss-percentile: 0.35066
    cpe: cpe:2.3:a:vehicle_service_management_system_project:vehicle_service_management_system:*:*:*:*:*:*:*:*
  metadata:
    verified: true
@ -59,4 +59,5 @@ http:
          - "status_code_3 == 200"
          - 'contains(body_3, "<script>alert(document.domain)</script> Test</td>")'
        condition: and
-# digest: 4b0a00483046022100d52756d6a067897c83a2636841480c882ed7a312c41f7e314ca023dcda2636a1022100ac8684db4e3bf9f4908efacef890864a3f703a83024c19eb860c0f4b6b44f36e:922c64590222798bb761d5b6d8e72950
+
+# digest: 4b0a00483046022100d52756d6a067897c83a2636841480c882ed7a312c41f7e314ca023dcda2636a1022100ac8684db4e3bf9f4908efacef890864a3f703a83024c19eb860c0f4b6b44f36e:922c64590222798bb761d5b6d8e72950
--- a/http/misconfiguration/installer/webcalendar-install.yaml
+++ b/http/misconfiguration/installer/webcalendar-install.yaml
@ -6,6 +6,7 @@ info:
  severity: high
  metadata:
    verified: true
+    max-request: 1
    shodan-query: title:"WebCalendar Setup Wizard"
    fofa-query: title="WebCalendar Setup Wizard"
  tags: misconfig,webcalendar,install