Merge pull request #7341 from ritikchaddha/update-metadata

Update metadata
patch-10
Ritik Chaddha 2023-06-01 23:22:42 +05:30 committed by GitHub
commit 91b0922322
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 12 additions and 12 deletions

View File

@ -12,7 +12,7 @@ info:
classification:
cve-id: CVE-2021-37305
metadata:
max-req: 1
max-request: 1
verified: "true"
shodan-query: title:"Jeecg-Boot"
fofa-query: title="JeecgBoot 企业级低代码平台"

View File

@ -12,7 +12,7 @@ info:
reference:
- https://eclipse.github.io/birt-website/
metadata:
max-req: 2
max-request: 2
verified: "true"
shodan-query: title:"Eclipse BIRT Home"
google-query: intitle:"Eclipse BIRT Home"

View File

@ -9,7 +9,7 @@ info:
reference:
- https://www.jedox.com
metadata:
max-req: 2
max-request: 2
verified: "true"
shodan-query: title:"Jedox Web - Login"
google-query: intitle:"Jedox Web Login"

View File

@ -7,7 +7,7 @@ info:
description: |
Repetier Server login panel detected.
metadata:
max-req: 1
max-request: 1
verified: "true"
shodan-query: title:"Repetier-Server"
tags: panel,repetier,detect

View File

@ -5,7 +5,7 @@ info:
author: ritikchaddha
severity: info
metadata:
max-req: 1
max-request: 1
verified: "true"
shodan-query: title:"Jeecg-Boot"
fofa-query: title="JeecgBoot 企业级低代码平台"

View File

@ -7,7 +7,7 @@ info:
description: |
A misconfig in Teslamate allows unauthorized access to /settings endpoint.
metadata:
max-req: 1
max-request: 1
verified: "true"
shodan-query: http.favicon.hash:-1478287554
fofa-query: title="teslamate"

View File

@ -7,7 +7,7 @@ info:
description: |
AVTECH Video Surveillance Products password disclosure through /cgi-bin/user/Config.cgi.
metadata:
max-req: 2
max-request: 2
verified: "true"
shodan-query: title:"login" product:"Avtech"
fofa-query: app="AVTECH-视频监控"

View File

@ -7,7 +7,7 @@ info:
description: |
AVTECH DVR device, Search.cgi can be accessed directly. Search.cgi is responsible for searching and accessing cameras in the local network. Search.cgi provides the cgi_query function.
metadata:
max-req: 1
max-request: 1
verified: "true"
shodan-query: title:"login" product:"Avtech"
fofa-query: app="AVTECH-视频监控"

View File

@ -7,7 +7,7 @@ info:
description: |
AVTECH video surveillance products unauthenticated file download from web root through /cgi-bin/cgibox, Since the .cab string is verified by the strstr method, the file download can be realized by adding ?.cab at the end of the file name.
metadata:
max-req: 2
max-request: 2
verified: "true"
shodan-query: title:"login" product:"Avtech"
fofa-query: app="AVTECH-视频监控"

View File

@ -7,7 +7,7 @@ info:
description: |
AVTECH DVR products are vulnerable to verification code bypass just by entering the "login=quick" parameter to bypass verification code.
metadata:
max-req: 1
max-request: 1
verified: "true"
shodan-query: title:"login" product:"Avtech"
fofa-query: app="AVTECH-视频监控"

View File

@ -7,7 +7,7 @@ info:
description: |
Fanwei E-Office mysql_config.ini file can be directly accessed, leaking database account password and other information.
metadata:
max-req: 1
max-request: 1
verified: "true"
fofa-query: app="泛微-EOffice"
tags: fanwei,ecology,exposure,config

View File

@ -9,7 +9,7 @@ info:
reference:
- https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py
metadata:
max-req: 1
max-request: 1
verified: "true"
tags: cve,cve2016,weblogic,t3,rce,oast,deserialization