commit
91b0922322
|
@ -12,7 +12,7 @@ info:
|
|||
classification:
|
||||
cve-id: CVE-2021-37305
|
||||
metadata:
|
||||
max-req: 1
|
||||
max-request: 1
|
||||
verified: "true"
|
||||
shodan-query: title:"Jeecg-Boot"
|
||||
fofa-query: title="JeecgBoot 企业级低代码平台"
|
||||
|
|
|
@ -12,7 +12,7 @@ info:
|
|||
reference:
|
||||
- https://eclipse.github.io/birt-website/
|
||||
metadata:
|
||||
max-req: 2
|
||||
max-request: 2
|
||||
verified: "true"
|
||||
shodan-query: title:"Eclipse BIRT Home"
|
||||
google-query: intitle:"Eclipse BIRT Home"
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
reference:
|
||||
- https://www.jedox.com
|
||||
metadata:
|
||||
max-req: 2
|
||||
max-request: 2
|
||||
verified: "true"
|
||||
shodan-query: title:"Jedox Web - Login"
|
||||
google-query: intitle:"Jedox Web Login"
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: |
|
||||
Repetier Server login panel detected.
|
||||
metadata:
|
||||
max-req: 1
|
||||
max-request: 1
|
||||
verified: "true"
|
||||
shodan-query: title:"Repetier-Server"
|
||||
tags: panel,repetier,detect
|
||||
|
|
|
@ -5,7 +5,7 @@ info:
|
|||
author: ritikchaddha
|
||||
severity: info
|
||||
metadata:
|
||||
max-req: 1
|
||||
max-request: 1
|
||||
verified: "true"
|
||||
shodan-query: title:"Jeecg-Boot"
|
||||
fofa-query: title="JeecgBoot 企业级低代码平台"
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: |
|
||||
A misconfig in Teslamate allows unauthorized access to /settings endpoint.
|
||||
metadata:
|
||||
max-req: 1
|
||||
max-request: 1
|
||||
verified: "true"
|
||||
shodan-query: http.favicon.hash:-1478287554
|
||||
fofa-query: title="teslamate"
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: |
|
||||
AVTECH Video Surveillance Products password disclosure through /cgi-bin/user/Config.cgi.
|
||||
metadata:
|
||||
max-req: 2
|
||||
max-request: 2
|
||||
verified: "true"
|
||||
shodan-query: title:"login" product:"Avtech"
|
||||
fofa-query: app="AVTECH-视频监控"
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: |
|
||||
AVTECH DVR device, Search.cgi can be accessed directly. Search.cgi is responsible for searching and accessing cameras in the local network. Search.cgi provides the cgi_query function.
|
||||
metadata:
|
||||
max-req: 1
|
||||
max-request: 1
|
||||
verified: "true"
|
||||
shodan-query: title:"login" product:"Avtech"
|
||||
fofa-query: app="AVTECH-视频监控"
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: |
|
||||
AVTECH video surveillance products unauthenticated file download from web root through /cgi-bin/cgibox, Since the .cab string is verified by the strstr method, the file download can be realized by adding ?.cab at the end of the file name.
|
||||
metadata:
|
||||
max-req: 2
|
||||
max-request: 2
|
||||
verified: "true"
|
||||
shodan-query: title:"login" product:"Avtech"
|
||||
fofa-query: app="AVTECH-视频监控"
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: |
|
||||
AVTECH DVR products are vulnerable to verification code bypass just by entering the "login=quick" parameter to bypass verification code.
|
||||
metadata:
|
||||
max-req: 1
|
||||
max-request: 1
|
||||
verified: "true"
|
||||
shodan-query: title:"login" product:"Avtech"
|
||||
fofa-query: app="AVTECH-视频监控"
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: |
|
||||
Fanwei E-Office mysql_config.ini file can be directly accessed, leaking database account password and other information.
|
||||
metadata:
|
||||
max-req: 1
|
||||
max-request: 1
|
||||
verified: "true"
|
||||
fofa-query: app="泛微-EOffice"
|
||||
tags: fanwei,ecology,exposure,config
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
reference:
|
||||
- https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py
|
||||
metadata:
|
||||
max-req: 1
|
||||
max-request: 1
|
||||
verified: "true"
|
||||
tags: cve,cve2016,weblogic,t3,rce,oast,deserialization
|
||||
|
||||
|
|
Loading…
Reference in New Issue